vortexillusionrugs.com Open in urlscan Pro
45.55.121.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.iceurmotor.com/9cb5U2u395Gr86R10X59c3y9cbr24DxbrDxc4anKKnfs4xhssgEFI7YQWoQo97eg10_uX6c0lsJv/implementing-wallet
Effective URL:
https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Submission: On October 02 via api (October 2nd 2021, 11:32:23 pm UTC) from BE — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 66 HTTP transactions. The main IP is 45.55.121.131, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is vortexillusionrugs.com.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time vortexillusionrugs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.82.47 104.21.82.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	34.102.156.27 34.102.156.27	15169 (GOOGLE) (GOOGLE)
1	45.55.121.131 45.55.121.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.16.123.175 104.16.123.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
9	104.26.0.43 104.26.0.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.12 151.101.193.12	54113 (FASTLY) (FASTLY)
1	52.218.197.72 52.218.197.72	16509 (AMAZON-02) (AMAZON-02)
3	104.18.9.127 104.18.9.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	45.58.39.118 45.58.39.118	6364 (ATLANTIC-...) (ATLANTIC-NET-1)
2	172.67.217.220 172.67.217.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	23.45.236.99 23.45.236.99	16625 (AKAMAI-AS) (AKAMAI-AS)
4	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
6	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	216.27.63.9 216.27.63.9	7349 (AS-TIERP-...) (AS-TIERP-7349)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
66	23

1 104.21.82.47 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.iceurmotor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.156.27 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 27.156.102.34.bc.googleusercontent.com

www.elanstudionola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tb42trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.121.131 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

vortexillusionrugs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.26.0.43 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.productlistgenie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
productlistgenie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.12 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.197.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.9.127 (None, )

ASN13335 (CLOUDFLARENET, US)

js.authorize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.58.39.118 (United States)

ASN6364 (ATLANTIC-NET-1, US)

www.durablegoodsaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.217.220 (United States)

ASN13335 (CLOUDFLARENET, US)

stats.productlistgenie.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.236.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-236-99.deploy.static.akamaitechnologies.com

snip.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.27.63.9 (Raleigh, United States)

ASN7349 (AS-TIERP-7349, US)
PTR: lb-vip-216-27-63-9.bronto.com

maw.bronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	paypal.com 1 redirects www.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com c6.paypal.com t.paypal.com	337 KB
9	productlistgenie.com cdn.productlistgenie.com productlistgenie.com	875 KB
5	bronto.com snip.bronto.com maw.bronto.com	65 KB
4	gstatic.com fonts.gstatic.com	78 KB
3	paypalobjects.com www.paypalobjects.com	33 KB
3	authorize.net js.authorize.net	9 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	productlistgenie.io stats.productlistgenie.io	14 KB
2	durablegoodsaffiliates.com www.durablegoodsaffiliates.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com	90 KB
2	tb42trk.com www.tb42trk.com	18 KB
1	google-analytics.com www.google-analytics.com	373 B
1	jquery.com code.jquery.com	30 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	74 KB
1	shopify.com cdn.shopify.com	2 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
1	unpkg.com unpkg.com	55 KB
1	vortexillusionrugs.com vortexillusionrugs.com	80 KB
1	elanstudionola.com 1 redirects www.elanstudionola.com	410 B
1	iceurmotor.com 1 redirects www.iceurmotor.com	744 B
66	20

	Domain	Requested by
14	www.paypal.com	vortexillusionrugs.com www.paypal.com www.paypalobjects.com
8	cdn.productlistgenie.com	vortexillusionrugs.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	maw.bronto.com	snip.bronto.com
4	fonts.gstatic.com	fonts.googleapis.com
3	t.paypal.com	vortexillusionrugs.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	js.authorize.net	vortexillusionrugs.com js.authorize.net
3	fonts.googleapis.com	vortexillusionrugs.com
2	stats.productlistgenie.io	vortexillusionrugs.com stats.productlistgenie.io
2	www.durablegoodsaffiliates.com	vortexillusionrugs.com
2	cdnjs.cloudflare.com	vortexillusionrugs.com cdnjs.cloudflare.com
2	www.tb42trk.com	vortexillusionrugs.com www.tb42trk.com
1	c6.paypal.com	vortexillusionrugs.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	snip.bronto.com	vortexillusionrugs.com
1	productlistgenie.com	vortexillusionrugs.com
1	www.google-analytics.com	www.googletagmanager.com
1	code.jquery.com	vortexillusionrugs.com
1	s3-us-west-2.amazonaws.com	vortexillusionrugs.com
1	cdn.shopify.com	vortexillusionrugs.com
1	www.googletagmanager.com	vortexillusionrugs.com
1	unpkg.com	vortexillusionrugs.com
1	vortexillusionrugs.com
1	www.elanstudionola.com	1 redirects
1	www.iceurmotor.com	1 redirects
66	27

This site contains no links.

Subject Issuer	Validity	Valid
vortexillusionrugs.com R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tb42trk.com Go Daddy Secure Certificate Authority - G2	`2021-04-19` - `2022-02-26`	10 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
js.authorize.net Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-08` - `2022-01-11`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
durablegoodsaffiliates.com R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
bronto.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
*.bronto.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-24` - `2022-06-24`	a year	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Frame ID: 2F12296CB2E29CA9F90582B1871922A2
Requests: 47 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: 7C77C102A79577CBA86344D307B18160
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1CF75933AD504CBF6A338C9C81EFC8C7
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: D8AA51A7710208549FBFD208B92F1E76
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS
Frame ID: CDD29A28C764888F65B9843571A1FDE0
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: B134FBE55BD232D8AF752E3D6A4E39F8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Vortex Rug

Page URL History Show full URLs

http://www.iceurmotor.com/9cb5U2u395Gr86R10X59c3y9cbr24DxbrDxc4anKKnfs4xhssgEFI7YQWoQo97eg10_uX6c0lsJv... HTTP 302
https://www.elanstudionola.com/49R9R2/5Q9RM9/ HTTP 302
https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2= Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

23
IPs

3
Countries

1814 kB
Transfer

3650 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.iceurmotor.com/9cb5U2u395Gr86R10X59c3y9cbr24DxbrDxc4anKKnfs4xhssgEFI7YQWoQo97eg10_uX6c0lsJv/implementing-wallet HTTP 302
https://www.elanstudionola.com/49R9R2/5Q9RM9/ HTTP 302
https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS

66 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vortexillusionrugs.com/
Redirect Chain

http://www.iceurmotor.com/9cb5U2u395Gr86R10X59c3y9cbr24DxbrDxc4anKKnfs4xhssgEFI7YQWoQo97eg10_uX6c0lsJv/implementing-wallet
https://www.elanstudionola.com/49R9R2/5Q9RM9/
https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

265 KB
80 KB

640ms
183ms

Document
text/html

45.55.121.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.55.121.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / Express
Resource Hash: a7256ba45808e7be7840387619ebd3339a1bbce081f2bbddbcb0271459d7a277

Request headers

:method: GET
:authority: vortexillusionrugs.com
:scheme: https
:path: /?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 02 Oct 2021 23:32:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
set-cookie: loc_iso2=US; Path=/ loc_iso3=USA; Path=/ client=216.131.114.163; Path=/
etag: W/"42264-0zceuMinW2pp0oFV0R6y9uW+Az8"
content-encoding: gzip

Redirect headers

server: nginx
date: Sat, 02 Oct 2021 23:32:15 GMT
content-type: text/html; charset=utf-8
content-length: 140
location: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
set-cookie: uniqueClick_5Q9RM9=b750c4d4-859c-4d0a-9580-b7a6bdfe8809:1633217535; Path=/; Expires=Sun, 03 Oct 2021 23:32:15 GMT; Secure; SameSite=None transaction_id=d88367ff6be14a99a980c706ac1b57fb; Path=/; Expires=Fri, 31 Dec 2021 23:32:15 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: e9d33867-27c1-44dd-8162-5bf19e9e49bb
via: 1.1 google
alt-svc: clear

GET
H2 200 libphonenumber-max.js Show response
unpkg.com/libphonenumber-js@1.7.30/bundle/ 193 KB
55 KB 37ms
20ms Script
application/javascript 104.16.123.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/libphonenumber-js@1.7.30/bundle/libphonenumber-max.js

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1715043
fly-request-id: 01FFEJ0SJ4R1WHVT7BZK2QSDHH
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3058d-yRrLdFhKJ3Ne06wdL1yftogD2vk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6981baa44d906963-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
649 B 41ms
18ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 23:14:01 GMT
server: ESF
date: Sat, 02 Oct 2021 23:32:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 23:32:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 39ms
17ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 21:39:07 GMT
server: ESF
date: Sat, 02 Oct 2021 23:32:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 23:32:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 63ms
39ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TEX0GTRGZ3

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

23999ffa4dd70be06224ef188b9a27cc7f0cd985a4c813704173c3cbb0f934a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49875
x-xss-protection: 0
expires: Sat, 02 Oct 2021 23:32:17 GMT

GET
H2 200 everflow.js Show response
www.tb42trk.com/scripts/sdk/ 57 KB
18 KB 613ms
118ms Script
text/javascript 34.102.156.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tb42trk.com/scripts/sdk/everflow.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.156.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.156.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd19b7e14711c9526d6d1723f14a8dd09efb64e62a031d003126879e2caaf5de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 7a8cedc9-ccc0-46d4-800c-5be6602d4588
alt-svc: clear

GET
H2 200 1602683117967vortex-logo-200.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 2 KB
2 KB 184ms
139ms Image
image/png 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1602683117967vortex-logo-200.png

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0f43ced07b9de8536aa81b1c2a79e21acf46a40454d8740b8411d8ed7426467a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 22:36:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW0855DimhHtXPUZEntVr6cK3vg9FkEqm%2BKDeTTb5tQDu9zTwRSHb%2BR06p2A6GsDWe8DchBnPn9%2FVbGI022tpfMpSirMJoqKdYffm6OjQkvfxbPFAlT8M7%2BuYJaMJav%2BeEzVg%2BYQ0KJZvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d79410d-PRG

GET
H2 200 1602694722473vortex-rug-cutout.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 30 KB
31 KB 154ms
123ms Image
image/png 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1602694722473vortex-rug-cutout.png

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4ae8de20284ef3e5b51f41c3fc484f7bd4f554cdedcb502da7c2e65f6a90d2ef

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 22:36:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIoqCBNPUgmyOuogwL%2BbUSpZpFrMbQYisbwTbVxzyUJkO9VCle4UXqRn%2FKA06Q7aJ9rLaRksB8h%2BUMPytOve6xwj8qOZ727rJSrUFkV7j2nNBNXxjgUuPmI7NmWXW7BcKTuMn4ic0TURUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d73410d-PRG

GET
H2 200 16026988842463d-checkered-optical-illusion-rug-sofa.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 120 KB
121 KB 157ms
126ms Image
image/jpeg 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/16026988842463d-checkered-optical-illusion-rug-sofa.jpg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3487de18ae67573dbb9527bc9f3350b317abf44c64d2d28bb5a566877beefeda

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 22:36:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3IGh%2BKGesak9o%2FZbMWvWaFMxtJry8memx85qL03ZPVFoT%2FR9VCweyhpFNEB691ywJ9Rhv7u%2FIQrRJP%2FRxy5jHFSzICO0m5%2FYL27AcDvBz%2BtCub2ZH2xUxdmjATgN6oOsmlv2T7MjW0RQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d76410d-PRG
cf-bgj: h2pri

GET
H2 200 1602699054479topdown-view.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 189 KB
189 KB 185ms
154ms Image
image/jpeg 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1602699054479topdown-view.jpg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

462eef86295570cd29a29474d1715429507409307b730ed8ee6e8cd8f719c976

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 23:11:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHXPL4Ztj336LzV7r%2Bg7lDjXtSU7cJ%2FvAAg%2FVGbxn0LLqs8E4r51%2BdgrnxxXiGPKuJpz9xNP7%2BfZ3EJoHmNaWyARcU6jXlP1QoNdewNPksL4TkXOs%2FGBCxpACKllTJaEIHTVYrepv13T2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d75410d-PRG
cf-bgj: h2pri

GET
H2 200 1602698962216vortex-rug-img-2-500.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 144 KB
144 KB 179ms
149ms Image
image/jpeg 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1602698962216vortex-rug-img-2-500.jpg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5290e6b763745d4c71f777de558aa4c607106f0a28af27bd063275d68a0660d9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 22:36:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4ZusyELePXz79SgVl%2F7CZKvy%2B8unZhnXmTqcW8k%2FgJUf0ZsoOyLGVduIrr%2FbgJSbUvTv37%2F5YcROQBURNrVgA8EuB3nXadJJV1WQZTIhuRUybEQywnA%2FXO%2F6cuIIoyok%2FHiR0M6L3VsoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d78410d-PRG
cf-bgj: h2pri

GET
H2 200 1560786344044256-256-7f4d535dc832b66d90d5c0cb72ec8690-arrow.png
cdn.productlistgenie.com/images/NWMwYTg1ZjA3NzMwMDEzMjdiMDM5MDRj/ 1013 B
1 KB 175ms
150ms Image
image/png 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMwYTg1ZjA3NzMwMDEzMjdiMDM5MDRj/1560786344044256-256-7f4d535dc832b66d90d5c0cb72ec8690-arrow.png

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

77614d58b4a252de937a2d38c370b50cc6a46a418ce47830fb7e0d1090ad50c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 21:36:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfWIVnV5zH6WwLcAakOVfdkNZRBuU0dj6DtHktiAX7WnskSzibg551gsB81Ywi66IE8Nx5cTFcFqkc0xqMERJZVQRfM6crKqRDhTKmb5YFZBejDKSPEaUQN1ph2lzEr7rA8GVXcVW8L12Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa86d7a410d-PRG

GET
H2 200 1602686701148vortex-rug-white-back.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 27 KB
27 KB 137ms
136ms Image
image/jpeg 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1602686701148vortex-rug-white-back.jpg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4eef18e00023d694fa46cd861d60633d2b387ec3c8deba62c6fc4fb81f3976f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 21:45:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skkSfrCmSXQKTLBzHlXgVzqGCkpGAY1esDS7r4eAu1VdFMg0fffer2k4ei9BS0MSugr55xkg1caQCxUJGuPnnrWXwf%2BXe%2BkQz0WdfNj2%2Bx3HibobHGQZ%2FQcabRYp0dRkyKAc8leqSVwc2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa88d81410d-PRG
cf-bgj: h2pri

GET
H2 200 us-1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5.svg
cdn.shopify.com/s/assets/flags/ 6 KB
2 KB 26ms
6ms Image
image/svg+xml 151.101.193.12
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/assets/flags/us-1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5.svg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.12 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4078-HHN /

Resource Hash

1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 807
x-xss-protection: 1; mode=block
x-request-id: f33e21bf54e4eec7ad789e8e1a522d7224f3c98344c3f77cc4870bf1260a06b0
x-served-by: cache-lga21943-LGA, cache-hhn4078-HHN
last-modified: Thu, 11 Jun 2020 17:26:48 GMT
server: cache-hhn4078-HHN
x-timer: S1633217537.350957,VS0,VE1
date: Sat, 02 Oct 2021 23:32:17 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 02 Sep 2022 06:26:03 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/flags/us-1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5.svg>; rel="canonical"
x-cache-hits: 2, 1

GET
H/1.1 200
OK card.js Show response
s3-us-west-2.amazonaws.com/s.cdpn.io/121761/ 74 KB
74 KB 714ms
190ms Script
application/x-javascript 52.218.197.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/s.cdpn.io/121761/card.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.197.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1ba2a256f06266b31350f28880cdd0bc751dd44b4bb8263af21e9b58734cdd46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 23:32:18 GMT
Last-Modified: Thu, 29 Oct 2015 08:05:34 GMT
Server: AmazonS3
x-amz-request-id: B094XMCJBVJQBYMZ
ETag: "399b7688cd8b04df3b6092fb8b79f65e"
x-amz-version-id: null
Cache-Control: public
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 75663
x-amz-id-2: QQu+Iyi3UUMZP4LMQEY3nUkxrqac+BmBQCoa4wi0ZUkwWbrjux810CEyKnuDx0B8CAymGmKG/CQ=

GET
H2 200 Accept.js Show response
js.authorize.net/v1/ 4 KB
2 KB 67ms
30ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/Accept.js

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2019 01:03:34 GMT
server: cloudflare
age: 1179
etag: W/"57316211cf69d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6981baa8583b97a8-FRA
expires: Thu, 07 Oct 2021 23:32:17 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 301 KB
92 KB 798ms
737ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc56d4cb4c7c93545d45a8a1ce4159a11752d96ca15c744afde1ab79c923cc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 453
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
p3p: true
paypal-debug-id: a9d800e3b2145
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 92529
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sat, 02 Oct 2021 23:32:18 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"16971-taVSHvPJ36c8CV6MyIG9V55bKQk"
expires: Sun, 03 Oct 2021 00:32:17 GMT

GET
H2 200 1598375617539tob_shipping_checkout_banner_1.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 265 KB
265 KB 138ms
137ms Image
image/jpeg 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1598375617539tob_shipping_checkout_banner_1.jpg

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8364a31e0fb0aa770e9ab519ec82f665b4630226bbd71a40dddded5649481803

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Oct 2021 21:16:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD7QP2hys%2BccpBGUzbnsgRY1NgenEnu14vT9MnHzj5uYcOp2TPFaEinhEbztHNNn7VPNjcojgWMk%2FDKpErHWgxS7f2GWVD%2FiSEqDpbsUMf06VKcDb7aoKOM4l9ffcHrx1bq56Cg%2Bs6uV6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray: 6981baa88d82410d-PRG

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 30ms
12ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vortexillusionrugs.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 887427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEoXpJhNZkLS1W2g4SNLRRUTa9DoNnLjGeECt9C7Y%2FUFfX%2F5mnwMXxM8WGPjX%2FinhLhyBnTp9NQBTTJJGhs8ROGLsk89RtYzVAiwvRWpMbk1sAMHfgAB7qGdXtOtipp0RvE6TQ9z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6981baa83f120609-FRA
expires: Thu, 22 Sep 2022 23:32:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
877 B 19ms
16ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Requested by

Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

e3418cb4954cf2b3fa89ce6b2add0509b0cefe4d474e459539207522ba4908dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 22:08:55 GMT
server: ESF
date: Sat, 02 Oct 2021 23:32:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 23:32:17 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 35ms
10ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://vortexillusionrugs.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1633217537.dop245.fr8.t,1633217537.cds204.fr8.hn,1633217537.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 form_prepopulation.js Show response
www.durablegoodsaffiliates.com/scripts/tracking/ 1 KB
567 B 459ms
86ms Script
application/javascript 45.58.39.118
ATLANTIC-NET-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durablegoodsaffiliates.com/scripts/tracking/form_prepopulation.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.58.39.118 , United States, ASN6364 (ATLANTIC-NET-1, US),
Reverse DNS
Software: /
Resource Hash: a5743a8460165196758925abe89b69960845e512623502200c883b80ebba6204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
cache-control: max-age=86400
content-type: application/javascript
last-modified: Thu, 28 Jan 2021 15:47:09 GMT
content-encoding: gzip
vary: Accept-Encoding
expires: Sun, 03 Oct 2021 23:32:17 GMT

GET
H2 200 conversion_tracking.js Show response
www.durablegoodsaffiliates.com/scripts/tracking/ 3 KB
1 KB 460ms
87ms Script
application/javascript 45.58.39.118
ATLANTIC-NET-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durablegoodsaffiliates.com/scripts/tracking/conversion_tracking.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.58.39.118 , United States, ASN6364 (ATLANTIC-NET-1, US),
Reverse DNS
Software: /
Resource Hash: cf259e4c63a23348ab98962aeef391a318a9161a33cae3db7fb98dd24e96108b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
cache-control: max-age=86400
content-type: application/javascript
last-modified: Mon, 22 Feb 2021 15:02:55 GMT
content-encoding: gzip
vary: Accept-Encoding
expires: Sun, 03 Oct 2021 23:32:17 GMT

GET
H2 200 plg.min.js Show response
stats.productlistgenie.io/ 36 KB
13 KB 204ms
133ms Script
application/javascript 172.67.217.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.productlistgenie.io/plg.min.js?123
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 17:54:05 GMT
server: cloudflare
etag: W/"8efb-17befbe8433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9fIOhh0McPy6JG%2F6qFsV1pEVq4HMK%2BiS1BdIB5%2B2fKZ1ISwerrdLQeLBUaBhkYeAMuray%2FKRxuaAkckIuMqMaR%2Fv7cNfXBW3%2BvvvNpNanv5k0WxMq8Pw5XnuCbghHqtXzXcIFUZ8FU2K7ej"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6981baa89fd04137-PRG

POST
H2 204 collect
www.google-analytics.com/g/ 0
373 B 36ms
14ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TEX0GTRGZ3&gtm=2oe9r0&_p=597975220&sr=1600x1200&ul=en-us&cid=1084627747.1633217537&_s=1&dl=https%3A%2F%2Fvortexillusionrugs.com%2F%3F__ef_tid%3Dd88367ff6be14a99a980c706ac1b57fb%26oid%3D96%26affid%3D73%26sub1%3D%26sub2%3D&dt=The%20Vortex%20Rug&sid=1633217537&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TEX0GTRGZ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vortexillusionrugs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 23:32:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vortexillusionrugs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 click Show response
www.tb42trk.com/sdk/ 86 B
439 B 129ms
129ms Fetch
application/json 34.102.156.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tb42trk.com/sdk/click?effp=7d1d884980fef4efed2ca3eb8edec3c0&_ef_transaction_id=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&__cc=&async=json&sub1=&sub2=
Requested by: Host: www.tb42trk.com
URL: https://www.tb42trk.com/scripts/sdk/everflow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.156.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.156.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d624dafd953a228001368738554c6b2fb62ab5d8ae53873e2dd6af8bd3843041

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vortexillusionrugs.com
access-control-allow-credentials: true
x-eflow-request-id: 75c0a114-e0b6-45b1-8263-253671d5d3e7
alt-svc: clear
content-length: 86

GET
H2 200 AcceptCore.js Show response
js.authorize.net/v1/ 9 KB
3 KB 31ms
30ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/AcceptCore.js

Requested by

Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
age: 835
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6981baab089f97a8-FRA
expires: Thu, 07 Oct 2021 23:32:17 GMT

GET
H2 200 AcceptCore.js Show response
js.authorize.net/v1/ 9 KB
3 KB 702ms
686ms XHR
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/AcceptCore.js

Requested by

Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6981baab2d895b68-FRA
expires: Thu, 07 Oct 2021 23:32:18 GMT

GET
H2 200 us.plg.js Show response
productlistgenie.com/funnel-genie/js/ 475 KB
94 KB 157ms
149ms Script
application/javascript 104.26.0.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://productlistgenie.com/funnel-genie/js/us.plg.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd87403ea50ba8fa66ed8cd9fb8eab6538ca1d3bc5f05dac6e713ce93922a939

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-connecting-ip: 124.106.180.39
last-modified: Mon, 01 Mar 2021 01:09:33 GMT
server: cloudflare
cache-control: public, max-age=16070400
etag: W/"76c36-177eb5550d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoWK65a2xqtwwwi5pyeyveLYlbKJQer5FqayoVdlvQ9iuKANI3juukNmvnBmNkK%2B6jTm110LRGHZtFSeWLzLjdW1w3hucxrpN8oPG3Z5TeaRj4qYTnv8Xy9kr56MQLHDhl%2BgozBZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cf-ipcountry: 124.106.180.39
cf-ray: 6981baab2e45410d-PRG
cf-bgj: minify

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f71f400793707eed1f89d59e5f939fadc908e857fcdb897732bf999c503bd1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
7 KB 823ms
823ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=vortexillusionrugs.com&t=xo&v=5.0.262&source=payments_sdk&client_id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4a30524059a8ef7674328583b49353aae0cca57b8bb413aaef9240bfb0ab69c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-G/RMxOCaAugwhWjc1t+HqSuQV+mz34inB4dBfnTjUfH3hUUN' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 807
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-G/RMxOCaAugwhWjc1t+HqSuQV+mz34inB4dBfnTjUfH3hUUN' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: a3722100bceec
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4740
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sat, 02 Oct 2021 23:32:18 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"34e6-qzTxshBHZ61volrLIsps/amWw6A"

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 7C77 286 KB
92 KB 330ms
330ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

3907e75e38620852fdd99a884ed5800f895ce96e898fcda40a8f6a30270d9f4a

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vortexillusionrugs.com/
accept-encoding: gzip, deflate, br
cookie: tsrce=clientsdknodeweb; l7_az=dcg15.slc; ts=vreXpYrS%3D1727911937%26vteXpYrS%3D1633219337%26vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b%26vtyp%3Dnew; ts_c=vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b; akavpau_ppsd=1633218138~id=776923f04544ec7d0f0a974f3df4d032
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"477e1-ASOxUYKWaiF6sVu5h+FfThmlyLQ"
p3p: true
paypal-debug-id: add20f71b9d99
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 145
x-edgeconnect-origin-mex-latency: 105
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 02 Oct 2021 23:32:18 GMT
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 05 Oct 2021 23:32:18 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Sun, 03 Oct 2021 00:02:18 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1727911938%26vteXpYrS%3D1633219338%26vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 01 Oct 2024 23:32:18 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b; Path=/; Domain=paypal.com; Expires=Tue, 01 Oct 2024 23:32:18 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1633218138~id=776923f04544ec7d0f0a974f3df4d032; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame 1CF7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1CF7 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bundle.js Show response
snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/assets/ 162 KB
65 KB 294ms
251ms Script
application/javascript 23.45.236.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/assets/bundle.js
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.236.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-236-99.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9cdc4c04d679619973920fa6d6585576d00e1f7639dd49ba1fbe676ce24f289

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 21
date: Sat, 02 Oct 2021 23:32:18 GMT
content-encoding: gzip
x-trace: e167ec66-f06b-4ee2-a65d-cf4a7065018f
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, s-maxage=900
content-length: 66096

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 29ms
7ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 489699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 07:30:39 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 35ms
13ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 01:25:05 GMT
x-content-type-options: nosniff
age: 338833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 01:25:05 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_aZA3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 38ms
16ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_aZA3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

4c316d8c903540b9368aec67a0ced1cee04e64e34a7aadc25ee3d1d34a0523a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:18:52 GMT
x-content-type-options: nosniff
age: 58406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19592
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Oct 2022 07:18:52 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm45_QpRyS7m.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 40ms
19ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUQjIg1_i6t8kCHKm45_QpRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f3.1e100.net

Software

sffe /

Resource Hash

d08191823eaeeacf724c684d09477a181f03288fd650bdf5fa57cbf1d446a956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 09:22:54 GMT
x-content-type-options: nosniff
age: 137364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19032
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 01 Oct 2022 09:22:54 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 31ms
14ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://vortexillusionrugs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3893600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80148
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7AohklDm%2BpQyLEjsHRWmmZbWNnIMKB3cIfSWId%2FZAfYYrhZ8%2F1w6ujNhZs1B5Xly0H6iMm86GlWLGmwtCtPoAvfJmNs78jcCRQcvIF0%2Fb6fPaGjL0lsSfNIs3Eg2ZhNvdLzowLf"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6981baadcbee440d-FRA
expires: Thu, 22 Sep 2022 23:32:18 GMT

GET
H2 200 /
www.paypal.com/webapps/mch/cmd/ Frame 7C77 0
757 B 190ms
190ms Image
text/plain 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypal.com/webapps/mch/cmd/?v=3.0&t=1633217538&fdata=OBcGAzRHBBYcHAQeSFRMKk90PRgwNE9jVWhoGjAsS0gtRmZoeRNrdFUEPFxwSQtHcFJfVHEDXlRAQFlEHkFYU1xnfVxkcE1jVyY.Bj1pSylMRnFhYQV5ZUNVZw9nW3NXYV1bUnAWTEVYUQIZSVRMKk90f1N8Zl9yQXt7WG97UlhdXnRsaxNpdlVGNhlwKGpHHio7LxdyTEdaUUwAQxQAD090CUtkMgYnFSImGi1pS0pMRjc0MVZpdDRGdGscKRkyDjQpPw5yIzImMjgkeTojNS0aBDoKHysMIhpoTnppSwoFBmZ5GBNpGjo0HGwUSWpFcEULBzMWTCZYUV1RDFZMSws7LQ4xcE8CV2h5TnhrS0gOBi48eRMIdFVRbAFmWXtQaFFYUXMDWl5AQ1lBDFROS08hOQYsNU9jNmhoWW58WFxVUX9hbAF7YkxQZwxlWWpHckVJEGIWLUdYQ0NADFROS08hOktkEU9jR396XGt5XVxeX2Z5exNpPBoTI10OAS9HcCRJR3UAX1RNQ15CGkJeWF5teFt3YV9jV2poTjAmHh8IOCQ3PFdpdDRGdGsBKhQyECMkLw1yPkdYU0xRQAYKNQUlIEtkEU9jPwQZPRwbOSAiKRR5eRFpdBUEIVE-BhQFPgANR2J3TEc3HxkvbAUdBgc2KAgpNE9jVWhoBjc8DxsyFCIpB0AtJhETdBkRSWoAMAgbA2IWTkdYGQMETBYZGQskaEsFcE9yWHloTnppSwoCEiksKktpdDRGdG0CSWpFcEUdFSZTMgMBBAgCQxQBBhd0aCpkcAgjGjosTnhrS0gkNBgbFHsLHiAvB21wSQtHcAIJCjBSTEdaUUwAXxAeDwA0PQMqPzE2DzksTngIS0hbUHNqbQp-YkVXYwxpXn5XaF1eR2IUTEcNFx8ZSVRMKk90f113Y1pxRX1-XWB8WVxfVXZvbBNpdlVGOFMlDzkDIA0MR2J3TEdNQ1hJSExcU19iKlokMFp2R38tXmp5XFwLASFuaAV7Z1VGdhlwBSASNhYNACpTTEc5UUxEHkBUD1dkcFtyMl4jF319Xm8sW1pcUXI-PlR-ZUNUZxlwS2pHJxccDycWTCZYUVlDGEwIU19seF0mYQ8jQn14WT15WVhbUiE-PgR4YkdVdBlySWoUMAoDR2J3TEdIUUxTDFQeHwwKKgIrcE8CV2gGIQoBPixMRmR5eUc7MAY4Mk04DGpHEUVJUnACVANPQVVBGhZdC1ltcV12NAgmEHsqCTx.X1lcUCR5eRFpdAEUMEoOGy4VIg0HCBxQGA8dUUwwDFRZWVtsLFx0aV91FXkoWGFwXVoIASM-alEuMENSZQlmCmpHckVJNQ52PzImICwpYDAjPjEXHD4RHiARKSs8Gy0nBDYeAjQrMV0mCh0DdBkRSWoTOAA3VSEBXlNPElRBTioAAANjJBAsZwM2EWhoTHhpHBoZDiN5eXJpdEBUYAE0XnpeYFMLViIAVV5OQwgWSRNfCQgwfl91YFkgV2hqTng-GR0fDiN5eXJpdEBUYAE0XnpeYFMLViIAVV5OQwgWSRNfCQgwfl91YFkhV2hqTng6Dw8EA2Z5GBNpY01eYglhX3lUZlJbXnIHVFVNQ0xRDlRMEgt0aCpkcF9yQnh.WnVkRkVMRmR5eUo8dFUndBlgWXxSZVdESm8bTEdaUUwAWBcEDk90CUtkBF0GTxFxIh0cIFEqU2Z5exNpMABGdHhwSQgqGCEmMhx-IDYrNT4jZDoj&cks=YmVmOGU0NjI1ZTNjZDZkMGRjZWZjM2E1ZjQzYzY3ODc&e=1.0

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 29
date: Sat, 02 Oct 2021 23:32:18 GMT
correlation-id: a55a0ef726445
x-edgeconnect-midmile-rtt: 145
strict-transport-security: max-age=63072000
paypal-debug-id: a55a0ef726445
cache-control: max-age=0, no-cache, no-store, must-revalidate
dc: ccg11-origin-www-1.paypal.com
content-length: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 7C77 301 KB
92 KB 17ms
17ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cc56d4cb4c7c93545d45a8a1ce4159a11752d96ca15c744afde1ab79c923cc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 453
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JyS779JydPduXzeKqNQUODJDWNXpNiBQDNqJVuNXpX4lVRYE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
p3p: true
paypal-debug-id: a9d800e3b2145
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 92529
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Sat, 02 Oct 2021 23:32:18 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"16971-taVSHvPJ36c8CV6MyIG9V55bKQk"
expires: Sun, 03 Oct 2021 00:32:17 GMT

GET
DATA 200
OK truncated
/ Frame 7C77 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C77 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 7C77 53 KB
19 KB 48ms
8ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-content-type-options: nosniff
age: 254060
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS, HIT
paypal-debug-id: 776626fb4988
x-cache-hits: 1, 0, 599369
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18575
etag: W/"610b110d-d38b"
x-served-by: cache-sjc10054-SJC, cache-hhn4082-HHN, cache-hhn4034-HHN
last-modified: Wed, 04 Aug 2021 22:13:33 GMT
x-timer: S1633217539.697434,VS0,VE1
date: Sat, 02 Oct 2021 23:32:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
expires: Sun, 03 Oct 2021 23:32:18 GMT

POST
H2 200 graphql Show response
www.paypal.com/ Frame 7C77 2 KB
4 KB 478ms
478ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/graphql?GetNativeEligibility

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ad92eff81161086cb2acdfa8958ee8b7e959fb5d2347b01ec4fddd9aeb94a166

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-B1QYp2EAx2+3ljsa+DIXPZT4zcsGGcrb6rKNKHReOf/ZyCbV' 'self' 'unsafe-inline' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language: de-DE,de;q=0.9
x-app-name: smart-payment-buttons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 314
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-B1QYp2EAx2+3ljsa+DIXPZT4zcsGGcrb6rKNKHReOf/ZyCbV' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 148
paypal-debug-id: a470735aea483
date: Sat, 02 Oct 2021 23:32:19 GMT
dc: ccg11-origin-www-1.paypal.com
content-length: 1683
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: W/"693-Qa9ZFuP6W/GmZfO32v3PMZxC7M0"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H/1.1 204
No Content pageVisit
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/ Frame 0
0 417ms
102ms Preflight 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/pageVisit
Protocol: HTTP/1.1
Server: 216.27.63.9 Raleigh, United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ref-url,x-shopper-id
Origin: https://vortexillusionrugs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

allow: POST,OPTIONS
access-control-allow-origin: https://vortexillusionrugs.com
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,X-Biscuit,X-Mx-ReqToken,Keep-Alive,X-Trolley,x-shopper-id,X-Ref-Url
Date: Sat, 02 Oct 2021 23:32:18 GMT

POST
H/1.1 202
Accepted pageVisit
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/ 0
0 111ms
111ms Fetch
text/plain 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/pageVisit
Requested by: Host: snip.bronto.com
URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/assets/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.27.63.9 Raleigh, United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Referer: https://vortexillusionrugs.com/
X-Ref-Url: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
x-shopper-id: 7d2f1cec-e0bf-4f8c-9312-ad85ec06ba7b
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vortexillusionrugs.com
Date: Sat, 02 Oct 2021 23:32:18 GMT
access-control-allow-credentials: true
x-trace: e3112e56-36ee-4727-9546-5d5818093609
Content-Length: 0
Content-Type: text/plain

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D8AA 160 B
869 B 148ms
147ms Document
text/html 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br
cookie: l7_az=dcg15.slc; ts_c=vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b; tsrce=smartcomponentnodeweb; ts=vreXpYrS%3D1727911938%26vteXpYrS%3D1633219338%26vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b%26vtyp%3Dnew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: ddbc483c350a2
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: ddbc483c350a2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
date: Sat, 02 Oct 2021 23:32:18 GMT
via: 1.1 varnish
x-served-by: cache-hhn4034-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1633217539.725239,VS0,VE141
vary: Accept-Encoding
set-cookie: x-cdn=0300; Domain=paypal.com; Path=/; Secure
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame CDD2
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS

42 B
299 B

104ms
32ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 23:32:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS
Date: Sat, 02 Oct 2021 23:32:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 211ms
193ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://vortexillusionrugs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://vortexillusionrugs.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a3f5a698de847
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 145
x-edgeconnect-origin-mex-latency: 29
date: Sat, 02 Oct 2021 23:32:18 GMT
strict-transport-security: max-age=63072000

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 870 B
2 KB 201ms
201ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e99094f98e854afe4831ed7481e90f929c123c4d644edfb449930a824fe5c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://vortexillusionrugs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 39
date: Sat, 02 Oct 2021 23:32:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 149
etag: W/"366-qigNlqeNNzQy/UD/6o0b3Rc8dsg"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vortexillusionrugs.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: a0bd01af5465f
dc: ccg11-origin-www-1.paypal.com
content-length: 870

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 7C77 876 B
2 KB 323ms
323ms Ping
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

dfa2adb387067528fe52e0a8343a750f9898fdc0a9663ade54a96ea1eb309bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 166
date: Sat, 02 Oct 2021 23:32:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 140
etag: W/"36c-4qV+iocQv4CU1672acORyAVs0Zw"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: a00a663c96ef5
dc: ccg11-origin-www-1.paypal.com
content-length: 876

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D8AA 53 KB
19 KB 7ms
7ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31557600
content-encoding: gzip
x-content-type-options: nosniff
age: 254060
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS, HIT
paypal-debug-id: 776626fb4988
x-cache-hits: 1, 0, 599370
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18575
etag: W/"610b110d-d38b"
x-served-by: cache-sjc10054-SJC, cache-hhn4082-HHN, cache-hhn4034-HHN
last-modified: Wed, 04 Aug 2021 22:13:33 GMT
x-timer: S1633217539.882525,VS0,VE1
date: Sat, 02 Oct 2021 23:32:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
expires: Sun, 03 Oct 2021 23:32:18 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D8AA 125 B
603 B 207ms
207ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p1
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b30e754740d76f7add349f96c349eceb98024aa84a42b390d84e6ede21dbd2b

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
correlation-id: 25903e77809e7
x-served-by: cache-hhn4034-HHN
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 25903e77809e7
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame D8AA 15 B
186 B 152ms
151ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/e
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
correlation-id: 1b5fbb560e883
x-served-by: cache-hhn4034-HHN
x-cache: MISS
content-type: application/json
paypal-debug-id: 1b5fbb560e883
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 15
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame D8AA 0
82 B 196ms
177ms Image
text/plain 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c6.paypal.com/v1/r/d/b/p3?f=uid_f8d44eb330_mjm6mzi6mtg&s=SMART_PAYMENT_BUTTONS
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
correlation-id: 10f6fd1bff5b5
x-timer: S1633217539.921636,VS0,VE171
x-served-by: cache-hhn4034-HHN
x-cache: MISS
paypal-debug-id: 10f6fd1bff5b5
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 7C77 876 B
2 KB 187ms
186ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d2a76273cccf661441ba304d59495e09a87c3ae67401536a01057d53ac7b3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVNhT19WUTlYM1JxVG82bkhVU01vUXhSVVFKcGRjbkYtdWx6cnMxalVDTWs4aDZ2cGJ3OHpZUGI3Xy1CQzBncnFrWWNNMnM5U0NhejJVY2ciLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9sbm5zY2xwdG55dXB2enhpc2V3eXdmcnFjY3lwenMifX0&clientID=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&sdkCorrelationID=f990438ebedda&storageID=uid_47bf061835_mjm6mzi6mtg&sessionID=uid_f8d44eb330_mjm6mzi6mtg&buttonSessionID=uid_3b6356b91c_mjm6mzi6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjp0cnVlLCJwcm9kdWN0cyI6eyJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=paylater&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 31
date: Sat, 02 Oct 2021 23:32:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 140
etag: W/"36c-kHPiiyY76ejy+QF0rriMudntIoA"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: a9c5d0b251243
dc: ccg11-origin-www-1.paypal.com
content-length: 876

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 46ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=vortexillusionrugs.com&t=xo&v=5.0.262&source=payments_sdk&client_id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 7e76a0d099cd6
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 16424
x-served-by: cache-sjc10081-SJC, cache-hhn4025-HHN
last-modified: Thu, 19 Aug 2021 15:53:03 GMT
x-timer: S1633217539.994726,VS0,VE0
etag: W/"611e7e5f-da2c"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 275651, 3

GET
H2 200 ts
t.paypal.com/ 42 B
708 B 205ms
166ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AU3D9X8MDTJ8G4-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AU3D9X8MDTJ8G4-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=55b22229-e539-433a-a23e-db5d3e87161b&fltp=analytics&mrid=U3D9X8MDTJ8G4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=The%20Vortex%20Rug&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1633217538952&g=0&completeurl=https%3A%2F%2Fvortexillusionrugs.com%2F%3F__ef_tid%3Dd88367ff6be14a99a980c706ac1b57fb%26oid%3D96%26affid%3D73%26sub1%3D%26sub2%3D
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
x-timer: S1633217539.995113,VS0,VE161
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a8b159876e92c
expires: Sat, 02 Oct 2021 23:32:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4077-HHN

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame B134 54 KB
17 KB 8ms
7ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0e569d3993695c0e411ee26f081e4ad040383c7e473c265fc86408bafa980f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vortexillusionrugs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"61391a16-d785"
last-modified: Wed, 08 Sep 2021 20:16:22 GMT
paypal-debug-id: 5f11700b8e459
dc: phx-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 02 Oct 2021 23:32:19 GMT
x-served-by: cache-sjc10027-SJC, cache-hhn4025-HHN
x-cache: HIT, HIT
x-cache-hits: 178547, 45
x-timer: S1633217539.012407,VS0,VE0
vary: Accept-Encoding
cache-control: public,max-age=3600
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16698

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame B134 18 B
197 B 6ms
6ms Fetch
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1c556ce99cbbd
x-cache-hits: 274490, 48
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 38
x-served-by: cache-sjc10081-SJC, cache-hhn4025-HHN
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
x-timer: S1633217539.038792,VS0,VE0
etag: "60271cd0-12"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-client-location: DE

GET
H2 200 ts
t.paypal.com/ 42 B
117 B 168ms
167ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AU3D9X8MDTJ8G4-1&page=muse%3Aoffer%3A%3A%3AU3D9X8MDTJ8G4-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=55b22229-e539-433a-a23e-db5d3e87161b&es=visitorInfoFlowStarted&mrid=U3D9X8MDTJ8G4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=The%20Vortex%20Rug&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1633217539038&g=0&completeurl=https%3A%2F%2Fvortexillusionrugs.com%2F%3F__ef_tid%3Dd88367ff6be14a99a980c706ac1b57fb%26oid%3D96%26affid%3D73%26sub1%3D%26sub2%3D
Requested by: Host: vortexillusionrugs.com
URL: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
x-timer: S1633217539.041261,VS0,VE159
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ea0e994d59bb7
expires: Sat, 02 Oct 2021 23:32:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4077-HHN

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame B134 443 B
2 KB 388ms
388ms Fetch
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

208b9010235634bb954c63b3a8282fce31fa0abe8417679de8368e9391a55a50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NW1MaAfeuCeexg70wAo9kBKSyG95DmeI4PMJZFfb7bCVV3q1' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 199
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-NW1MaAfeuCeexg70wAo9kBKSyG95DmeI4PMJZFfb7bCVV3q1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
x-edgeconnect-midmile-rtt: 149
paypal-debug-id: a2f7cc5961d2a
date: Sat, 02 Oct 2021 23:32:19 GMT
dc: ccg11-origin-www-1.paypal.com
content-length: 443
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: W/"1bb-aOQblbGWTQ40CGbK6ANZcBod8Og"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 195ms
194ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a644f01310a35
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 149
x-edgeconnect-origin-mex-latency: 32
date: Sat, 02 Oct 2021 23:32:19 GMT
strict-transport-security: max-age=63072000

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 868 B
2 KB 190ms
190ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASaO_VQ9X3RqTo6nHUSMoQxRUQJpdcnF-ulzrs1jUCMk8h6vpbw8zYPb7_-BC0grqkYcM2s9SCaz2Ucg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e5031d36865bce73b96599d1295e82a716ff95d90fb89764dd5a5e2c97579d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://vortexillusionrugs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 28
date: Sat, 02 Oct 2021 23:32:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 149
etag: W/"364-RfLyNPA41Xua8vNKf+Kp5lEU3vo"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vortexillusionrugs.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: aacaaaa603d74
dc: ccg11-origin-www-1.paypal.com
content-length: 868

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 202ms
202ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://vortexillusionrugs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://vortexillusionrugs.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a99e9388637c9
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 148
x-edgeconnect-origin-mex-latency: 40
date: Sat, 02 Oct 2021 23:32:19 GMT
strict-transport-security: max-age=63072000

GET
H2 200 ts
t.paypal.com/ 42 B
118 B 151ms
151ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AU3D9X8MDTJ8G4-1&page=muse%3Aoffer%3A%3A%3AU3D9X8MDTJ8G4-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=55b22229-e539-433a-a23e-db5d3e87161b&es=visitorInfo&cust=identified&mrid=U3D9X8MDTJ8G4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=The%20Vortex%20Rug&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=6&identifier_used=DFP&e=im&t=1633217539635&g=0&completeurl=https%3A%2F%2Fvortexillusionrugs.com%2F%3F__ef_tid%3Dd88367ff6be14a99a980c706ac1b57fb%26oid%3D96%26affid%3D73%26sub1%3D%26sub2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 23:32:19 GMT
via: 1.1 varnish
x-timer: S1633217540.639263,VS0,VE145
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 446826de5b802
expires: Sat, 02 Oct 2021 23:32:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4077-HHN

GET
H2 200 eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6IjkyMTA2NzA2ZDJkY2NlNWRhNDQwNzU3NTdhZjBmZDY0NWY4NWFlMDllZWVmNmUxNjhkNGJmNGQ5IiwicGFnZVR5cGUiOiJjaGVja291dCIsInNlc3Npb25JRCI6IjkyMTA2N... Show response
stats.productlistgenie.io/data/ 2 B
622 B 179ms
128ms Fetch
text/plain 172.67.217.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.productlistgenie.io/data/eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6IjkyMTA2NzA2ZDJkY2NlNWRhNDQwNzU3NTdhZjBmZDY0NWY4NWFlMDllZWVmNmUxNjhkNGJmNGQ5IiwicGFnZVR5cGUiOiJjaGVja291dCIsInNlc3Npb25JRCI6IjkyMTA2NzA2ZDJkY2NlNWRhNDQwNzU3NTdhZjBmZDY0IiwiY3JlYXRvcklEIjoiVTJGc2RHVmtYMTh2amhjWlRERlNxQ2FkR2l5K1RDaTBpRE9iK1MvRldCcnorVEhkdmtmakhBWmduREp5ei9mRyIsInBhZ2VJRCI6IjVmODVhZTA5ZWVlZjZlMTY4ZDRiZjRkOSIsImZ1bm5lbElEIjoiNWY4NWFlMDllZWVmNmUxNjhkNGJmNGNhIiwiZnVubmVsTmFtZSI6InZvcnRleC1ydWciLCJkZXZpY2UiOiJkZXNrdG9wIiwicGFnZVVSTCI6Imh0dHBzOi8vdm9ydGV4aWxsdXNpb25ydWdzLmNvbS8ifX0=
Requested by: Host: stats.productlistgenie.io
URL: https://stats.productlistgenie.io/plg.min.js?123
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vortexillusionrugs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 23:32:20 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auxHsl8zhWnFMay9%2BH7KQI22mibD1hddo7SIXFO%2BZXE2a4CqXh%2FQJzLLRtFKG5WvtPqsYCKFs7BaqefRmdSmQi5svTITCVPWZHOI8jPD6uh%2B7EUBBhxbs0mfU4t2TWzbGe6%2BjJd%2BZnstZiIx"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 6981babaae914125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

OPTIONS
H/1.1 204
No Content productView
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/ Frame 0
0 103ms
102ms Preflight 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/productView
Protocol: HTTP/1.1
Server: 216.27.63.9 Raleigh, United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-ref-url,x-shopper-id
Origin: https://vortexillusionrugs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

allow: POST,OPTIONS
access-control-allow-origin: https://vortexillusionrugs.com
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,X-Biscuit,X-Mx-ReqToken,Keep-Alive,X-Trolley,x-shopper-id,X-Ref-Url
Date: Sat, 02 Oct 2021 23:32:19 GMT

POST
H/1.1 202
Accepted productView
maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/ 0
0 106ms
106ms Fetch
text/plain 216.27.63.9
AS-TIERP-7349

General

Check archive.org

Show headers Download Go to

Full URL: https://maw.bronto.com/csites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/browse/productView
Requested by: Host: snip.bronto.com
URL: https://snip.bronto.com/v2/sites/eyJ0eXBlIjoic2l0ZWhhc2giLCJpZCI6ImMyNWI0YjE5NmJiZTM1MGEyNjVmOTQ4ZjljM2U0NzdkMzVlMjkxMWQzZjFiOTY4MTYwZDFlYWQ4ZTBjOTY5YmEifQ==/assets/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.27.63.9 Raleigh, United States, ASN7349 (AS-TIERP-7349, US),
Reverse DNS: lb-vip-216-27-63-9.bronto.com
Software: /
Resource Hash

Request headers

Referer: https://vortexillusionrugs.com/
X-Ref-Url: https://vortexillusionrugs.com/?__ef_tid=d88367ff6be14a99a980c706ac1b57fb&oid=96&affid=73&sub1=&sub2=
x-shopper-id: 7d2f1cec-e0bf-4f8c-9312-ad85ec06ba7b
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vortexillusionrugs.com
Date: Sat, 02 Oct 2021 23:32:19 GMT
access-control-allow-credentials: true
x-trace: 92aaa6e7-89f0-4203-aefd-519822fe48bf
Content-Length: 0
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elanstudionola.com/	1970-01-19 21:41:43	Name: uniqueClick_5Q9RM9 Value: b750c4d4-859c-4d0a-9580-b7a6bdfe8809:1633217535
www.elanstudionola.com/	1970-01-19 23:49:53	Name: transaction_id Value: d88367ff6be14a99a980c706ac1b57fb
vortexillusionrugs.com/	1969-12-31 23:59:59	Name: loc_iso2 Value: US
vortexillusionrugs.com/	1969-12-31 23:59:59	Name: loc_iso3 Value: USA
vortexillusionrugs.com/	1969-12-31 23:59:59	Name: client Value: 216.131.114.163
.authorize.net/	1969-12-31 23:59:59	Name: __cfruid Value: a9ff13f31c5ec288e626d8ef9677fdadd1881200-1633217537
.vortexillusionrugs.com/	1970-01-20 15:11:29	Name: _ga_TEX0GTRGZ3 Value: GS1.1.1633217537.1.0.1633217537.0
.vortexillusionrugs.com/	1970-01-20 15:11:29	Name: _ga Value: GA1.1.1084627747.1633217537
www.tb42trk.com/	1970-01-19 21:41:43	Name: uniqueClick Value: c29b85e5-8805-4b4c-84c7-d4e45ee2c0a5:1633217537
www.tb42trk.com/	1970-01-19 23:49:53	Name: transaction_id Value: d88367ff6be14a99a980c706ac1b57fb
vortexillusionrugs.com/	1970-01-19 22:23:29	Name: ef_tid_c_o_96 Value: d88367ff6be14a99a980c706ac1b57fb
vortexillusionrugs.com/	1970-01-19 22:23:29	Name: ef_tid_c_a_2 Value: d88367ff6be14a99a980c706ac1b57fb
.paypal.com/	1970-01-19 21:40:19	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 23:58:31	Name: ts_c Value: vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b
.vortexillusionrugs.com/	1970-01-27 04:52:17	Name: b_s_id Value: 7d2f1cec-e0bf-4f8c-9312-ad85ec06ba7b
.paypal.com/	1970-01-19 21:40:49	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 06:25:53	Name: enforce_policy Value: gdpr_v2.1
.paypalobjects.com/	1970-01-19 21:44:36	Name: paypal-offers--country Value: DE
.www.paypal.com/	1969-12-31 23:59:59	Name: akavpau_ppsd Value: 1633218139~id=1216f56b4f0c81bb2fcaf704b6adeb9c
.c.paypal.com/	1970-01-21 17:28:17	Name: sc_f Value: BO26QvVeRNt_t8hHczJmgJ9UPfTYNYefFL5ODN4uemk7vsZTr0LbqbIgNtWccniUJNp7K6ITU_9yNQRtet3EKf_i4wqVz-oAQ-Yx2W
.paypal.com/	1970-01-27 04:52:17	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 4Wnkm80D4yAfWVdp6JItx9hKkGRwn9kp1GglVf9cPJh5gv3KVlPKztZ0HP1UwEah_THAxMAVQgD7FqaL
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AyTFIRSQwFPbisVauY1tesOELG1Y4pZvj.LObj7Kix1WNotqwCmS62GVLiP879Ua5KndbTr7xh4Xc
.paypal.com/	1970-01-20 23:58:31	Name: ts Value: vreXpYrS%3D1727911939%26vteXpYrS%3D1633219339%26vr%3D4359e61817c0a78873efdf2cfe75017c%26vt%3D4359e61817c0a78873efdf2cfe75017b%26vtyp%3Dnew
.vortexillusionrugs.com/	1970-01-19 21:40:19	Name: b_pg_v Value: 10%2F2%2F2021%2C%2011%3A32%3A18%20PM
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYzMzIxNzUzOTUxOCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-19 21:44:36	Name: tsrce Value: targetingnodeweb
.paypalobjects.com/	1970-01-19 21:41:43	Name: paypal-offers--cust Value: identified:6:DFP

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.productlistgenie.com
cdn.shopify.com
cdnjs.cloudflare.com
code.jquery.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
js.authorize.net
maw.bronto.com
productlistgenie.com
s3-us-west-2.amazonaws.com
snip.bronto.com
stats.productlistgenie.io
t.paypal.com
unpkg.com
vortexillusionrugs.com
www.durablegoodsaffiliates.com
www.elanstudionola.com
www.google-analytics.com
www.googletagmanager.com
www.iceurmotor.com
www.paypal.com
www.paypalobjects.com
www.tb42trk.com
104.111.228.123
104.16.123.175
104.16.18.94
104.18.9.127
104.21.82.47
104.26.0.43
142.250.185.136
142.250.185.234
142.250.186.142
151.101.129.35
151.101.193.12
151.101.193.35
151.101.194.133
172.67.217.220
216.27.63.9
216.58.212.163
23.45.236.99
34.102.156.27
45.55.121.131
45.58.39.118
52.218.197.72
64.4.245.84
69.16.175.10
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
0e99094f98e854afe4831ed7481e90f929c123c4d644edfb449930a824fe5c3e
0f43ced07b9de8536aa81b1c2a79e21acf46a40454d8740b8411d8ed7426467a
129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
1ba2a256f06266b31350f28880cdd0bc751dd44b4bb8263af21e9b58734cdd46
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
208b9010235634bb954c63b3a8282fce31fa0abe8417679de8368e9391a55a50
23999ffa4dd70be06224ef188b9a27cc7f0cd985a4c813704173c3cbb0f934a4
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3487de18ae67573dbb9527bc9f3350b317abf44c64d2d28bb5a566877beefeda
3907e75e38620852fdd99a884ed5800f895ce96e898fcda40a8f6a30270d9f4a
462eef86295570cd29a29474d1715429507409307b730ed8ee6e8cd8f719c976
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a30524059a8ef7674328583b49353aae0cca57b8bb413aaef9240bfb0ab69c7
4ae8de20284ef3e5b51f41c3fc484f7bd4f554cdedcb502da7c2e65f6a90d2ef
4c316d8c903540b9368aec67a0ced1cee04e64e34a7aadc25ee3d1d34a0523a6
4d2a76273cccf661441ba304d59495e09a87c3ae67401536a01057d53ac7b3b8
4eef18e00023d694fa46cd861d60633d2b387ec3c8deba62c6fc4fb81f3976f3
5290e6b763745d4c71f777de558aa4c607106f0a28af27bd063275d68a0660d9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6cc56d4cb4c7c93545d45a8a1ce4159a11752d96ca15c744afde1ab79c923cc7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77614d58b4a252de937a2d38c370b50cc6a46a418ce47830fb7e0d1090ad50c8
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
8364a31e0fb0aa770e9ab519ec82f665b4630226bbd71a40dddded5649481803
87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9b30e754740d76f7add349f96c349eceb98024aa84a42b390d84e6ede21dbd2b
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
9f71f400793707eed1f89d59e5f939fadc908e857fcdb897732bf999c503bd1d
a5743a8460165196758925abe89b69960845e512623502200c883b80ebba6204
a7256ba45808e7be7840387619ebd3339a1bbce081f2bbddbcb0271459d7a277
ad92eff81161086cb2acdfa8958ee8b7e959fb5d2347b01ec4fddd9aeb94a166
b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8
b9cdc4c04d679619973920fa6d6585576d00e1f7639dd49ba1fbe676ce24f289
c0e569d3993695c0e411ee26f081e4ad040383c7e473c265fc86408bafa980f2
cd87403ea50ba8fa66ed8cd9fb8eab6538ca1d3bc5f05dac6e713ce93922a939
cf259e4c63a23348ab98962aeef391a318a9161a33cae3db7fb98dd24e96108b
d08191823eaeeacf724c684d09477a181f03288fd650bdf5fa57cbf1d446a956
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d624dafd953a228001368738554c6b2fb62ab5d8ae53873e2dd6af8bd3843041
d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0
dd19b7e14711c9526d6d1723f14a8dd09efb64e62a031d003126879e2caaf5de
dfa2adb387067528fe52e0a8343a750f9898fdc0a9663ade54a96ea1eb309bbe
e3418cb4954cf2b3fa89ce6b2add0509b0cefe4d474e459539207522ba4908dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5031d36865bce73b96599d1295e82a716ff95d90fb89764dd5a5e2c97579d7b
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

vortexillusionrugs.com Open in urlscan Pro 45.55.121.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

0 %IPv6

20 Domains

27 Subdomains

23 IPs

3 Countries

1814 kBTransfer

3650 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vortexillusionrugs.com Open in urlscan Pro
45.55.121.131 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

23
IPs

3
Countries

1814 kB
Transfer

3650 kB
Size

27
Cookies

66 HTTP transactions
6 data transactions