myflufel.com Open in urlscan Pro
63.141.128.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://myflufel.com/
Effective URL:
https://myflufel.com/
Submission: On December 22 via api (December 22nd 2023, 2:21:14 am UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 55 HTTP transactions. The main IP is 63.141.128.23, located in United States and belongs to BIGCOMMERCE, US. The main domain is myflufel.com.
TLS certificate: Issued by Encryption Everywhere G3 TLS ECC P384... on November 7th 2023. Valid for: a year.

This is the only time myflufel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	63.141.128.23 63.141.128.23	399566 (BIGCOMMERCE) (BIGCOMMERCE)
14	192.200.160.253 192.200.160.253	399566 (BIGCOMMERCE) (BIGCOMMERCE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
3	37.48.87.182 37.48.87.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.159.167.32 18.159.167.32	16509 (AMAZON-02) (AMAZON-02)
2	34.111.131.117 34.111.131.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
55	14

2 63.141.128.23 (United States) 1 redirects

ASN399566 (BIGCOMMERCE, US)

myflufel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.200.160.253 (United States)

ASN399566 (BIGCOMMERCE, US)

cdn11.bigcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkout-sdk.bigcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.48.87.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wncud.rdtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.167.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-167-32.eu-central-1.compute.amazonaws.com

ecomappbcom.redtrack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.131.111.34.bc.googleusercontent.com

bes.gcp.data.bigcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bigcommerce.com cdn11.bigcommerce.com — Cisco Umbrella Rank: 9565 checkout-sdk.bigcommerce.com — Cisco Umbrella Rank: 14826 bes.gcp.data.bigcommerce.com — Cisco Umbrella Rank: 13577	17 MB
14	paypal.com www.paypal.com — Cisco Umbrella Rank: 2085 t.paypal.com — Cisco Umbrella Rank: 2568	373 KB
10	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 2510 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3203 fast.a.klaviyo.com — Cisco Umbrella Rank: 3266 static-forms.klaviyo.com — Cisco Umbrella Rank: 2976	69 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	61 KB
3	rdtk.io wncud.rdtk.io	6 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	myflufel.com 1 redirects myflufel.com	17 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	2 KB
1	redtrack.io ecomappbcom.redtrack.io	6 KB
55	10

	Domain	Requested by
13	cdn11.bigcommerce.com	myflufel.com cdn11.bigcommerce.com
12	www.paypal.com	unpkg.com www.paypal.com www.paypalobjects.com cdn11.bigcommerce.com
6	static.klaviyo.com	myflufel.com static.klaviyo.com
4	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	wncud.rdtk.io	myflufel.com cdn11.bigcommerce.com
2	t.paypal.com	myflufel.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	bes.gcp.data.bigcommerce.com	myflufel.com
2	fonts.googleapis.com	client
2	myflufel.com	1 redirects
1	static-forms.klaviyo.com	cdn11.bigcommerce.com
1	fast.a.klaviyo.com	cdn11.bigcommerce.com
1	unpkg.com	myflufel.com
1	ecomappbcom.redtrack.io	myflufel.com
1	checkout-sdk.bigcommerce.com	myflufel.com
55	16

This site contains no links.

Subject Issuer	Validity	Valid
myflufel.com Encryption Everywhere G3 TLS ECC P384 SHA384 2023 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.bigcommerce.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-03-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.klaviyo.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.rdtk.io GoGetSSL RSA DV CA	`2023-07-19` - `2024-07-19`	a year	crt.sh
*.redtrack.io GoGetSSL RSA DV CA	`2023-08-15` - `2024-08-15`	a year	crt.sh
bes.gcp.data.bigcommerce.com GTS CA 1D4	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
static-tracking.klaviyo.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
fast.a.klaviyo.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
static-forms.klaviyo.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://myflufel.com/
Frame ID: 67B5FBC6593A5E1C3CD44AEBAD89F740
Requests: 41 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zthtvnhoquyvhhzismaignhiqewrfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&version=1.53.0&integrationType=SDK
Frame ID: 1F7C8776AD9458A22CC8678E1A984075
Requests: 4 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 5956379AF4CA2C2AB326CC79AB4776D8
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/message?merchant_id=KT2MZDBCQDBQE&channel=UPSTREAM&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22white%22%2C%22ratio%22%3A%228x1%22%7D&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&version=1.53.0&integrationType=SDK&deviceID=uid_04a75f261d_mdi6mje6mdg&sessionID=uid_71aecbdc0b_mdi6mje6mdg&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&message_request_id=uid_b8524ee5ba_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie
Frame ID: 3795B8A020BB617DA4D00ED3F16396AB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

myflufel

Page URL History Show full URLs

http://myflufel.com/ HTTP 301
https://myflufel.com/ Page URL

Detected technologies

BigCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<link href=[^>]+cdn\d+\.bigcommerce\.com/
cdn\d+\.bigcommerce\.com/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Page Statistics

55
Requests

98 %
HTTPS

23 %
IPv6

10
Domains

16
Subdomains

14
IPs

3
Countries

17658 kB
Transfer

19492 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myflufel.com/ HTTP 301
https://myflufel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
myflufel.com/
Redirect Chain

http://myflufel.com/
https://myflufel.com/

80 KB
17 KB

620ms
509ms

Document
text/html

63.141.128.23
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://myflufel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.141.128.23 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0565ef5860bf7a4edf39e93618a1a731fce69ecbf499c31a654ac86b4679365b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
bc-ray: 1
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8394e3afac6a4541-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 02:21:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://cdn11.bigcommerce.com/s-onzoppa7fe>; rel=preconnect; as=font; crossorigin=anonymous, <https://fonts.googleapis.com/>; rel=preconnect; as=font; crossorigin=anonymous, <https://fonts.gstatic.com/>; rel=preconnect; as=font; crossorigin=anonymous, <https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.head_async.js>; rel=preload; as=script, <https://fonts.googleapis.com/css?family=Montserrat:700,500,400%7CKarla:400&display=block>; rel=preload; as=style, <https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.font.js>; rel=preload; as=script, <https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/css/theme-14643840-5eed-013c-69cf-124bdf820426.css>; rel=preload; as=style, <https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.main.js>; rel=preload; as=script
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mjl%2FEyli5jfTZdGnBEM8A9b2YrO37ymcp%2B0OQ%2FxiMHxvvb2P8xz6EF2HkPikKfLRTIfsdccVtRsIIcwEAB9LwR2xrT29uQrnLLgxdfms7oojCqyqB4jkftGSPO8ZIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-request-id: 70c4e57de021447718ba090763c01d20

Redirect headers

BC-Ray: 1
CF-Cache-Status: DYNAMIC
CF-RAY: 8394e3adbe9f44fe-TXL
Connection: keep-alive
Content-Length: 96
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Dec 2023 02:21:05 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CoGg3WZo5ICXkjrd48iOnz29pEAGAzLReJpFXkzZ5RgeDw%2Fn2ZL9gbbNgbTy%2FYCzuP%2F8AtVyO7vK%2BncINljEPp4jrSEsyW3PM%2FDrSJuJAyG6nkB3xUBymjeBUiV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400
location: https://myflufel.com/
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-request-id: 071eaf9a3dfdc2c27b86c9015f1e23ff

GET
H2 200 theme-bundle.head_async.js Show response
cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/ 7 KB
3 KB 44ms
40ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.head_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5408c4c08b7665b48ebd37be8512ae1f377bced1c4dd007c8b53d504e9be9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bc-ray: 1
age: 2465613
alt-svc: h3=":443"; ma=86400
x-request-id: 968603385ddf31f1c42895ec4cabf43c
last-modified: Thu, 23 Nov 2023 00:16:33 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3b2da1e58e4-TXL

GET
H2 200 css
fonts.googleapis.com/ 6 KB
760 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700,500,400%7CKarla:400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46498886f181a90dfb9f587d67ca0b4eeafadeca4916e725e0265094ad89e990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 02:21:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 02:21:06 GMT

GET
H2 200 theme-bundle.font.js Show response
cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/ 12 KB
5 KB 71ms
70ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.font.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33490894d90cfa5ebc72aac63f27f265c6eda2597aeae4547f6a4bb471d1f195

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bc-ray: 1
age: 2245729
alt-svc: h3=":443"; ma=86400
x-request-id: 05ee94386daa17c4a26759f41a5b3de6
last-modified: Sat, 25 Nov 2023 08:19:20 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3b2da2158e4-TXL

GET
H2 200 theme-14643840-5eed-013c-69cf-124bdf820426.css
cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/css/ 147 KB
27 KB 71ms
69ms Stylesheet
text/css 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/css/theme-14643840-5eed-013c-69cf-124bdf820426.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7229fe0c59b4cad0247088f831abc41db0068f334490f1ea27b1e3f81f88bb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bc-ray: 1
age: 81944
alt-svc: h3=":443"; ma=86400
x-request-id: dc3651b0d60a569a14ae4668023ef79f
last-modified: Tue, 19 Dec 2023 22:50:59 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3b2da1d58e4-TXL

GET
H2 200 theme-bundle.main.js Show response
cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/ 284 KB
88 KB 71ms
70ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/dist/theme-bundle.main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ceab1d76f7b4af54e9ff84b80843207c97b7e217dd3bb26c9563372d533636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bc-ray: 1
age: 2384812
alt-svc: h3=":443"; ma=86400
x-request-id: 05597c14a8345f42ae51222aafd6f4f6
last-modified: Fri, 24 Nov 2023 06:02:23 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3b2da2358e4-TXL

GET
H2 200 loader.js Show response
checkout-sdk.bigcommerce.com/v1/ 88 KB
32 KB 67ms
49ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-sdk.bigcommerce.com/v1/loader.js
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 021d06e4ada299aa5f7cc4cc39c24f696a32b230e43a764df62c129bd45f9350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
content-encoding: br
cf-cache-status: HIT
bc-ray: 1
age: 20
x-guploader-uploadid: ABPtcPpCZGZS2uIN0KnzEWL63ctF6mgi31gcCwg5fS_XLU1Xxh0It3JG3W8Ub9qEjDMbSc1RD_D9EIxfyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 09:27:57 GMT
server: cloudflare
etag: W/"52613327406b7e3681722717c24da2f9"
vary: Accept-Encoding
x-goog-generation: 1703150877674768
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=HBec4Q==, md5=UmEzJ0BrfjaBcicXwk2i+Q==
access-control-expose-headers: *
cache-control: public, max-age=60
x-goog-stored-content-length: 90377
cf-ray: 8394e3b38b5558e4-TXL
expires: Fri, 22 Dec 2023 02:22:06 GMT

GET
H3 200 consent-manager-config-b7e506e311fc3d0837884c9e76dd5851852a6317.js Show response
cdn11.bigcommerce.com/shared/js/storefront/ 5 KB
2 KB 286ms
285ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn11.bigcommerce.com/shared/js/storefront/consent-manager-config-b7e506e311fc3d0837884c9e76dd5851852a6317.js
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4936d17d9cecd6cb0353b87d0b4792f6c4ac9cb3cddad50c2b1934874820e493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
content-encoding: br
cf-cache-status: HIT
bc-ray: 1
age: 501761
alt-svc: h3=":443"; ma=86400
x-request-id: 9238567eb6917342d6aa7ec767ea9793
last-modified: Fri, 30 Jun 2023 17:34:05 GMT
server: cloudflare
etag: W/"649f120d-1484"
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 8394e3b36db64516-TXL
expires: Sat, 23 Dec 2023 01:12:47 GMT

GET
H3 200 consent-manager-08633fe15aba542118c03f6d45457262fa9fac88.js Show response
cdn11.bigcommerce.com/shared/js/storefront/ 203 KB
64 KB 287ms
285ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn11.bigcommerce.com/shared/js/storefront/consent-manager-08633fe15aba542118c03f6d45457262fa9fac88.js
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f9fd7740b4abd2f6f2fd380d95ead5c27c178b95640b50dbac737c2da037a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
content-encoding: br
cf-cache-status: HIT
bc-ray: 1
age: 594798
alt-svc: h3=":443"; ma=86400
x-request-id: e02c05aae92ddc8ed7e023bd30c4daab
last-modified: Mon, 14 Aug 2023 17:56:23 GMT
server: cloudflare
etag: W/"64da6ac7-32b10"
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 8394e3b36db74516-TXL
expires: Thu, 14 Dec 2023 02:12:09 GMT

GET
H2 200 img_7880_1684434584__71869.original.jpg
cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/250x100/ 4 KB
4 KB 40ms
39ms Image
image/jpeg 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/250x100/img_7880_1684434584__71869.original.jpg
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06f8eee2264c6f2b78c2a6a8accf2c4c9e51b46b76ddeb70fd258bf053593a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
cf-cache-status: HIT
x-bc-origin-cache: MISS
bc-ray: 1
age: 65767
cf-polished: origSize=4285
content-disposition: inline; filename="img_7880_1684434584__71869.original.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 4022
x-request-id: 9756840eb9f6bb37965445b4d1e169f7
cf-bgj: imgq:100,h2pri
last-modified: Thu, 21 Dec 2023 01:26:54 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556926, public
accept-ranges: bytes
cf-ray: 8394e3b2da2558e4-TXL
expires: Fri, 20 Dec 2024 07:15:40 GMT

GET
H2 200 img-9438.jpg
cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/ 2 MB
2 MB 41ms
40ms Image
image/jpeg 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/img-9438.jpg?t=1684786407
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d14d8e626a86854161c3eb1dd84d50f98888fb72dc64edea8746430f64467cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
cf-cache-status: HIT
x-bc-origin-cache: MISS
bc-ray: 1
age: 2465612
cf-polished: origSize=2734019
content-disposition: inline; filename="img-9438.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 2485451
x-request-id: 72a11c98f2511a9ea43306338044d466
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 09:02:54 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556926, public
accept-ranges: bytes
cf-ray: 8394e3b2da2758e4-TXL
expires: Fri, 22 Nov 2024 14:51:40 GMT

GET
H3 200 img-2897.jpg
cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/ 3 MB
3 MB 41ms
41ms Image
image/jpeg 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/img-2897.jpg?t=1684786939
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7925dcd24dca80d390b8317c3f90647d8fbfed3759a04987dfc57f0c063fa102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
cf-cache-status: HIT
x-bc-origin-cache: MISS
bc-ray: 1
age: 2465612
cf-polished: origSize=3571582
content-disposition: inline; filename="img-2897.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 3052316
x-request-id: f0f611f972ab8c16cb0aa45ac1dd1fdc
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 22:32:07 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556926, public
accept-ranges: bytes
cf-ray: 8394e3b32d734516-TXL
expires: Fri, 22 Nov 2024 04:20:53 GMT

GET
H3 200 img-95502.jpg
cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/ 2 MB
2 MB 245ms
244ms Image
image/jpeg 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/img-95502.jpg?t=1684679400
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f9fd75a0f9e96d76e05ede37c083ad9a7d6fc515b4a4ef26b3373a9fa95834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
cf-cache-status: HIT
x-bc-origin-cache: MISS
bc-ray: 1
age: 2465612
cf-polished: origSize=1968362
content-disposition: inline; filename="img-95502.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 1794543
x-request-id: ee78d7ab2fc3083cb0056c74d257125f
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 09:05:57 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556926, public
accept-ranges: bytes
cf-ray: 8394e3b36db44516-TXL
expires: Fri, 22 Nov 2024 14:54:43 GMT

GET
H3 200 csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js Show response
cdn11.bigcommerce.com/shared/js/ 3 KB
1 KB 286ms
285ms Script
application/javascript 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da92e70e49991edca181faf8672b951886052a6c2b1a6eee8fc59bb75b97991d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
content-encoding: br
cf-cache-status: HIT
bc-ray: 1
age: 86430
alt-svc: h3=":443"; ma=86400
x-request-id: 5d66869f85d5146b2f70f0316ef5175b
last-modified: Wed, 18 Oct 2023 16:32:05 GMT
server: cloudflare
etag: W/"65300885-a98"
access-control-max-age: 604800
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 8394e3b36db54516-TXL
expires: Sat, 23 Dec 2023 01:12:46 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 3 KB
2 KB 133ms
39ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec46068d31859ec759b7a227f19c02e96ad46c9ced0a7ad174ff11e2314d08f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:06 GMT
age: 15714
x-cache: HIT, HIT
content-length: 1093
x-served-by: cache-lga21933-LGA, cache-fra-etou8220106-FRA
server: nginx
x-timer: S1703211667.565255,VS0,VE1
etag: W/"feb37252347570bdef27803fcb2fead5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2, 1

GET
H/1.1 200
OK uniclick.js Show response
wncud.rdtk.io/ 5 KB
5 KB 140ms
41ms Script
text/plain 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wncud.rdtk.io/uniclick.js?attribution=firstclick&cookiedomain=myflufel.com&cookieduration=90&defaultcampaignid=654a79fa3394320001655241&regviewonce=false
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: c4a4ab7165325b2fe9ca480c4623f03fa1b8a3c7df79ea065f2ff3be4fa0bfa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 02:21:06 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK bc_events.js Show response
ecomappbcom.redtrack.io/js/scripts/ 5 KB
6 KB 195ms
40ms Script
application/javascript 18.159.167.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomappbcom.redtrack.io/js/scripts/bc_events.js?hostname=https://wncud.rdtk.io

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.167.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-167-32.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

fd66e4221994acd7bc7cdb7d7f9ba2ce995bc05723cf3e9bb0b720e47331f0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 02:21:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Dec 2022 10:50:12 GMT
Server: nginx/1.21.3
ETag: "639858e4-158a"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5514

OPTIONS
H2 200 nobot
bes.gcp.data.bigcommerce.com/ Frame 0
0 265ms
162ms Preflight
text/html 34.111.131.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bes.gcp.data.bigcommerce.com/nobot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.131.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myflufel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://myflufel.com
allow: POST, OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 02:21:06 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 0a3778661420cf107bf8c09d55990041

POST
H2 200 nobot Show response
bes.gcp.data.bigcommerce.com/ 7 B
95 B 172ms
171ms XHR
text/html 34.111.131.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bes.gcp.data.bigcommerce.com/nobot
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.131.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.131.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer: https://myflufel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://myflufel.com
x-cloud-trace-context: ac03b465f01ae450656321a6f149d854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,500,400%7CKarla:400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 16:03:03 GMT
x-content-type-options: nosniff
age: 296283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 16:03:03 GMT

GET
H2 200 paypal-js.min.js Show response
unpkg.com/@paypal/paypal-js@4.1.0/dist/iife/ 4 KB
2 KB 139ms
48ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.1.0/dist/iife/paypal-js.min.js

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0162e9e4e106f6e8f20c519be29388c8e04f4b6334910db7d3008b9f12778c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1881576
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFJSV2XMNSTDZNB7E1JP1P4-fra
server: cloudflare
etag: W/"e12-BtEQReQ4YZg0Ijx6tI4uPnHW4us"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3b408069c07-FRA

GET
H3 200 img-9237.jpg
cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/ 9 MB
9 MB 241ms
241ms Image
image/jpeg 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn11.bigcommerce.com/s-onzoppa7fe/images/stencil/original/image-manager/img-9237.jpg?t=1693823546
Requested by: Host: myflufel.com
URL: https://myflufel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27833c2d3e723926b655c802e312079f2a511e86ee3695844bef850e9d77524a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:06 GMT
x-bc-is-ha: 1
cf-cache-status: HIT
x-bc-origin-cache: MISS
bc-ray: 1
age: 2335806
cf-polished: origSize=10661057
content-disposition: inline; filename="img-9237.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 9896530
x-request-id: fbce835b5642b0e8d58f7dcdcca5e35a
cf-bgj: imgq:100,h2pri
last-modified: Fri, 24 Nov 2023 12:08:20 GMT
server: cloudflare
access-control-max-age: 604800
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556926, public
accept-ranges: bytes
cf-ray: 8394e3b3be034516-TXL
expires: Sat, 23 Nov 2024 17:57:05 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
fonts.gstatic.com/s/karla/v31/ 13 KB
13 KB 42ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,500,400%7CKarla:400&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:28:07 GMT
x-content-type-options: nosniff
age: 291179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13184
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:28:07 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 405 KB
113 KB 627ms
518ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?merchant-id=KT2MZDBCQDBQE&client-id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&components=messages,buttons

Requested by

Host: unpkg.com
URL: https://unpkg.com/@paypal/paypal-js@4.1.0/dist/iife/paypal-js.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31af15436476fab99e5005e4d08887774cf6601f0f3d8e39c3a5ec18bd09729b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f122602360099
server-timing: "traceparent;desc="00-0000000000000000000f122602360099-e5a78397f730eec3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 113497
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f122602360099-ffd10bddadac23bf-01
x-timer: S1703211667.293630,VS0,VE479
etag: W/"1bb59-SGRpg5dA5Fy4+J2Jk/FLcf2tK88"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 klaviyo.js
static.klaviyo.com/onsite/js/ 3 KB
1 KB 42ms
42ms Other
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec46068d31859ec759b7a227f19c02e96ad46c9ced0a7ad174ff11e2314d08f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
age: 15715
x-cache: HIT, HIT
content-length: 1093
x-served-by: cache-lga21933-LGA, cache-fra-etou8220106-FRA
server: nginx
x-timer: S1703211667.368557,VS0,VE0
etag: W/"feb37252347570bdef27803fcb2fead5"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2, 2

GET
H2 200 fender_analytics.89f34df06656c3dc9d28.js Show response
static-tracking.klaviyo.com/onsite/js/ 30 KB
12 KB 142ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: fPTrWbuKN.iZ3tb8Xlagsf4qSwkCTQLU
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: AS5JSHBQ4B2AEEV8
age: 15867
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11635
x-amz-id-2: 2ZH3/XjxHpno7wb3JtF2ui7PNyu9QnGqBSKPDdLlSsN3zknkexl5VV0Jc8UXyguhvFjY1LURqOs=
x-served-by: cache-lga13626-LGA, cache-fra-etou8220094-FRA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "bb49f17f755f19e389ff56fdf58385b4"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 56, 2999

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 147ms
44ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: AS5HKYSNDWHFWQPJ
age: 15867
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 985
x-amz-id-2: lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by: cache-lga21976-LGA, cache-fra-etou8220094-FRA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 16, 3023

GET
H2 200 runtime.2e08e3e31a9ec11f673e.js Show response
static.klaviyo.com/onsite/js/ 19 KB
9 KB 129ms
39ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.2e08e3e31a9ec11f673e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110bb708820773a533fea7d67b2f77f166eea282ff3e232e43d6b51639246bf9

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: xjB97PGdyC8s.ht7YIIDUAZY9OtUDxar
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: 4408SRA2NC7S83P9
age: 15867
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8198
x-amz-id-2: jAVPz4qOmlvmHMBe3hROEAxrkVTegp96nAnvbk1hbYFlLRtNuf5zZlvu0eS0wnbjez3mOhgfUwY=
x-served-by: cache-lga21938-LGA, cache-fra-etou8220077-FRA
last-modified: Thu, 21 Dec 2023 19:18:52 GMT
server: AmazonS3
etag: "05d65b6e3b653a171e73771269ddfcb4"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 99a5e66e2dfb67db1e013f35451c33054954338e
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 84, 3747

GET
H2 200 sharedUtils.da10108e6f39f7644d19.js Show response
static.klaviyo.com/onsite/js/ 43 KB
17 KB 129ms
40ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.da10108e6f39f7644d19.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18cc295c72cfd8e193f334cb5e4b92c1218c4c47d8491033e122e4180a1fd779

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: zc4cnJsBY5gB6.C6aOI0NKmjC2YepqNJ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: R3X0HF22A2Z87CPT
age: 15867
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 16821
x-amz-id-2: kJhf2uQY7bOUhAZAbF2QFxlNsWpMSi7sbUqljG9kE8DJrz3zjF0A3ebTRsLyT+1mDIkjMTsydIw=
x-served-by: cache-lga21953-LGA, cache-fra-etou8220077-FRA
last-modified: Mon, 04 Dec 2023 19:10:15 GMT
server: AmazonS3
etag: "b73582bdd32459d632f903645343eb36"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 6da6265fb26f5e487af8111f4379897d006b0073
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 0, 3484

GET
H2 200 vendors~signup_forms.f3ed4b7e48b30a32dcaa.js Show response
static.klaviyo.com/onsite/js/ 32 KB
11 KB 131ms
42ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.f3ed4b7e48b30a32dcaa.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ZhNogCIJONMuChXu.t4F7L2ie_KxJ_Pj
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: AS5SV8VJ00WB1284
age: 15867
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11079
x-amz-id-2: Qo2u7ig/nyEMbWTjaKheHni/MZNLcdgdUFOZhBDbmfj2nrlOnSROg5xiwH4XZH89GwLRYWH/kBE=
x-served-by: cache-lga21980-LGA, cache-fra-etou8220077-FRA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "6dbcc92ef0da9f2c90a94133f8337b36"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 7, 2488

GET
H2 200 signup_forms.53efed8fc3bc3affeaaf.js Show response
static.klaviyo.com/onsite/js/ 39 KB
13 KB 131ms
43ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.53efed8fc3bc3affeaaf.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Wq4ESE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77a8838e3b7d7419c7cf2384374cb01add21a311c9bee83960c652a6bbdf56ae

Request headers

Referer: https://myflufel.com/
Origin: https://myflufel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: YMA2z3EojO9hwVcFVNspp1UWd4Xry2ai
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:07 GMT
x-amz-request-id: 09Z66H3D5ATRDQ65
age: 15867
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12895
x-amz-id-2: GLDHn7IdmMR/UdH8egPkkybrK41OqeCD3Vqqf0Poe76Gd4iTccArM2oU+XyggQA8zHXePB0yfPI=
x-served-by: cache-lga21930-LGA, cache-fra-etou8220077-FRA
last-modified: Thu, 21 Dec 2023 18:06:28 GMT
server: AmazonS3
etag: "02c338986746ef92bf8baddfb640c7b6"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: ff6d064bbc8fea5f6d5e1119a80ab4bd6fca3714
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 21, 2796

GET
H/1.1 200
OK 654a79fa3394320001655241 Show response
wncud.rdtk.io/ 79 B
889 B 146ms
66ms XHR
application/json 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wncud.rdtk.io/654a79fa3394320001655241?format=json&referrer=&&sub19=undefined&sub20=undefined
Requested by: Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 7fd7a9e5e37dd9a36022fa87c65ac8f60b1d44be169fb1e5ec6cecafe68b50a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 02:21:07 GMT
Server: nginx/1.20.2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 79

GET
H/1.1 204
No Content view Show response
wncud.rdtk.io/ 0
306 B 266ms
265ms XHR
text/plain 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wncud.rdtk.io/view?clickid=6584f293ab858b00012f4403&referrer=
Requested by: Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Dec 2023 02:21:08 GMT
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H3 200 icon-sprite.svg Show response
cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/img/ 42 KB
17 KB 73ms
41ms XHR
image/svg+xml 192.200.160.253
BIGCOMMERCE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn11.bigcommerce.com/s-onzoppa7fe/stencil/13bdc380-5eed-013c-69cf-124bdf820426/e/5e75d750-5eed-013c-c374-0e81e68ff48a/img/icon-sprite.svg

Requested by

Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js

Protocol

Security

QUIC, , AES_128_GCM

Server

192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcf5eefb51aff8cf3f98d43c05737139af16fbb6e82ac39fc5c07673053396d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bc-ray: 1
age: 81933
alt-svc: h3=":443"; ma=86400
x-request-id: 0f8e84d27ee7c11aebff9f467b7179a3
last-modified: Wed, 20 Dec 2023 13:20:49 GMT
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8394e3bfdd72aca7-TXL

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 2 KB
981 B 134ms
39ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=Wq4ESE

Requested by

Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8b91dc3f0733433eeae07219617158e6e66c2dc7e379686a4aa96c818675276f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:08 GMT
strict-transport-security: max-age=900
age: 3270806
x-cache: HIT, HIT
content-length: 409
x-served-by: cache-bos4654-BOS, cache-fra-etou8220078-FRA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 2042, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/Wq4ESE/ 8 KB
3 KB 134ms
40ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/Wq4ESE/full-forms
Requested by: Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e72e9b984efa7695bdb247cf52d39284f172fd98c5859f44a0aea3d97133d6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: _4MyUJfADX_nvhqTYjhbRPFgo4AliLPX
content-encoding: gzip
via: 1.1 varnish
date: Fri, 22 Dec 2023 02:21:08 GMT
x-amz-request-id: HC9X79928VRPCCPX
age: 3270425
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/Wq4ESE custom-fonts/Wq4ESE
content-length: 2225
x-amz-id-2: Tw05BkHY6/WgPQpmQifg0THCOFdTznz9Rc/PjFwKYpSCj9hTvne9kiO/B2w6Tg6blVUJbijOXcI=
x-served-by: cache-fra-etou8220037-FRA
client-geo-country: DE
last-modified: Wed, 11 Oct 2023 15:51:14 GMT
server: AmazonS3
x-timer: S1703211669.534313,VS0,VE1
etag: "c414ca4aab4a81d2f8d2834508d2a977"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame 1F7C 5 KB
2 KB 44ms
43ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zthtvnhoquyvhhzismaignhiqewrfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&version=1.53.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?merchant-id=KT2MZDBCQDBQE&client-id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&components=messages,buttons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

273d19b2706004acbf6b07bcd431c2b23284f0b795ff12746a48fa12e274915c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myflufel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 15374
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1524
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 02:21:08 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-XwICdKYQJ0Fdp7Mer4dmLoo2cX0"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f2682201041a6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f2682201041a6-09f7ec8da09d0fad-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2682201041a6-ae91dc43652f36a7-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1812, 0
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
x-timer: S1703211669.547043,VS0,VE4
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 44ms
43ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=myflufel.com&t=xo&v=5.0.416&source=payments_sdk&mrid=KT2MZDBCQDBQE&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&comp=messages,buttons&disableSetCookie=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff77a8033e8a7731e5279de1a9079949bf135d06ec8c323ba874e7250aa6c42d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+NtVIia+2pDdd+mckxlbggcMK6y6YrDbc+xwidv/Y9vUUaJH' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-+NtVIia+2pDdd+mckxlbggcMK6y6YrDbc+xwidv/Y9vUUaJH' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:21:08 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 10721
x-cache: HIT, MISS
paypal-debug-id: f9350920a1400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4768
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9350920a1400-c168c4bb88e4c771-01
x-timer: S1703211669.565602,VS0,VE4
etag: W/"365b-HuSeQ/sF4vyiZDxYys57Chp1P5E"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 css2
fonts.googleapis.com/ 27 KB
1 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Caveat:ital,wght@0,400&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Yatra+One:ital,wght@0,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ae8a2c0bc7e1a60003e92d61fb3414b2460e8dbea214499d61a9f89d5c0e710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 02:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 02:21:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 02:21:08 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 1F7C 405 KB
112 KB 43ms
43ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?merchant-id=KT2MZDBCQDBQE&client-id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&components=messages,buttons

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zthtvnhoquyvhhzismaignhiqewrfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&version=1.53.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31af15436476fab99e5005e4d08887774cf6601f0f3d8e39c3a5ec18bd09729b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zthtvnhoquyvhhzismaignhiqewrfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&version=1.53.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:08 GMT
age: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f122602360099
server-timing: "traceparent;desc="00-0000000000000000000f122602360099-e5a78397f730eec3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 113497
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f122602360099-ffd10bddadac23bf-01
x-timer: S1703211669.598457,VS0,VE4
etag: W/"1bb59-SGRpg5dA5Fy4+J2Jk/FLcf2tK88"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 148ms
49ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=myflufel.com&t=xo&v=5.0.416&source=payments_sdk&mrid=KT2MZDBCQDBQE&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&comp=messages,buttons&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
log-origin: shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security: max-age=31557600
log-timing: fetch=178261,misspass=93,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 3fd9c4a83a728
dc: ccg11-origin-www-1.paypal.com
content-length: 15742
x-served-by: cache-sjc10081-SJC, cache-fra-etou8220085-FRA
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
traceparent: 00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer: S1703211669.722652,VS0,VE0
etag: W/"64f25363-daa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 9, 76717

GET
H2 200 ts
t.paypal.com/ 42 B
511 B 282ms
182ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AKT2MZDBCQDBQE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AKT2MZDBCQDBQE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a0f282b-4c5b-49b7-8693-f6a72878295a&fltp=analytics&mrid=KT2MZDBCQDBQE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=myflufel&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1703211668597&g=-60&completeurl=https%3A%2F%2Fmyflufel.com%2F&disableSetCookie=true

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 22 Dec 2023 02:21:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 98503262eef54
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220047-FRA
pragma: no-cache
correlation-id: 98503262eef54
traceparent: 00-000000000000000000098503262eef54-85aecc3add02c2a0-01
x-timer: S1703211669.714992,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:21:08 GMT

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame 1F7C 40 B
2 KB 232ms
232ms Fetch
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_04a75f261d_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_zthtvnhoquyvhhzismaignhiqewrfi&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&version=1.53.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f48723266fa07
server-timing: "traceparent;desc="00-0000000000000000000f48723266fa07-d7f12ebbd472da86-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 56
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f48723266fa07-883e36b976b1a959-01
x-timer: S1703211669.705332,VS0,VE192
etag: W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST logger
www.paypal.com/xoplatform/logger/api/ Frame 1F7C 0
0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 5956 55 KB
16 KB 39ms
39ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://myflufel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 16039
content-type: text/html
date: Fri, 22 Dec 2023 02:21:08 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64f25363-dacc"
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
log-origin: shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com
log-timing: fetch=147177,misspass=72,do_stream=0
paypal-debug-id: 7d8e18e65f05e
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 7, 77300
x-content-type-options: nosniff
x-served-by: cache-sjc1000107-SJC, cache-fra-etou8220085-FRA
x-timer: S1703211669.774901,VS0,VE0

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 5956 18 B
416 B 39ms
39ms Fetch
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 10437, 73903
date: Fri, 22 Dec 2023 02:21:08 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
log-origin: shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com
log-timing: fetch=146948,misspass=79,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 7f4693eaf4cf1
dc: ccg11-origin-www-1.paypal.com
content-length: 18
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220085-FRA
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
traceparent: 00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01
x-timer: S1703211669.839121,VS0,VE0
etag: "60271cd0-12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-client-location: DE

GET
H2 200 ts
t.paypal.com/ 42 B
164 B 182ms
182ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AKT2MZDBCQDBQE-1&page=muse%3Aoffer%3A%3A%3AKT2MZDBCQDBQE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3a0f282b-4c5b-49b7-8693-f6a72878295a&es=visitorInfoFlowStarted&mrid=KT2MZDBCQDBQE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=myflufel&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1703211668822&g=-60&completeurl=https%3A%2F%2Fmyflufel.com%2F&disableSetCookie=true

Requested by

Host: myflufel.com
URL: https://myflufel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myflufel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 22 Dec 2023 02:21:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: afc040657fe8a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220047-FRA
pragma: no-cache
correlation-id: afc040657fe8a
traceparent: 00-0000000000000000000afc040657fe8a-9dbee232999a8383-01
x-timer: S1703211669.840931,VS0,VE143
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:21:08 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 5956 435 B
2 KB 282ms
282ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de0d3342b405a777672421ab99bc62909e54e3df25babbe451d18a39a2ba4187

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-/O3cFlIMg5FUvVNWpmPWS6m7HgalcP3cQ/eurNyMNlG1YU/G' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-/O3cFlIMg5FUvVNWpmPWS6m7HgalcP3cQ/eurNyMNlG1YU/G' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f487232ddec39
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f487232ddec39-290aaf008241bb2e-01
x-timer: S1703211669.200327,VS0,VE243
etag: W/"1b3-R6afBrAbBOexOjr7BM+OKwS1G9g"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 316ms
237ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 22 Dec 2023 02:21:09 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f487232ffeddb
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f487232ffeddb-8d6c52fd12d3c2ab-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
x-timer: S1703211669.962162,VS0,VE198

GET
H2 200 message Show response
www.paypal.com/credit-presentment/smart/ Frame 3795 76 KB
21 KB 547ms
547ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/smart/message?merchant_id=KT2MZDBCQDBQE&channel=UPSTREAM&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22white%22%2C%22ratio%22%3A%228x1%22%7D&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&version=1.53.0&integrationType=SDK&deviceID=uid_04a75f261d_mdi6mje6mdg&sessionID=uid_71aecbdc0b_mdi6mje6mdg&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&message_request_id=uid_b8524ee5ba_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23e00ba92a8756e9e8fc7fcee1b8c7bace7f1474616f1ac840c4680654c654b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myflufel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 0
cache-control: s-maxage=21600, max-age=0
content-encoding: gzip
content-length: 20689
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 02:21:09 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-message, up-country-DE, up-profile-4492e7e294d509895b47b7161589271361b51d15, up-offer-GENERIC
etag: W/"1314d-OQ6jXpfix4YO6Rz7rqA7o8Eh6qo"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f48723236ad49
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f48723236ad49-613eddf89fe5f595-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f48723236ad49-5bb0f56b27a35c70-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
x-timer: S1703211669.975441,VS0,VE507
x-xss-protection: 1; mode=block

GET
H2 200 smart-credit-message@1.53.0.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 3795 91 KB
29 KB 39ms
39ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-message@1.53.0.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/message?merchant_id=KT2MZDBCQDBQE&channel=UPSTREAM&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22white%22%2C%22ratio%22%3A%228x1%22%7D&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&version=1.53.0&integrationType=SDK&deviceID=uid_04a75f261d_mdi6mje6mdg&sessionID=uid_71aecbdc0b_mdi6mje6mdg&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&message_request_id=uid_b8524ee5ba_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8288862824b503ca0087dc55f3499e171d1b9b34c3edf9028cd7b3c69a38d7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:21:09 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: afca0cb885aaa
dc: ccg11-origin-www-1.paypal.com
content-length: 28711
x-served-by: cache-sjc1000115-SJC, cache-fra-etou8220085-FRA
last-modified: Wed, 20 Dec 2023 15:55:24 GMT
traceparent: 00-0000000000000000000afca0cb885aaa-0e036d0e09f9e8cc-01
x-timer: S1703211670.531352,VS0,VE0
etag: W/"65830e6c-16c80"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 65, 2036

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 3795 405 KB
113 KB 44ms
44ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?merchant-id=KT2MZDBCQDBQE&client-id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&components=messages,buttons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31af15436476fab99e5005e4d08887774cf6601f0f3d8e39c3a5ec18bd09729b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/smart/message?merchant_id=KT2MZDBCQDBQE&channel=UPSTREAM&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22white%22%2C%22ratio%22%3A%228x1%22%7D&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&version=1.53.0&integrationType=SDK&deviceID=uid_04a75f261d_mdi6mje6mdg&sessionID=uid_71aecbdc0b_mdi6mje6mdg&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&message_request_id=uid_b8524ee5ba_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3Le66ft5wUDQqgV65V5g9smCscmLyF+Ji3ntHdl+NisflFAs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 22 Dec 2023 02:21:09 GMT
age: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f122602360099
server-timing: "traceparent;desc="00-0000000000000000000f122602360099-e5a78397f730eec3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 113497
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f122602360099-ffd10bddadac23bf-01
x-timer: S1703211670.535120,VS0,VE3
etag: W/"1bb59-SGRpg5dA5Fy4+J2Jk/FLcf2tK88"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 3, 0

GET
DATA 200
OK truncated
/ Frame 3795 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3795 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 3795 1016 B
954 B 230ms
229ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f91c646518483b699e514a86477792f8dd11b669aaf0655729d0f513bfebe379

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/credit-presentment/smart/message?merchant_id=KT2MZDBCQDBQE&channel=UPSTREAM&style=%7B%22layout%22%3A%22flex%22%2C%22color%22%3A%22white%22%2C%22ratio%22%3A%228x1%22%7D&client_id=AQ3RkiNHQ53oodRlTz7z-9ETC9xQNUgOLHjVDII9sgnF19qLXJzOwShAxcFW7OT7pVEF5B9bwjIArOvE&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9tZXJjaGFudC1pZD1LVDJNWkRCQ1FEQlFFJmNsaWVudC1pZD1BUTNSa2lOSFE1M29vZFJsVHo3ei05RVRDOXhRTlVnT0xIalZESUk5c2duRjE5cUxYSnpPd1NoQXhjRlc3T1Q3cFZFRjVCOWJ3aklBck92RSZjb21wb25lbnRzPW1lc3NhZ2VzLGJ1dHRvbnMiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF96dGh0dm5ob3F1eXZoaHppc21haWduaGlxZXdyZmkifX0&env=production&version=1.53.0&integrationType=SDK&deviceID=uid_04a75f261d_mdi6mje6mdg&sessionID=uid_71aecbdc0b_mdi6mje6mdg&scriptUID=uid_zthtvnhoquyvhhzismaignhiqewrfi&message_request_id=uid_b8524ee5ba_mdi6mje6mdg&disableSetCookie=true&features=disable-set-cookie
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Fri, 22 Dec 2023 02:21:09 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f5114157c17af
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220022-FRA, cache-fra-etou8220022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5114157c17af-138c5d3ea7b1cbee-01
x-timer: S1703211670.695438,VS0,VE190
etag: W/"3f8-A7Nndvnj7saRG+D2wL7+88eLxGU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
886 B 335ms
334ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: cdn11.bigcommerce.com
URL: https://cdn11.bigcommerce.com/shared/js/csrf-protection-header-95f3d9ac8c049e3ed132c83a168cf1d6a8ed0237.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3beb3971a91d475a5ec86b34255a75d1a63ba1aa12bb065ea8c47251cbd3d91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://myflufel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Fri, 22 Dec 2023 02:21:10 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f51141575a26a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f51141575a26a-b61802caa2bbb874-01
x-timer: S1703211670.930868,VS0,VE199
etag: W/"3f6-9Hg5mVbXyNvAlxlEjWl2uLrrH7M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://myflufel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 226ms
225ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myflufel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://myflufel.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 22 Dec 2023 02:21:09 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f51141574ff0f
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f51141574ff0f-e710bb34a24bb9ac-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
x-timer: S1703211670.701812,VS0,VE184

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myflufel.com/	1970-01-21 02:42:51	Name: fornax_anonymousId Value: ed0f77ee-8d3c-4ea1-803e-c17d41522676
myflufel.com/	1970-01-20 17:06:53	Name: athena_short_visit_id Value: 3522347f-dd45-4b68-8421-f9fb50591cfd:1703211665
myflufel.com/	1970-01-20 17:16:56	Name: Shopper-Pref Value: A5AB58F6673EFC0F2B8A3BB8FED4D01C5DEBB658-1703816466253-x%7B%22cur%22%3A%22EUR%22%7D
myflufel.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: c701ffd629db8817172223240266e176129bc2dd1f5009c6ee9edb056a07618c
myflufel.com/	1970-01-20 17:16:56	Name: SHOP_SESSION_TOKEN Value: 43a5c005-8199-419b-a71f-768e9704fb65
myflufel.com/	1969-12-31 23:59:59	Name: undefined Value: undefined
myflufel.com/	1970-01-21 02:42:51	Name: __kla_id Value: eyJjaWQiOiJZVGhrWVdZd01XRXRNREF6TVMwME9XVm1MV0l4T1dVdE1EWTNOemMxWkRjNU1ESTUiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDMyMTE2NjgsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vbXlmbHVmZWwuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcwMzIxMTY2OCwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9teWZsdWZlbC5jb20vIn19

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bes.gcp.data.bigcommerce.com
cdn11.bigcommerce.com
checkout-sdk.bigcommerce.com
ecomappbcom.redtrack.io
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
myflufel.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
t.paypal.com
unpkg.com
wncud.rdtk.io
www.paypal.com
www.paypalobjects.com
www.paypal.com
151.101.129.35
151.101.130.133
151.101.193.21
151.101.194.133
151.101.2.133
18.159.167.32
192.200.160.253
2606:4700::6810:7daf
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
34.111.131.117
37.48.87.182
63.141.128.23
021d06e4ada299aa5f7cc4cc39c24f696a32b230e43a764df62c129bd45f9350
0565ef5860bf7a4edf39e93618a1a731fce69ecbf499c31a654ac86b4679365b
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0ae8a2c0bc7e1a60003e92d61fb3414b2460e8dbea214499d61a9f89d5c0e710
0d14d8e626a86854161c3eb1dd84d50f98888fb72dc64edea8746430f64467cb
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
110bb708820773a533fea7d67b2f77f166eea282ff3e232e43d6b51639246bf9
179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c
18cc295c72cfd8e193f334cb5e4b92c1218c4c47d8491033e122e4180a1fd779
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1f9fd7740b4abd2f6f2fd380d95ead5c27c178b95640b50dbac737c2da037a03
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
23e00ba92a8756e9e8fc7fcee1b8c7bace7f1474616f1ac840c4680654c654b9
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
273d19b2706004acbf6b07bcd431c2b23284f0b795ff12746a48fa12e274915c
27833c2d3e723926b655c802e312079f2a511e86ee3695844bef850e9d77524a
31af15436476fab99e5005e4d08887774cf6601f0f3d8e39c3a5ec18bd09729b
33490894d90cfa5ebc72aac63f27f265c6eda2597aeae4547f6a4bb471d1f195
3beb3971a91d475a5ec86b34255a75d1a63ba1aa12bb065ea8c47251cbd3d91b
46498886f181a90dfb9f587d67ca0b4eeafadeca4916e725e0265094ad89e990
4936d17d9cecd6cb0353b87d0b4792f6c4ac9cb3cddad50c2b1934874820e493
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
67f9fd75a0f9e96d76e05ede37c083ad9a7d6fc515b4a4ef26b3373a9fa95834
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7229fe0c59b4cad0247088f831abc41db0068f334490f1ea27b1e3f81f88bb49
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e
77a8838e3b7d7419c7cf2384374cb01add21a311c9bee83960c652a6bbdf56ae
7925dcd24dca80d390b8317c3f90647d8fbfed3759a04987dfc57f0c063fa102
7fd7a9e5e37dd9a36022fa87c65ac8f60b1d44be169fb1e5ec6cecafe68b50a1
8288862824b503ca0087dc55f3499e171d1b9b34c3edf9028cd7b3c69a38d7d1
8b91dc3f0733433eeae07219617158e6e66c2dc7e379686a4aa96c818675276f
8ec46068d31859ec759b7a227f19c02e96ad46c9ced0a7ad174ff11e2314d08f
97ceab1d76f7b4af54e9ff84b80843207c97b7e217dd3bb26c9563372d533636
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0162e9e4e106f6e8f20c519be29388c8e04f4b6334910db7d3008b9f12778c8
c4a4ab7165325b2fe9ca480c4623f03fa1b8a3c7df79ea065f2ff3be4fa0bfa6
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d06f8eee2264c6f2b78c2a6a8accf2c4c9e51b46b76ddeb70fd258bf053593a1
da92e70e49991edca181faf8672b951886052a6c2b1a6eee8fc59bb75b97991d
de0d3342b405a777672421ab99bc62909e54e3df25babbe451d18a39a2ba4187
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5408c4c08b7665b48ebd37be8512ae1f377bced1c4dd007c8b53d504e9be9e2
e72e9b984efa7695bdb247cf52d39284f172fd98c5859f44a0aea3d97133d6cc
f91c646518483b699e514a86477792f8dd11b669aaf0655729d0f513bfebe379
fd66e4221994acd7bc7cdb7d7f9ba2ce995bc05723cf3e9bb0b720e47331f0eb
fdcf5eefb51aff8cf3f98d43c05737139af16fbb6e82ac39fc5c07673053396d
ff77a8033e8a7731e5279de1a9079949bf135d06ec8c323ba874e7250aa6c42d

myflufel.com Open in urlscan Pro 63.141.128.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

23 %IPv6

10 Domains

16 Subdomains

14 IPs

3 Countries

17658 kBTransfer

19492 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

myflufel.com Open in urlscan Pro
63.141.128.23 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

23 %
IPv6

10
Domains

16
Subdomains

14
IPs

3
Countries

17658 kB
Transfer

19492 kB
Size

7
Cookies

55 HTTP transactions
2 data transactions