www.rrfec.com Open in urlscan Pro
2606:4700::6811:c149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.rrfec.com/
Effective URL:
https://www.rrfec.com/
Submission: On January 31 via manual (January 31st 2023, 10:36:41 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 13 domains to perform 73 HTTP transactions. The main IP is 2606:4700::6811:c149, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rrfec.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.

This is the only time www.rrfec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:c049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:c149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
4	3.216.32.164 3.216.32.164	14618 (AMAZON-AES) (AMAZON-AES)
1	3.5.7.192 3.5.7.192	14618 (AMAZON-AES) (AMAZON-AES)
22	52.222.236.2 52.222.236.2	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d054	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	3.214.141.241 3.214.141.241	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
5	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1 3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
73	21

1 2606:4700::6811:c049 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rrfec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:c149 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rrfec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.216.32.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-32-164.compute-1.amazonaws.com

fonts.digital.vistaprint.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.7.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

vp-digital-tower-etc.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.222.236.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-2.fra56.r.cloudfront.net

imageprocessor.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d054 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.141.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-141-241.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	vistaprint.com imageprocessor.digital.vistaprint.com — Cisco Umbrella Rank: 104302 statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 112166	2 MB
19	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2392 t.paypal.com — Cisco Umbrella Rank: 3176 c.paypal.com — Cisco Umbrella Rank: 5826 b.stats.paypal.com — Cisco Umbrella Rank: 5130 dub.stats.paypal.com — Cisco Umbrella Rank: 23307 c6.paypal.com — Cisco Umbrella Rank: 6726	387 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	867 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 738 syndication.twitter.com — Cisco Umbrella Rank: 1011	149 KB
4	vistaprint.io fonts.digital.vistaprint.io — Cisco Umbrella Rank: 117833	78 KB
4	rrfec.com 1 redirects www.rrfec.com	145 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	23 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3748	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	89 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	19 KB
1	websimages.com static.websimages.com — Cisco Umbrella Rank: 93487	974 B
1	amazonaws.com vp-digital-tower-etc.s3.amazonaws.com — Cisco Umbrella Rank: 209960	11 KB
73	13

	Domain	Requested by
22	imageprocessor.digital.vistaprint.com	www.rrfec.com
10	www.paypal.com	www.rrfec.com www.paypal.com cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	platform.twitter.com	www.rrfec.com platform.twitter.com
4	fonts.digital.vistaprint.io	www.rrfec.com fonts.digital.vistaprint.io
4	www.rrfec.com	1 redirects www.rrfec.com
3	www.facebook.com	1 redirects connect.facebook.net
3	www.google.com	www.rrfec.com www.gstatic.com www.google.com
3	static.addtoany.com	www.rrfec.com static.addtoany.com
2	fonts.gstatic.com	www.google.com
2	syndication.twitter.com	platform.twitter.com www.rrfec.com
2	connect.facebook.net	www.rrfec.com connect.facebook.net
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	t.paypal.com	www.rrfec.com
1	statscollector.digital.vistaprint.com	www.rrfec.com
1	cdnjs.cloudflare.com	www.rrfec.com
1	static.websimages.com	www.rrfec.com
1	vp-digital-tower-etc.s3.amazonaws.com	www.rrfec.com
73	21

This site contains links to these domains. Also see Links.

Domain
webzoom.freewebs.com
www.rainbowridgefarmequestriancenter.com
www.tacknmorecs.com
policies.google.com
www.rrfcrc.org
www.addtoany.com

Subject Issuer	Validity	Valid
www.rrfec.com Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
fonts.digital.vistaprint.io Amazon	`2022-09-06` - `2023-10-05`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
imageprocessor.digital.vistaprint.com Amazon	`2022-04-11` - `2023-05-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
statscollector.digital.vistaprint.com Amazon RSA 2048 M01	`2022-12-05` - `2024-01-03`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.rrfec.com/
Frame ID: 46EE57BAFF9463397655903376AF9038
Requests: 47 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 8A3DABE6F0B9108C5DB21AB1471F9A16
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7CC6B2C09827374088CEFA2B2CFF6644
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 26574371A3240994D18229B52B5E8250
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rrfec.com
Frame ID: 113799F2F9AF87FB5F1FF9C88381C6DA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly93d3cucnJmZWMuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=siar4xyrxtgm
Frame ID: 24B3BB3655ABC8946373B68FC6A6517C
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 4B2DD54BB7662133BB8F95F154E045B8
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: CDB2A93B9DB1F8E818D23680DD471E23
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS
Frame ID: 26C5D4F9AD07CB76A924235BD41ED11C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc4652aa46af4%26domain%3Dwww.rrfec.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rrfec.com%252Ff2dd66258afbde4%26relation%3Dparent.parent&color_scheme=light&container_width=50&href=https%3A%2F%2Fwww.rrfec.com%2F&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false&size=small&width=180
Frame ID: 261DE359CFEF9EA6DB1533DE2C645389
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df338a5170b52524%2526domain%253Dwww.rrfec.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.rrfec.com%25252Ff2dd66258afbde4%2526relation%253Dparent.parent%26container_width%3D62%26height%3D500%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTack-N-More-Country-Store-1147632792047716%252F%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26tabs%3Ddata-small-header%253D%2522false%2522%26width%3D300
Frame ID: 01052F101168FB5EC086834D40062F46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HomeChevronChevronChevronChevronChevronChevronChevronChevronChevronChevron

Page URL History Show full URLs

http://www.rrfec.com/ HTTP 301
https://www.rrfec.com/ Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

73
Requests

99 %
HTTPS

52 %
IPv6

13
Domains

21
Subdomains

21
IPs

4
Countries

4113 kB
Transfer

6186 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://webzoom.freewebs.com/rainbowridgefarmequestriancenter/rainbow-riders-club
Title: *Wee Rainbow Riders is back for ages 2-5 years 1/2 hour riding and horsemanship.

Search URL Search Domain Scan URL

URL: https://www.rainbowridgefarmequestriancenter.com/tack-n-more-country-store
Title: .pip[data-tower-id="e1ec2e7beea54b7da96136a31b0a8ebb-0-0-8-0-0"]{margin-left:auto;margin-right:auto;margin-top:0;width:100%;}@media screen and (min-width: 30em){.pip[data-tower-id="e1ec2e7beea54b7da96136a31b0a8ebb-0-0-8-0-0"]{margin-left:auto;margin-right:auto;margin-top:0;width:100%;}}@media screen and (min-width: 60em){.pip[data-tower-id="e1ec2e7beea54b7da96136a31b0a8ebb-0-0-8-0-0"]{margin-left:auto;margin-right:auto;margin-top:0;width:100%;}}.pip[data-tower-id="e1ec2e7beea54b7da96136a31b0a8ebb-0-0-8-0-0"] .image-media__image-container{padding-bottom:50.495049504950494%;}

Search URL Search Domain Scan URL

URL: http://www.tacknmorecs.com/
Title: www.tacknmorecs.com

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Datenschutzrichtlinien

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.rrfcrc.org/
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.rrfec.com/ HTTP 301
https://www.rrfec.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://b.stats.paypal.com/v2/counter.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS

Request Chain 70

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338a5170b52524%26domain%3Dwww.rrfec.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rrfec.com%252Ff2dd66258afbde4%26relation%3Dparent.parent&container_width=62&height=500&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2FTack-N-More-Country-Store-1147632792047716%2F&locale=de_DE&sdk=joey&show_facepile=false&tabs=data-small-header%3D%22false%22&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df338a5170b52524%2526domain%253Dwww.rrfec.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.rrfec.com%25252Ff2dd66258afbde4%2526relation%253Dparent.parent%26container_width%3D62%26height%3D500%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTack-N-More-Country-Store-1147632792047716%252F%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26tabs%3Ddata-small-header%253D%2522false%2522%26width%3D300

73 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rrfec.com/
Redirect Chain

http://www.rrfec.com/
https://www.rrfec.com/

251 KB
35 KB

889ms
842ms

Document
text/html

2606:4700::6811:c149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rrfec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f0f6e01636e5a2ca9fec38c94bb70fe2b0e48a84f0f5d0470a43be51b51e0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
cf-cache-status: MISS
cf-ray: 7925ed0fbfe19191-FRA
content-encoding: gzip
content-language: de_de
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 22:36:25 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7925ed0f382f9034-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 31 Jan 2023 22:36:24 GMT
Expires: Tue, 31 Jan 2023 23:36:24 GMT
Location: https://www.rrfec.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 /
www.rrfec.com/.css/ 204 KB
32 KB 987ms
986ms Stylesheet
text/css 2606:4700::6811:c149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rrfec.com/.css/?cacheId=1674875940226
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7884735200e95b544a1673b09227f7b393fec6767e35e1ed6bd719279b8f8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"32ec4-giedeYHEe+2z6L0f6RuHAn2f9tY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: https://developer.cimpress.io
content-language: de_de
cache-control: public, s-maxage=43200, max-age=60
cf-ray: 7925ed150fd19191-FRA

GET
H2 200 / Show response
www.rrfec.com/.js/ 334 KB
78 KB 778ms
777ms Script
application/javascript 2606:4700::6811:c149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rrfec.com/.js/?cacheId=1674875940226&locale=de-DE
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b09463c5d1f3721453da37235219faa6b4f570b8d09c55ac3cddf465f6c0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"5364e-snrTgABnOHBDR4vc33E0oy99hD8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://developer.cimpress.io
content-language: de_de
cache-control: public, s-maxage=43200, max-age=60
cf-ray: 7925ed150fd59191-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ 314 KB
93 KB 965ms
833ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=rainbowridgefarm%40verizon.net&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24f501aa99508179dd256a16d6a43cfa5178d6653c9fd41198c42013dc8a6c61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 22:36:26 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f17911621d532
server-timing: "traceparent;desc="00-0000000000000000000f17911621d532-ab43793cd36f86d5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 94480
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220041-HHN
traceparent: 00-0000000000000000000f17911621d532-a9f43b4f9b32a1cb-01
x-timer: S1675204586.894810,VS0,VE812
etag: W/"17110-lNrT6QRcsIB2OPGsOErazOWu1hU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.digital.vistaprint.io/ 7 KB
7 KB 641ms
139ms Stylesheet
text/css 3.216.32.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/css?family=Cabin%3A100%2C400%2C700%7CSource%20Sans%20Pro%3A100%2C400%2C700

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.32.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-32-164.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

6e195482a5f10b2e67df4db9fc06e03d274d143020065442ce622c5540fb13a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: nginx/1.15.6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
accept-ranges: none
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 22:36:26 GMT

GET
H2 200 css
fonts.digital.vistaprint.io/ 2 KB
3 KB 723ms
221ms Stylesheet
text/css 3.216.32.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/css?family=Dancing%20Script%3A100%2C400%2C700

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.32.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-32-164.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

8eea12c8755bb94043c3d3dda0b5424efddf592901940490e100f5beceda685f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: nginx/1.15.6
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
accept-ranges: none
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 22:36:26 GMT

GET
H/1.1 200
OK celebrate.png
vp-digital-tower-etc.s3.amazonaws.com/stock-assets/ 10 KB
11 KB 445ms
133ms Image
image/png 3.5.7.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vp-digital-tower-etc.s3.amazonaws.com/stock-assets/celebrate.png
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.7.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Last-Modified: Thu, 12 Nov 2020 18:43:33 GMT
Server: AmazonS3
x-amz-request-id: JS7H26YP0464M5MB
ETag: "704e4ac5de30951d68ade8ea443aeca6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10443
x-amz-id-2: fFaUYGv+5drXdSAmK0rch3azIx4kJ7rH8o44gqICtNpkfhHOd5Q04BRHYh5xR/Os5KJu8gDXK+aEFwknq8Gu1Q==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,798x600/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/2670f279-1e73-4136-9c16-c8fc7d955397~110/ 127 KB
128 KB 721ms
593ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,798x600/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/2670f279-1e73-4136-9c16-c8fc7d955397~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: c3790411f7266914b4f1b6e03ec3f15d1444fa8b2ea4c0fc3ad3c5e8f22bad1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 299bc10b-a270-4682-8c74-1ecea5ca025f
ETag: W/"1fc81-IIYCPd2paz2WV3NmHgPdMvuibYg"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 130177
X-Amz-Cf-Id: VgiJck95ML4mraWvHQO7GhHNRCDcfaqezS_BbzRkOmCiF8pqlDmsVg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,401x338/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/bfa74807-aaaa-4e9a-8294-2d64b3093550~110/ 78 KB
79 KB 348ms
242ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,401x338/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/bfa74807-aaaa-4e9a-8294-2d64b3093550~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: cb17284df4f0ea5ffaf1f60f2dfbc36dcd2f38c3481e19cbc242778b6d140c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 3558b60e-a918-4187-b5ae-d59098adc56b
ETag: W/"138dc-u9mqZZPGWlsiei7vGLwWF+irJ0c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 80092
X-Amz-Cf-Id: tdO5smG8pzhE4oqDh_sNrfumXjm-2YR1qD3PP-HkLP4xL_IAH9evyA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/rotate/90/crop/0,0,2988x4065/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/1b9fcdc9-d8ee-4b81-ad59-1987e0c44566~110/ 227 KB
227 KB 131ms
26ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/rotate/90/crop/0,0,2988x4065/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/1b9fcdc9-d8ee-4b81-ad59-1987e0c44566~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 6332060fb3cf0c85071c5006e5c6a96effb5395e224dac893100608505974558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:48 GMT
Via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244018
X-Powered-By: Express
RequestId: ac9f5f35-1d09-4dd3-8502-1fbb2f40f8dc
ETag: W/"38aad-M9I+vP1PvV7GGGrgZbwjyI0OdCE"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 232109
X-Amz-Cf-Id: Zj4TQ6EW_HyA6OjSZybSQmqpzOKyrkboG5Ov0aRwDNEeRP5pzqzSYA==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,160x180/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/3cb32d52-1341-4c59-acbd-286787aa3fba~110/ 25 KB
25 KB 624ms
519ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,160x180/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/3cb32d52-1341-4c59-acbd-286787aa3fba~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 7c6915dedd062027239a6b8ed2eaf516c8ca9dd5a629454ce48749fef48e2680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: e4f23941-2ddf-4720-8f51-c16c4790a254
ETag: W/"622e-HBbHX+miOq42OnLAEiccBKTYXqk"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 25134
X-Amz-Cf-Id: 9W0hiWVdltjwL0Yh7sihUMqlipj4xSW6O5m3Vr1mar_BppHg14kujQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/196,91,764x431/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/f2a28470-fb1b-4cd0-8837-b2f020c084a7~110/ 103 KB
103 KB 1668ms
1474ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/196,91,764x431/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/f2a28470-fb1b-4cd0-8837-b2f020c084a7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: dc54eac76fff02e497b37e491707939eaf8c563453416d51def68a12e2f967b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 21405d67-dc60-4608-81fa-fe5ecf19ba79
ETag: W/"19b32-DkcO7is0n5mYpz/naaOOoF2oLyg"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 105266
X-Amz-Cf-Id: WLrkDWhnAeuUC7CD26M33g_S4fJ5R2fVDZRPptTvU2q4QBREE0qU8Q==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,215x231/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/6ea95701-6c4a-452a-8a53-53bed7f6c42f~110/ 95 KB
96 KB 798ms
554ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,215x231/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/6ea95701-6c4a-452a-8a53-53bed7f6c42f~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 7165775174c19b305a4b3f90e9e1b0a95689d604dc0db6f57dce58b9c53fcd11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 00ce69aa-c4b4-4087-b59b-246a876557c8
ETag: W/"17ce9-QoWsHNUDm7W11Yccv7rEr6izfIw"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 97513
X-Amz-Cf-Id: TUaRhLvr60PO_7QkGlLOqUbz_vqOn3_FOx3w-uoLktwRwiPy-AXHZw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,6,709x940/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/4e861161-c3b2-4324-8512-dde6a4c798f7~110/ 104 KB
105 KB 23ms
23ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,6,709x940/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/4e861161-c3b2-4324-8512-dde6a4c798f7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 00d1582c19c260d3a88b50c397cba500359517fcf82f7047f622c62facade44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:46 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244021
X-Powered-By: Express
RequestId: db42be6e-936f-452e-a8af-76ca299ed7e5
ETag: W/"1a12c-BYnEH9HktzxOAkcUwmfux7D8zIk"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 106796
X-Amz-Cf-Id: WJqiy7sUOxt4PUzWHyqTfEYEf-M_w76SIxxio_YkwvTQ5cyc4hmfkg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,202x102/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/b0f0a641-15a3-4a05-a460-ff0212ff4f9d~110/ 55 KB
55 KB 31ms
31ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,202x102/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/b0f0a641-15a3-4a05-a460-ff0212ff4f9d~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 5e10bfec998e58eb4a97333da873256a04b4594d521a720d8fa405cff317f922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 26 Jan 2023 14:50:30 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 459957
X-Powered-By: Express
RequestId: f3802c7f-f7c5-4507-85a7-b152e386e805
ETag: W/"dab1-CUVFixdnacK8Jcz6/ODC3Fw8B+4"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 55985
X-Amz-Cf-Id: m4T5NM_OVb9ZHx_Ri87VFUwa0jUFjjymEAclu3OhYU65xtGy8qxYKw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,100x100/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/fbe6fca4-82d2-4385-8b97-b4fe263ca26b~110/ 3 KB
3 KB 427ms
426ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,100x100/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/fbe6fca4-82d2-4385-8b97-b4fe263ca26b~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 0b4d1fa9c8bac10cd9cac65aa18c2d8b1daddbbe9306460d572fcc880ac109c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 0d76a196-93a2-4238-b32c-32e2e0bf83e3
ETag: W/"a81-19PsPQ0ImUqtzmFrivMbG1AbfhQ"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 2689
X-Amz-Cf-Id: CVkWJGBq-M8ohFb8FpER5zDMBKFBgMSM_pwdG-2jEYwBm3bIZkTicQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,136x132/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/9ad672b1-6f63-4a74-b926-15dab33205d7~110/ 43 KB
44 KB 644ms
643ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,136x132/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/9ad672b1-6f63-4a74-b926-15dab33205d7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 0299a377a2102e764c10e8681a65c63633c77b829d81ce9628270bccf473972b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: c6d24f8b-31c1-4955-a626-47b5724171ba
ETag: W/"ac79-xaYizPU+M60heEcoNG+LpTxZGGw"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 44153
X-Amz-Cf-Id: oeMJb55RBMxGg9Aakslbbyb_pJsb0Q2BxSZOxyoOg6MolcasnIUIGQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,136x136/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/1a2b3d0a-bb0c-4534-add3-b9da0383b7e4~110/ 10 KB
10 KB 377ms
377ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,136x136/maxWidth/1000/https://uploads.documents.cimpress.io/v1/uploads/1a2b3d0a-bb0c-4534-add3-b9da0383b7e4~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: a5acb5f245b943593a9d4ae83aa335aa4b742fe54fa0c4db853cf6621f96015e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 590a0722-40be-4ef3-a3b3-569894b8b9db
ETag: W/"273c-VaC2/DnGXciWHZs8G6EPub4CRKU"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 10044
X-Amz-Cf-Id: kFFVThfQvYcLKvH8Cs9k9MpDaC0PN7mfUMXE_KV8HVLGDMqB6ZPSbw==

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
974 B 137ms
31ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 484616
cf-polished: origSize=1803
etag: W/"70b-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 7925ed1c0a61bbad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 26 Jan 2023 12:59:30 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 109ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rrfec.com/
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2262246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNinhxVNiVtFV9JIB5Fgtkd5TlXYLi23Pd45w1%2F5%2FjnQdu%2BhE1QTkF4ZZ6vs54ZU2yist%2BhShQly681JTMnM7%2FgPql7QzyV8NfaWZLk0iYEB5bdW3XJy1hNZz7dXJsLnzjUeTcJutBBhIKfwtdiGekU4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7925ed1be9912c18-FRA
expires: Sun, 21 Jan 2024 22:36:26 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 212ms
203ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.rrfec.com&t=xo&v=5.0.350&source=payments_sdk&mrid=rainbowridgefarm@verizon.net&client_id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=rainbowridgefarm%40verizon.net&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aXdDu9iZ3LZIL4qXmGmeMlOV08go36j2ZqdjQD278AKYIsNW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aXdDu9iZ3LZIL4qXmGmeMlOV08go36j2ZqdjQD278AKYIsNW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 22:36:26 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
paypal-debug-id: f8967638954f5
server-timing: "traceparent;desc="00-0000000000000000000f8967638954f5-4fbf74cab939b16f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220041-HHN
traceparent: 00-0000000000000000000f8967638954f5-1feab7bb1db4f3d8-01
x-timer: S1675204587.792780,VS0,VE184
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/194,0,2306x8972/maxWidth/2000/https://uploads.documents.cimpress.io/v1/uploads/c2a4262c-8a51-4d43-87ff-0b6f680d3bfc~110/ 1 MB
1 MB 55ms
24ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/194,0,2306x8972/maxWidth/2000/https://uploads.documents.cimpress.io/v1/uploads/c2a4262c-8a51-4d43-87ff-0b6f680d3bfc~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 7dc56536c21dde0b5566665f8392b6858dd20a183d9a2fa2186b63e199f1daaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 18:45:39 GMT
Via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1137047
X-Powered-By: Express
RequestId: 22020cf4-f87a-4c14-adea-e98442b6b5c4
ETag: W/"145a34-f+SEz0CndhupHuOXB0dgzSUtjVM"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1333812
X-Amz-Cf-Id: yrMVlb3leyZtfHWh0Kql5N9oCJPfwO_-BI5JFTmAVB2DoC8I92Hgcw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,768,1080x421/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/1e72f134-6b93-49a0-bb5a-07e897e50ce8~110/ 124 KB
125 KB 779ms
747ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,768,1080x421/maxWidth/2000/progressive/https://uploads.documents.cimpress.io/v1/uploads/1e72f134-6b93-49a0-bb5a-07e897e50ce8~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 770301df65d9d4be355d847388c25f3cf95ba4b4e5a567472e395d952fc52b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 0b205947-b450-4391-b705-46425310369d
ETag: W/"1f115-Nm7SC114ZK0YelPYd14jcwLh/1M"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 127253
X-Amz-Cf-Id: pS8mr0iU0tiscOCc5jvb3UBgpTxEDNYYoopB0LRXoOFnKzUNZNy7QA==

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.digital.vistaprint.io/gstatic/s/cabin/v26/ 25 KB
26 KB 574ms
350ms Font
font/woff2 3.216.32.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/gstatic/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.digital.vistaprint.io
URL: https://fonts.digital.vistaprint.io/css?family=Cabin%3A100%2C400%2C700%7CSource%20Sans%20Pro%3A100%2C400%2C700

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.32.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-32-164.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.digital.vistaprint.io/css?family=Cabin%3A100%2C400%2C700%7CSource%20Sans%20Pro%3A100%2C400%2C700
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
x-content-type-options: nosniff
age: 419415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: nginx/1.15.6
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 02:06:12 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 84ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d064b323522a329601e4833c3eb0e5553c8ef3bbe20bdce15817ef94c66e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 22:36:26 GMT
content-md5: uqKAkDShciKFrmMgvwTWCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 5vY3R2jwVRLg+i/6XQ9hGug3PwvsT331MmAcVP3MghQ6YiP+yHw0Dft5a7lHvH2JNcbIfb4wjpM2VKl2ODqdaA==
x-fb-trip-id: 1679558926
x-fb-content-md5: c8bcb1ac9cc028452c1560d17c6a83e7
cross-origin-opener-policy: same-origin-allow-popups
etag: "3de2b73e73d0d9e5c94b67d2749fd255"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=1,i
expires: Tue, 31 Jan 2023 22:48:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 183ms
21ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Content-Encoding: gzip
Age: 1085
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6731)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 94ms
30ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:26 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7925ed1c8b38bba4-FRA

GET
H2 200 If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.digital.vistaprint.io/gstatic/s/dancingscript/v24/ 41 KB
42 KB 428ms
239ms Font
font/woff2 3.216.32.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.digital.vistaprint.io/gstatic/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Requested by

Host: fonts.digital.vistaprint.io
URL: https://fonts.digital.vistaprint.io/css?family=Dancing%20Script%3A100%2C400%2C700

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.32.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-32-164.compute-1.amazonaws.com

Software

nginx/1.15.6 /

Resource Hash

44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.digital.vistaprint.io/css?family=Dancing%20Script%3A100%2C400%2C700
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
x-content-type-options: nosniff
age: 278044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42404
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:34:29 GMT
server: nginx/1.15.6
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 17:22:23 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 8A3D 388 KB
144 KB 376ms
375ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c33b33924675aadb7b0b4231df75b221a2cdf5984bd57cece73eae35aff002b1

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 22:36:27 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"60f03-/hVOQ+WuOMR/G8Ixe8s9nCjUPms"
p3p: true
paypal-debug-id: f89676305c742
server-timing: "traceparent;desc="00-0000000000000000000f89676305c742-e1a1cb69ee2dd147-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f89676305c742-8bb7a0f58bd563d7-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220041-HHN
x-timer: S1675204587.040129,VS0,VE355
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
908 B 80ms
29ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/.js/?cacheId=1674875940226&locale=de-DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14878725a9e4216a910d02d91c636887b3b552affd59a998816940c20a03ad13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 22:36:27 GMT

GET
DATA 200
OK truncated
/ Frame 7CC6 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7CC6 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1005 B
2 KB 235ms
234ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38ed5fa25f3e6a7219529053790d281cbd316e1c3f5162da04efdeffb16dd958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.rrfec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f896763d70ad0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220039-HHN
traceparent: 00-0000000000000000000f896763d70ad0-3499196f56c7e264-01
x-timer: S1675204587.302436,VS0,VE211
etag: W/W/"3ed-H6KHr5992dQhEze0IF4RQrh1254"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rrfec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 249ms
206ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.rrfec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.rrfec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 31 Jan 2023 22:36:27 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f896763043872
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f896763043872-1854e7ffc0bf533c-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220039-HHN
x-timer: S1675204587.092589,VS0,VE185

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
114 B 359ms
115ms Image
text/plain 3.214.141.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=2685559571&pageId=2685271044&pageTitle=Home&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Fwww.rrfec.com%2F&visitorId=20022436
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.141.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-141-241.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Tue, 31 Jan 2023 22:36:27 GMT
x-powered-by: Express
content-type: text/plain

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/rotate/90/crop/0,0,2988x4065/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/1b9fcdc9-d8ee-4b81-ad59-1987e0c44566~110/ 813 B
1 KB 22ms
22ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/rotate/90/crop/0,0,2988x4065/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/1b9fcdc9-d8ee-4b81-ad59-1987e0c44566~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 806e4122a730608917113cfe3cd9c17af945b30f3ea5ad4380862c6af81552fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:48 GMT
Via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244019
X-Powered-By: Express
RequestId: 01603a12-7a53-4ed5-b35a-6f3938f4210d
ETag: W/"32d-byrA4RyaCkDWBakcNBzSMg1ZG+4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 813
X-Amz-Cf-Id: NxJ8ni6uFrpMz-ZccVhgX7D4T1SfzpATGOaUf75T6JkSRn4Z38ElZw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,160x180/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/3cb32d52-1341-4c59-acbd-286787aa3fba~110/ 988 B
1 KB 301ms
301ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,160x180/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/3cb32d52-1341-4c59-acbd-286787aa3fba~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: b9bb328d782119f5e45faa893ee42a830bfedb64e82bcb1b08a2a4e39d3f867a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 871c44c2-19cc-4b85-8f45-061e7e5cefb5
ETag: W/"3dc-sAG1NhBsMIstd5eQoXBkxqH7d98"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 988
X-Amz-Cf-Id: rrvvP4HDRQ5qncV1SMptDjBi7GKcIrBi7x27iyZJqYiDxX39sFCxfg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/196,91,764x431/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/f2a28470-fb1b-4cd0-8837-b2f020c084a7~110/ 601 B
1 KB 419ms
419ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/196,91,764x431/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/f2a28470-fb1b-4cd0-8837-b2f020c084a7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: de1b397a49b2b66ecdbd9c613040414e891275020840bc04686cc648eaed7245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: cd183c82-6c71-4241-847e-067c13ab453e
ETag: W/"259-G9GwhV7iKQzZ9j+a8BujKURhQ70"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 601
X-Amz-Cf-Id: l6FjHfX1b7LjF6xJcyVX7TBtRLbJX5SXNGLSK42WZBrZKbHoNzeRYw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,215x231/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/6ea95701-6c4a-452a-8a53-53bed7f6c42f~110/ 1 KB
2 KB 22ms
22ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,215x231/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/6ea95701-6c4a-452a-8a53-53bed7f6c42f~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: a6563c9391283a2ffaf2d19f7615ba5e4e48dea83eac9eb23d18893982149b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 18:45:37 GMT
Via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1137050
X-Powered-By: Express
RequestId: 8e7bdb62-eed9-4546-aff9-18c4c20b904e
ETag: W/"5ce-hAuFnkvSqb1UehKbI5SAfv+aXQQ"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1486
X-Amz-Cf-Id: BewpaJeMHF-KTMNh3oFJK87hV0AAPh1QDkg_MUPgjfUwkQwat-2Wxg==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,6,709x940/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/4e861161-c3b2-4324-8512-dde6a4c798f7~110/ 932 B
1 KB 21ms
21ms Image
image/jpeg 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,6,709x940/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/4e861161-c3b2-4324-8512-dde6a4c798f7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: a5c7cd05ef3e7a1e46d631f2eabc26492dd2898f0a50beb3639265a8f16ef1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:48 GMT
Via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244019
X-Powered-By: Express
RequestId: 067bea52-6bef-42eb-99f3-5adbeb20a2ab
ETag: W/"3a4-eYBBP0n+8pXkrnFMkcDJMEd5Hk8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 932
X-Amz-Cf-Id: yodol6FAhy05T5gYTkBgOehzLAA2KwFzdwDR_suV_YLlb0eOT8WXRw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,202x102/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/b0f0a641-15a3-4a05-a460-ff0212ff4f9d~110/ 758 B
1 KB 363ms
362ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,202x102/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/b0f0a641-15a3-4a05-a460-ff0212ff4f9d~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 5c54a5609ead15192343b8042ce13cdeba912b2e3241229b3b95928a1e9641de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: b9a6bb9d-b025-4973-bcc6-9284eeb4de71
ETag: W/"2f6-Etail9n17pWNjntVMorDJAjLjo0"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 758
X-Amz-Cf-Id: lPdZncnFFsa6RDsx8KSZxlU9U3Zv6cOHQ-hhNv7sG2wkB_annXF8aw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,100x100/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/fbe6fca4-82d2-4385-8b97-b4fe263ca26b~110/ 515 B
1 KB 23ms
23ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,100x100/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/fbe6fca4-82d2-4385-8b97-b4fe263ca26b~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: c0e2c66e6b4046480acf4548df183a05fda1f5e8b9b211bcc3f18b279975add2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:48 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244019
X-Powered-By: Express
RequestId: 78f89a89-8d59-4b93-9705-92e31d3f28c4
ETag: W/"203-hFLooai1m43tG6fkue3hdzQpyrI"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 515
X-Amz-Cf-Id: QetKMdNE6AZ_gNib1wdVlY-6RMj69yk6WHEWT5J2B2nGA8vOSyZCOw==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,136x132/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/9ad672b1-6f63-4a74-b926-15dab33205d7~110/ 1 KB
2 KB 447ms
447ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,136x132/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/9ad672b1-6f63-4a74-b926-15dab33205d7~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: d6f2f6f1d6888ccf868967a3fb08427523ff3f844d8d14c39b7ed7380b108ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
X-Powered-By: Express
RequestId: 507f170c-44f3-42ee-9e2e-ff710cd7a8b1
ETag: W/"548-7bA9Ic0G1BspOB1uVVwyhSxmKPA"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1352
X-Amz-Cf-Id: RhqhGfAP76ifEuozzg2Fe2LNvzbcsCf4EacarJ6QLEaBV53X03uprQ==

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,136x136/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/1a2b3d0a-bb0c-4534-add3-b9da0383b7e4~110/ 995 B
1 KB 22ms
22ms Image
image/png 52.222.236.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,136x136/maxWidth/20/https://uploads.documents.cimpress.io/v1/uploads/1a2b3d0a-bb0c-4534-add3-b9da0383b7e4~110/original?tenant=vbu-digital
Requested by: Host: www.rrfec.com
URL: https://www.rrfec.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-2.fra56.r.cloudfront.net
Software: / Express
Resource Hash: fc82629058d953be75c46d880b47aa8cd6734ad004535d9d3a95a29f6d612343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 17 Jan 2023 13:02:48 GMT
Via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P4
Age: 1244020
X-Powered-By: Express
RequestId: 1870f1c4-6a12-4f4e-88ab-8cbafd4e2d6d
ETag: W/"3e3-DssXMGRkvJsYH9Q/3hHGdONvi6U"
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 995
X-Amz-Cf-Id: 5ULOe4YuQguSM2_rnfabMsHGGTSzCsn0EJ7axAh6zcz0-TJAt4iN-g==

GET
H3 200 sdk.js Show response
connect.facebook.net/de_DE/ 306 KB
86 KB 53ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=7b9309a932fc18924dd0c7f22a19e6b3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d970350c62ca00c5c827fba2842537da22da36b1b4d19e3ceffa5583917effd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rrfec.com/
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 22:36:27 GMT
content-md5: fN9zfJzoYzTvNj/Ds24CkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88513
x-fb-rlafr: 0
x-fb-debug: T/k0iSWA3x4/4HJqLbPawD5KGG+zhsPRF5CAEGWPHw+FjhuWm6KaYCq28V9Rpk11FIhzAwvj3//cW6TMPdlv2A==
x-fb-content-md5: e47829b8d310865660e76afc7d410bff
cross-origin-opener-policy: same-origin-allow-popups
etag: "569ca5066551b6cb7df03ec70a889b3f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 31 Jan 2024 21:16:07 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 2657 677 B
564 B 36ms
35ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1038129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7925ed1e7e21bba4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 22:36:27 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 295ms
267ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rrfec.com/
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7925ed1e2d8c9b4b-FRA

GET
H2 200 ts
t.paypal.com/ 42 B
815 B 312ms
177ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Home&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1675204587190&g=0&completeurl=https%3A%2F%2Fwww.rrfec.com%2F&ru=https%3A%2F%2Frrfec.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 31 Jan 2023 22:36:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 900849c9f8f88
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220061-HHN
pragma: no-cache
traceparent: 00-0000000000000000000900849c9f8f88-e5860c9a810115e5-01
x-timer: S1675204587.337370,VS0,VE157
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Jan 2023 22:36:27 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 1137 320 KB
104 KB 22ms
21ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rrfec.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 607987
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 22:36:27 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6794)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ 405 KB
405 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rrfec.com/
Origin: https://www.rrfec.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 16:56:34 GMT
x-content-type-options: nosniff
age: 20393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414365
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 16:56:34 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1137 919 B
647 B 300ms
131ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e717269db30a9e1bb3209f048849ed59d229362f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.rrfec.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 31 Jan 2023 22:36:27 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 31 Jan 2023 22:36:27 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6420a43af9fdd8a5
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: adc918c4e398b83a40a210f55262a2782f50beb6073bbf8e3c022063eb21eb54
content-length: 326

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 24B3 42 KB
22 KB 41ms
41ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly93d3cucnJmZWMuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=siar4xyrxtgm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c59f916710f36f55985e9ef24c568a3558bdf2588597faca0b55425f7e4d0815

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mmeq2wEQVmpufcqWNE6Spw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22541
content-security-policy: script-src 'report-sample' 'nonce-mmeq2wEQVmpufcqWNE6Spw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 22:36:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8A3D 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 24B3 55 KB
24 KB 68ms
23ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly93d3cucnJmZWMuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=siar4xyrxtgm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 16:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 16:56:35 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 24B3 405 KB
405 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 16:56:34 GMT
x-content-type-options: nosniff
age: 20393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414365
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 16:56:34 GMT

GET
DATA 200
OK truncated
/ Frame 8A3D 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 8A3D 314 KB
93 KB 23ms
22ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24f501aa99508179dd256a16d6a43cfa5178d6653c9fd41198c42013dc8a6c61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-rGYW/JewrI4gGq82JuFxA4lpU0jRsY0/rNXkio1FPbN94Jq5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 22:36:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: f17911621d532
server-timing: "traceparent;desc="00-0000000000000000000f17911621d532-ab43793cd36f86d5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 94480
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220041-HHN
traceparent: 00-0000000000000000000f17911621d532-a9f43b4f9b32a1cb-01
x-timer: S1675204588.554633,VS0,VE1
etag: W/"17110-lNrT6QRcsIB2OPGsOErazOWu1hU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 21ms
20ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:27 GMT
Content-Encoding: gzip
Age: 607988
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/6731)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 24B3 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:40:39 GMT
x-content-type-options: nosniff
age: 75348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:40:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24B3 15 KB
16 KB 125ms
34ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:18:51 GMT
x-content-type-options: nosniff
age: 119856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:18:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24B3 15 KB
15 KB 133ms
43ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 03:11:30 GMT
x-content-type-options: nosniff
age: 415497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 03:11:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 24B3 102 B
134 B 30ms
30ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekvqsUAAAAAGpMf4hg4vOGdREt7tRI54O9FI2j&co=aHR0cHM6Ly93d3cucnJmZWMuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=siar4xyrxtgm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 22:36:27 GMT

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame 4B2D 37 KB
14 KB 21ms
21ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 607987
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Jan 2023 22:36:27 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6731)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 131ms
130ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Frrfec.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1675204587705%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e717269db30a9e1bb3209f048849ed59d229362f

Requested by

Host: www.rrfec.com
URL: https://www.rrfec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rrfec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 31 Jan 2023 22:36:27 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 31 Jan 2023 22:36:27 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 1f95d0e24d9395a4
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: adc918c4e398b83a40a210f55262a2782f50beb6073bbf8e3c022063eb21eb54
content-length: 43

GET
DATA 200
OK truncated
/ Frame 4B2D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8A3D 59 KB
21 KB 174ms
21ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 3949
x-cache: HIT
paypal-debug-id: 8884b9c3ac325
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000008884b9c3ac325-4962384274842d5b-01
etag: W/"63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Feb 2023 22:36:28 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 8A3D 1022 B
2 KB 288ms
287ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6be51f182577d403ade0e65bed47f175f16580602ad15c79d9f4070b9c0ef6c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:28 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f888515b4d1f0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220041-HHN
traceparent: 00-0000000000000000000f888515b4d1f0-162fe35ab784b81a-01
x-timer: S1675204588.293536,VS0,VE266
etag: W/W/"3fe-Dz2WhduNrr0OTb+nN900KZpO3bI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame CDB2 160 B
1 KB 182ms
181ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA7) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: b2504fc973ded
date: Tue, 31 Jan 2023 22:36:28 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: b2504fc973ded
server: ECAcc (frc/4CA7)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000b2504fc973ded-fe719fbff8f31ac1-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 26C5
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS

42 B
299 B

188ms
55ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 22:36:28 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS
Date: Tue, 31 Jan 2023 22:36:28 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame CDB2 59 KB
20 KB 23ms
23ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 3949
x-cache: HIT
paypal-debug-id: 8884b9c3ac325
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000008884b9c3ac325-4962384274842d5b-01
etag: W/"63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Feb 2023 22:36:28 GMT

GET
H2 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 261D 0
3 KB 115ms
55ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc4652aa46af4%26domain%3Dwww.rrfec.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rrfec.com%252Ff2dd66258afbde4%26relation%3Dparent.parent&color_scheme=light&container_width=50&href=https%3A%2F%2Fwww.rrfec.com%2F&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=false&size=small&width=180

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=7b9309a932fc18924dd0c7f22a19e6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 Jan 2023 22:36:28 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 1QDmFFsU+YUA+GRzRH2i45ow80ozFpsjNqonA8AP4Q5SD+YMBo6XnZHSpr54kht2F8oy0tSujRqYDWP6OgxQlQ==
x-xss-protection: 0

GET
H2

200

/
www.facebook.com/login/ Frame 0105
Redirect Chain

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338a5170b52524%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

97ms
96ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df338a5170b52524%2526domain%253Dwww.rrfec.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.rrfec.com%25252Ff2dd66258afbde4%2526relation%253Dparent.parent%26container_width%3D62%26height%3D500%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTack-N-More-Country-Store-1147632792047716%252F%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26tabs%3Ddata-small-header%253D%2522false%2522%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=7b9309a932fc18924dd0c7f22a19e6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rrfec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 Jan 2023 22:36:28 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 2ggWCDl4d6yDNuGynMkLSBwvkS81jYomq8K+Cdn/VeUWU88WIqNM+WlyILeFwmyB1WPIwgNgfiYQ6gskI6FxqA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 31 Jan 2023 22:36:28 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df338a5170b52524%2526domain%253Dwww.rrfec.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.rrfec.com%25252Ff2dd66258afbde4%2526relation%253Dparent.parent%26container_width%3D62%26height%3D500%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTack-N-More-Country-Store-1147632792047716%252F%26locale%3Dde_DE%26sdk%3Djoey%26show_facepile%3Dfalse%26tabs%3Ddata-small-header%253D%2522false%2522%26width%3D300
origin-agent-cluster: ?0
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: ZT5VAzhQd5nk0//35aTm5QnFgzDmZadCraStaZinKWqNxqdbaWhnHb3kU+xeWkH6DOqwEZNbwJ+Jp2dRDMeIFw==
x-fb-rlafr: 0
x-xss-protection: 0

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame CDB2 125 B
759 B 187ms
187ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

7f84ac247862ce671f0186cd5f61959d1df87f9eb9be75c7d600c8b37c22137e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: dc867283f4e47
server: ECAcc (frc/4C86)
traceparent: 00-0000000000000000000dc867283f4e47-04d8f78ac9f453dc-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: dc867283f4e47
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame CDB2 0
120 B 180ms
179ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 517a998cd5975
server: ECAcc (frc/4C8D)
traceparent: 00-0000000000000000000517a998cd5975-c1c33e1cb79f1690-01
paypal-debug-id: 517a998cd5975
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame CDB2 0
375 B 324ms
225ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_7364085598_mji6mzy6mjy&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220047-HHN
date: Tue, 31 Jan 2023 22:36:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: d8a2e62bd2502
via: 1.1 varnish
traceparent: 00-0000000000000000000d8a2e62bd2502-b29d744890f10b57-01
x-timer: S1675204589.797229,VS0,VE204
x-cache: MISS
paypal-debug-id: d8a2e62bd2502
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 8A3D 1014 B
1 KB 199ms
199ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fac04804f3d2df7eee1e5bd6ca257dd8fc3f6bc064e4d72ec05b897cce31276b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9cmFpbmJvd3JpZGdlZmFybSU0MHZlcml6b24ubmV0JmN1cnJlbmN5PVVTRCZkaXNhYmxlLWZ1bmRpbmc9YmFuY29udGFjdCUyQ2JsaWslMkNlcHMlMkNnaXJvcGF5JTJDaWRlYWwlMkNtZXJjYWRvcGFnbyUyQ215YmFuayUyQ3AyNCUyQ3NlcGElMkNzb2ZvcnQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9scGxweGZpeXBoaWVpc3Npc3FwbmxycHJrc3ZmdmQifX0&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f3411378af24d&storageID=uid_921fe438be_mji6mzy6mjy&sessionID=uid_7364085598_mji6mzy6mjy&buttonSessionID=uid_69890775db_mji6mzy6mjy&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=rainbowridgefarm%40verizon.net&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:28 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f975083b1a360
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220041-HHN
traceparent: 00-0000000000000000000f975083b1a360-2a2bde344f5b3a06-01
x-timer: S1675204589.699974,VS0,VE179
etag: W/W/"3f6-ri/QYObKuTJqiy/hz68U1cYefB4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
2 KB 195ms
194ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd4081b991a9c0e8339c086d3d34af58f670d001c55fe04df19ce6f00224c05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.rrfec.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Tue, 31 Jan 2023 22:36:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f97508364ed28
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220039-HHN
traceparent: 00-0000000000000000000f97508364ed28-7831235985456a1b-01
x-timer: S1675204589.912973,VS0,VE172
etag: W/W/"3f6-C+Uy9B8udV35QR9gmQPQqtXi4lc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rrfec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 211ms
211ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.rrfec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.rrfec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 31 Jan 2023 22:36:28 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f975083acf3aa
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f975083acf3aa-dc7476e1ed3be5b8-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220039-HHN
x-timer: S1675204589.700257,VS0,VE189

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rrfec.com/	1970-01-20 09:21:30	Name: webs-stats-visitor-id Value: 20022436
.paypal.com/	1970-01-20 09:20:06	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 18:05:40	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 09:20:36	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 09:24:23	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-20 18:56:04	Name: sc_f Value: bxySF9SfnAlEAZ0Pz3ziCZEvV-h7D8kYyQy-xGfio1Rh8drGZOUip4-ikhJwfytlrxv8UcIqHjATI_YXby9GxDIzJk8HJEobYEeSLW
.paypal.com/	1970-01-20 18:56:04	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: qfESbCASQywCsCbFm0KmAriUCpvu7hGaNoVp2GSc20C6O5NA-dwarVkQ6BOCp3Mocyo-ZUY8mNVBwFpJ
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3NTIwNDU4ODgwNyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 18:56:04	Name: ts Value: vreXpYrS%3D1769898988%26vteXpYrS%3D1675206388%26vr%3D09f974ec1860ad045786641bfd779a4b%26vt%3D09f974ec1860ad045786641bfd779a4a%26vtyp%3Dnew
.paypal.com/	1970-01-20 18:56:04	Name: ts_c Value: vr%3D09f974ec1860ad045786641bfd779a4b%26vt%3D09f974ec1860ad045786641bfd779a4a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
connect.facebook.net
dub.stats.paypal.com
fonts.digital.vistaprint.io
fonts.gstatic.com
imageprocessor.digital.vistaprint.com
platform.twitter.com
static.addtoany.com
static.websimages.com
statscollector.digital.vistaprint.com
syndication.twitter.com
t.paypal.com
vp-digital-tower-etc.s3.amazonaws.com
www.facebook.com
www.google.com
www.gstatic.com
www.paypal.com
www.rrfec.com
104.244.42.136
151.101.129.35
151.101.193.21
192.229.221.25
2606:4700:10::6816:46c5
2606:4700::6811:190e
2606:4700::6811:c049
2606:4700::6811:c149
2606:4700::6812:d054
2a00:1450:4001:806::2003
2a00:1450:4001:812::2004
2a00:1450:400d:80a::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::291
3.214.141.241
3.216.32.164
3.5.7.192
52.222.236.2
64.4.245.84
93.184.220.66
00d1582c19c260d3a88b50c397cba500359517fcf82f7047f622c62facade44f
0299a377a2102e764c10e8681a65c63633c77b829d81ce9628270bccf473972b
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0b4d1fa9c8bac10cd9cac65aa18c2d8b1daddbbe9306460d572fcc880ac109c3
14878725a9e4216a910d02d91c636887b3b552affd59a998816940c20a03ad13
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
24f501aa99508179dd256a16d6a43cfa5178d6653c9fd41198c42013dc8a6c61
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
38ed5fa25f3e6a7219529053790d281cbd316e1c3f5162da04efdeffb16dd958
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42b09463c5d1f3721453da37235219faa6b4f570b8d09c55ac3cddf465f6c0f2
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c54a5609ead15192343b8042ce13cdeba912b2e3241229b3b95928a1e9641de
5e10bfec998e58eb4a97333da873256a04b4594d521a720d8fa405cff317f922
6332060fb3cf0c85071c5006e5c6a96effb5395e224dac893100608505974558
67d064b323522a329601e4833c3eb0e5553c8ef3bbe20bdce15817ef94c66e3c
6be51f182577d403ade0e65bed47f175f16580602ad15c79d9f4070b9c0ef6c5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e195482a5f10b2e67df4db9fc06e03d274d143020065442ce622c5540fb13a8
7165775174c19b305a4b3f90e9e1b0a95689d604dc0db6f57dce58b9c53fcd11
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
770301df65d9d4be355d847388c25f3cf95ba4b4e5a567472e395d952fc52b3d
7c6915dedd062027239a6b8ed2eaf516c8ca9dd5a629454ce48749fef48e2680
7dc56536c21dde0b5566665f8392b6858dd20a183d9a2fa2186b63e199f1daaf
7f84ac247862ce671f0186cd5f61959d1df87f9eb9be75c7d600c8b37c22137e
806e4122a730608917113cfe3cd9c17af945b30f3ea5ad4380862c6af81552fa
8eea12c8755bb94043c3d3dda0b5424efddf592901940490e100f5beceda685f
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
a5acb5f245b943593a9d4ae83aa335aa4b742fe54fa0c4db853cf6621f96015e
a5c7cd05ef3e7a1e46d631f2eabc26492dd2898f0a50beb3639265a8f16ef1f1
a6563c9391283a2ffaf2d19f7615ba5e4e48dea83eac9eb23d18893982149b4c
a7f0f6e01636e5a2ca9fec38c94bb70fe2b0e48a84f0f5d0470a43be51b51e0b
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b9bb328d782119f5e45faa893ee42a830bfedb64e82bcb1b08a2a4e39d3f867a
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0e2c66e6b4046480acf4548df183a05fda1f5e8b9b211bcc3f18b279975add2
c33b33924675aadb7b0b4231df75b221a2cdf5984bd57cece73eae35aff002b1
c3790411f7266914b4f1b6e03ec3f15d1444fa8b2ea4c0fc3ad3c5e8f22bad1e
c59f916710f36f55985e9ef24c568a3558bdf2588597faca0b55425f7e4d0815
cb17284df4f0ea5ffaf1f60f2dfbc36dcd2f38c3481e19cbc242778b6d140c04
cd4081b991a9c0e8339c086d3d34af58f670d001c55fe04df19ce6f00224c05a
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af
d6f2f6f1d6888ccf868967a3fb08427523ff3f844d8d14c39b7ed7380b108ba2
d970350c62ca00c5c827fba2842537da22da36b1b4d19e3ceffa5583917effd9
dc54eac76fff02e497b37e491707939eaf8c563453416d51def68a12e2f967b1
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
de1b397a49b2b66ecdbd9c613040414e891275020840bc04686cc648eaed7245
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7884735200e95b544a1673b09227f7b393fec6767e35e1ed6bd719279b8f8d5
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
fac04804f3d2df7eee1e5bd6ca257dd8fc3f6bc064e4d72ec05b897cce31276b
fc82629058d953be75c46d880b47aa8cd6734ad004535d9d3a95a29f6d612343

www.rrfec.com Open in urlscan Pro 2606:4700::6811:c149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

52 %IPv6

13 Domains

21 Subdomains

21 IPs

4 Countries

4113 kBTransfer

6186 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rrfec.com Open in urlscan Pro
2606:4700::6811:c149 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

52 %
IPv6

13
Domains

21
Subdomains

21
IPs

4
Countries

4113 kB
Transfer

6186 kB
Size

10
Cookies

73 HTTP transactions
5 data transactions