www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.auth-summary-reward.hibicemesootsm.online/
Effective URL:
https://www.paypal.com/de/home
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2022, 6:08:06 am UTC) — Scanned from DE

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 40 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2205.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 12th 2022. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.187.147.30 103.187.147.30	138608 (CLOUDHOST...) (CLOUDHOST-AS-AP Cloud Host Pte Ltd)
1 1	70.32.23.44 70.32.23.44	55293 (A2HOSTING) (A2HOSTING)
1 1	64.4.250.36 64.4.250.36	17012 (PAYPAL) (PAYPAL)
1 6	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
22	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
40	7

1 103.187.147.30 (Indonesia) 1 redirects

ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG)

www.auth-summary-reward.hibicemesootsm.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.32.23.44 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: mi3-ss45.a2hosting.com

over.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.4.250.36 (United States) 1 redirects

ASN17012 (PAYPAL, US)
PTR: xoom.com

paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1999	2 MB
10	paypal.com 2 redirects paypal.com — Cisco Umbrella Rank: 1524 www.paypal.com — Cisco Umbrella Rank: 2205 t.paypal.com — Cisco Umbrella Rank: 3068	42 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1896	42 KB
3	gstatic.com www.gstatic.com	313 KB
1	qualtrics.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 13746	8 KB
1	over.st 1 redirects over.st	384 B
1	hibicemesootsm.online 1 redirects www.auth-summary-reward.hibicemesootsm.online	510 B
40	7

	Domain	Requested by
22	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
6	www.paypal.com	1 redirects www.paypal.com www.paypalobjects.com
4	www.recaptcha.net	www.paypal.com www.gstatic.com www.recaptcha.net
3	www.gstatic.com	www.recaptcha.net
3	t.paypal.com	www.paypal.com
1	zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	www.paypalobjects.com
1	paypal.com	1 redirects
1	over.st	1 redirects
1	www.auth-summary-reward.hibicemesootsm.online	1 redirects
40	9

This site contains links to these domains. Also see Links.

Domain
newsroom.deatch.paypal-corp.com
developer.paypal.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
misc.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/de/home
Frame ID: 8A370582A733E4F8D35D0BE8BAF286CB
Requests: 32 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: 579A41CF7122A0730C4B5A34254FE843
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=2kiw0mcojafu
Frame ID: 79EF710C872BB6F7613BCF3702571FCF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bargeldloses Bezahlen - Online Shopping | PayPal DE

Page URL History Show full URLs

https://www.auth-summary-reward.hibicemesootsm.online/ HTTP 302
http://over.st/completed HTTP 301
https://paypal.com/ HTTP 302
https://www.paypal.com/ HTTP 302
https://www.paypal.com/de/home Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Page Statistics

40
Requests

95 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

2098 kB
Transfer

4312 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://newsroom.deatch.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/
Title: Integration Center

Search URL Search Domain Scan URL

URL: https://newsroom.deatch.paypal-corp.com/?categoryId=company-news
Title: Presse

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.auth-summary-reward.hibicemesootsm.online/ HTTP 302
http://over.st/completed HTTP 301
https://paypal.com/ HTTP 302
https://www.paypal.com/ HTTP 302
https://www.paypal.com/de/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
www.paypal.com/de/
Redirect Chain

https://www.auth-summary-reward.hibicemesootsm.online/
http://over.st/completed
https://paypal.com/
https://www.paypal.com/
https://www.paypal.com/de/home

117 KB
27 KB

568ms
568ms

Document
text/html

151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a160dc8793943cd4b4e9e4a210a55877164e154a06ba7229b2d1b938d3095326

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-wtM9fk5PdadPeBt3oSU7X/FjGY48S4vYMXKIl7Ha1ssJeIgu' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-wtM9fk5PdadPeBt3oSU7X/FjGY48S4vYMXKIl7Ha1ssJeIgu' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 28 Jul 2022 06:07:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1d466-yb5ewyxYbUBxlkVIJDKM/OUyVTA"
paypal-debug-id: f8952213a5753
server-timing: "traceparent;desc="00-0000000000000000000f8952213a5753-aa50d4c5b92da063-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f8952213a5753-7096e8c3d20e7acc-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn4036-HHN, cache-fra19155-FRA
x-timer: S1658988477.330367,VS0,VE561
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
content-length: 0
date: Thu, 28 Jul 2022 06:07:57 GMT
location: https://www.paypal.com/de/home
retry-after: 0
server: Varnish
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19155-FRA

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 22 KB
7 KB 79ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4D) /

Resource Hash

ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 528f034909890
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6711
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
server: ECAcc (frc/8F4D)
etag: "624d6980-5940"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 0
0

GET PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 0
0

GET
H2 200 966fcd30231de8357df487153930c769dfff2d.css
www.paypalobjects.com/marketing-resources/css/18/ 372 KB
56 KB 69ms
9ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

1882c3d3110a950440178c20796290ec9d0fe02980743b05196c0423dee61479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a39b1fad06ea7
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 56698
last-modified: Tue, 28 Jun 2022 05:12:31 GMT
server: ECAcc (frc/8E92)
etag: W/"62ba8dbf-5d083"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 covid-icon.png
www.paypalobjects.com/marketing/web/us/en/home/ 3 KB
3 KB 24ms
23ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home/covid-icon.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F54) /

Resource Hash

0ba65b070bd90dbf9075867afbd9c3f8b591619c2a678f2ea7562a469db82181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:23 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c73-adf"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 7d25ba49e13ca
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 2783
server: ECAcc (frc/8F54)
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 react-17_0_1-bundle.js Show response
www.paypalobjects.com/marketing-resources/vendors/ 132 KB
44 KB 22ms
21ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E88) /

Resource Hash

9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 1602a843d2c8a
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 44545
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
server: ECAcc (frc/8E88)
etag: W/"603428fb-20ee8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 55 KB
21 KB 56ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F58) /

Resource Hash

da579f964718ba0aaf9bdfd4f396d800b7a13f9e6bbaca246bcfd255e534eb0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: bbad87886636a
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 21556
last-modified: Wed, 27 Jul 2022 22:43:43 GMT
server: ECAcc (frc/8F58)
traceparent: 00-0000000000000000000bbad87886636a-f1948705b6755710-01
etag: "62e1bf9f-dcfb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 open-chat.js Show response
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 1 KB
884 B 21ms
21ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 944ad8e381b1c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 779
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
server: ECAcc (frc/8F38)
etag: W/"60271b1c-5bf"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
531 B 22ms
22ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA7) /

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 905417810938f
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 365
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
server: ECAcc (frc/8FA7)
traceparent: 00-0000000000000000000905417810938f-9e6d4d0ad4cba2be-01
etag: "60271561-22a"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 29 Jul 2022 06:07:57 GMT

GET
H2 200 eca01855741ba7d2d2e60052c0922a4739ada9.js Show response
www.paypalobjects.com/marketing-resources/js/eb/ 1 MB
231 KB 58ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/eb/eca01855741ba7d2d2e60052c0922a4739ada9.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F75) /

Resource Hash

c2dc53d2a7d2752370275433a32a7ca555719067dbae20215c7be72038ccde1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 9b6fd14fd9882
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 235802
last-modified: Tue, 31 May 2022 11:23:44 GMT
server: ECAcc (frc/8F75)
etag: W/"6295fac0-103fc7"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/2ee88bca6f54b126/ 10 KB
6 KB 274ms
274ms Script
text/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/2ee88bca6f54b126/recaptchav3.js?_sessionID=qolxOqZCNuTjodrRqbCJlsv1Gt08kZ92

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8df36f715b9b9bc39fd0c52629ce60cdcc562162f12041c60c74361e8b143615

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-oBE1g5y5TBeTMzDKrt9ZLKVtJKal5R+gv/p59vsTptFSXoWi' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-oBE1g5y5TBeTMzDKrt9ZLKVtJKal5R+gv/p59vsTptFSXoWi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f450556c91779
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4024-HHN, cache-fra19155-FRA
traceparent: 00-0000000000000000000f450556c91779-e59163573ff60e05-01
x-timer: S1658988478.927307,VS0,VE267
date: Thu, 28 Jul 2022 06:07:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"2719-j9wR5QbbWPvnr9DYZCqZKg3pB90"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 pp_fc_hl.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/ 11 KB
4 KB 12ms
8ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEE) /

Resource Hash

036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a001f73a87829
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 3732
last-modified: Tue, 15 Mar 2016 17:48:58 GMT
server: ECAcc (frc/8FEE)
etag: W/"56e84b0a-2b4b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 homepage-hero-desktop.png
www.paypalobjects.com/marketing/web/de/de/home/ 143 KB
143 KB 13ms
10ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/de/de/home/homepage-hero-desktop.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

3f666a9075adfe7f201d3ce22b5d06be2a0812094efa34353ad0d3517120c590

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 3f4cd8d1fffde
dc: ccg11-origin-www-1.paypal.com
content-length: 146608
last-modified: Mon, 23 May 2022 14:32:32 GMT
server: ECAcc (frc/8FDD)
etag: "628b9b00-23cb0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 PayPalSansSmall-Regular.woff
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 19 KB
19 KB 9ms
8ms Font
font/woff 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7B) /

Resource Hash

6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
server: ECAcc (frc/8F7B)
etag: "5a66a30d-4cdc"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
paypal-debug-id: 1cc6d6d9b8510
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 19676
expires: Thu, 28 Jul 2022 07:07:57 GMT

GET
H2 200 PayPalSansBig-Light.woff
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 20 KB
20 KB 12ms
11ms Font
font/woff 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4C) /

Resource Hash

4db62137dffee2ab0d510197115508b3b7ee0f3d4589c2ac14020e3894819bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 19:04:34 GMT
server: ECAcc (frc/8F4C)
etag: "5a7364c2-4e14"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
paypal-debug-id: 8566a7cc1f9eb
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 19988
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 10ms
9ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB3) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/18/966fcd30231de8357df487153930c769dfff2d.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4b61dcf9973b3
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frc/8FB3)
etag: "60271cda-6318"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 139 KB
27 KB 10ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFB) /

Resource Hash

06ee77bee05bd09330f0ba3907b3e0708054d81b35a12791dd3fc93c455bdee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 2560040a75e62
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 27533
last-modified: Wed, 27 Jul 2022 22:43:43 GMT
server: ECAcc (frc/8FFB)
etag: W/"62e1bf9f-22c1b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 eligibility Show response
www.paypal.com/smartchat/open/ 1 KB
2 KB 199ms
199ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/de/home

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64abb53a057be9d29b3242a1a7d6933dda3277de9e488a434cd399ea85120e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn; script-src 'nonce-NOjrdU/AhM7uBYDngNfD8/kwfzx6Xo1RnNPIfw8Myzt1R27z' 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' https://.kampyle.com https://.qualtrics.com; font-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn data:; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-NOjrdU/AhM7uBYDngNfD8/kwfzx6Xo1RnNPIfw8Myzt1R27z' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f450556df522a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4036-HHN, cache-fra19155-FRA
traceparent: 00-0000000000000000000f450556df522a-bd8da7736831dec1-01
x-timer: S1658988478.081256,VS0,VE190
date: Thu, 28 Jul 2022 06:07:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"561-v9sYeGmKeKMCi8kq9fyYkJCGxok"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 7 KB
3 KB 8ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F33) /

Resource Hash

8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: c4f4c6b9f7ecd
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 3329
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F33)
traceparent: 00-0000000000000000000c4f4c6b9f7ecd-1ce64210b5ad1951-01
etag: "61dccd14-1d47"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 12.2e4d3453d92fa382c1f6.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 56 KB
16 KB 11ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F39) /

Resource Hash

9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e1617000cfcb4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 16285
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F39)
traceparent: 00-0000000000000000000e1617000cfcb4-47c92609ca1de6a2-01
etag: "61dccd14-e017"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

POST
H2 200 Targeting.php Show response
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 101 KB
8 KB 229ms
150ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b663cabf7314517c93cae20fa9cc7c528886bfc216a0b3801aeb9f2dee9d24a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: e7f8613c4d264a02
cf-ray: 731b70052fa391ed-FRA

GET
H2 200 ts
t.paypal.com/ 42 B
849 B 218ms
158ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.8&t=1658988478197&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f8952213a5753&nsid=qolxOqZCNuTjodrRqbCJlsv1Gt08kZ92&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=5e068f213f9b42d9aff0128e61ff9604&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119036%2C120151%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=consumer&displaypage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/de/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2c208b3fe8e54
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4024-HHN, cache-fra19138-FRA
pragma: no-cache
traceparent: 00-00000000000000000002c208b3fe8e54-aa2451134606fd46-01
x-timer: S1658988478.262146,VS0,VE152
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 06:07:58 GMT

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame 579A 4 KB
2 KB 156ms
156ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/2ee88bca6f54b126/recaptchav3.js?_sessionID=qolxOqZCNuTjodrRqbCJlsv1Gt08kZ92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/de/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Jul 2022 06:07:58 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"fb3-1823ac5c5c0"
last-modified: Tue, 26 Jul 2022 13:50:16 GMT
paypal-debug-id: f450556b97b44
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f450556b97b44-66b0dbf49cdfb502-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn4064-HHN, cache-fra19155-FRA
x-timer: S1658988478.209094,VS0,VE149

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 579A 977 B
1 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82408434321ae01c103b9e90193dbbd597b6d90e3969ef902fff5f5c371be312

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 620
x-xss-protection: 1; mode=block
expires: Thu, 28 Jul 2022 06:07:58 GMT

GET
H2 200 P2P_HomePage_Module_GEN_101920.gif
www.paypalobjects.com/marketing/web/de/de/home/ 544 KB
544 KB 12ms
11ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/de/de/home/P2P_HomePage_Module_GEN_101920.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F67) /

Resource Hash

e64bf60fdea2ef2be556c03fec0eec58e8fd6246a8237bbc75da2555851c16b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:23:57 GMT
server: ECAcc (frc/8F67)
etag: "60271c1d-87f65"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 983512c49a3b3
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 556901
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 PP_EE_Pay_How_You_Want_Output-02.gif
www.paypalobjects.com/marketing/web/de/de/home/consumer-control/ 483 KB
483 KB 15ms
14ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/de/de/home/consumer-control/PP_EE_Pay_How_You_Want_Output-02.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F0F) /

Resource Hash

adebdbbefb71a0158f1efd5fd89cc74e3467befaed642c29b6cab4c43e2ba287

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:23:57 GMT
server: ECAcc (frc/8F0F)
etag: "60271c1d-78bd4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: b0ff2b466f7dd
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 494548
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 CoreModule.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 100 KB
30 KB 30ms
30ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F63) /

Resource Hash

ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 63bb700a825bf
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 30223
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F63)
traceparent: 00-000000000000000000063bb700a825bf-0d9fa5fb65d2a02a-01
etag: "61dccd14-190b6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 579A 365 KB
145 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 05:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147954
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 05:53:26 GMT

GET
H2 200 4.bee7caf079144a7b9980.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 2 KB
1 KB 25ms
24ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC5) /

Resource Hash

ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 8d88f92014299
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 1231
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8FC5)
traceparent: 00-00000000000000000008d88f92014299-9674637e7b9f7851-01
etag: "61dccd14-9ed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 1.1303dc17a61da0f506d3.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 29 KB
7 KB 27ms
26ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FCB) /

Resource Hash

e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a8cfd1ef88348
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 6602
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8FCB)
traceparent: 00-0000000000000000000a8cfd1ef88348-b6746dafa43354fa-01
etag: "61dccd14-7257"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 17.0e47ac923c1fa85e46cf.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 19 KB
8 KB 28ms
28ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F5B) /

Resource Hash

b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 711f07dfa8328
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 7762
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F5B)
traceparent: 00-0000000000000000000711f07dfa8328-07fb7b52c10b7a9b-01
etag: "61dccd14-4a99"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 28 Jul 2022 07:07:58 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 79EF 42 KB
22 KB 34ms
34ms Document
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=2kiw0mcojafu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87464df6eaff4335c15649776f22e02af91230be70d76976b173dcff00f3d795

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zfqN-Rj-9XWpD3BgSsWoiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22320
content-security-policy: script-src 'report-sample' 'nonce-zfqN-Rj-9XWpD3BgSsWoiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 06:07:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 79EF 51 KB
24 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=2kiw0mcojafu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 15:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 15:11:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 79EF 365 KB
145 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 05:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147954
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 05:53:26 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 79EF 102 B
134 B 23ms
22ms Other
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=2kiw0mcojafu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 28 Jul 2022 06:07:58 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 79EF 32 KB
19 KB 49ms
49ms XHR
application/json 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a83d8c52931020c34890c83b52bde9dc75236757f088c67de4e88ad79feb0ab9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=2kiw0mcojafu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 28 Jul 2022 06:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19119
x-xss-protection: 1; mode=block
expires: Thu, 28 Jul 2022 06:07:58 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 268ms
268ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-qV15n0HVNTDPAEH5QBuLR2t3Zxs4V/Ms9oSWPoack9yNdYY2' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/de/home
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-qV15n0HVNTDPAEH5QBuLR2t3Zxs4V/Ms9oSWPoack9yNdYY2' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f67278005a929
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11575-HHN, cache-fra19155-FRA
traceparent: 00-0000000000000000000f67278005a929-3464a3da9fdbcffc-01
x-timer: S1658988479.977645,VS0,VE261
date: Thu, 28 Jul 2022 06:07:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
544 B 166ms
165ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.8&t=1658988479010&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f8952213a5753&nsid=qolxOqZCNuTjodrRqbCJlsv1Gt08kZ92&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=de&csci=5e068f213f9b42d9aff0128e61ff9604&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104449%2C104375&xt=119299%2C118916&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=consumer&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A4931%2C%22tcp%22%3A4214%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A362%7D&pt=Bargeldloses%20Bezahlen%20-%20Online%20Shopping%20%7C%20PayPal%20DE&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=567&t3=2&t4d=0&t4=0&t4e=2&tt=4568&rdc=0&protocol=h2&res=%7B%7D&rtt=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:07:59 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f56b7d5f0e0af
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn11565-HHN, cache-fra19138-FRA
pragma: no-cache
traceparent: 00-0000000000000000000f56b7d5f0e0af-1f7943f5ae0308d2-01
x-timer: S1658988479.015029,VS0,VE157
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 06:07:59 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
543 B 184ms
183ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.8&t=1658988480010&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f8952213a5753&nsid=qolxOqZCNuTjodrRqbCJlsv1Gt08kZ92&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=de&csci=5e068f213f9b42d9aff0128e61ff9604&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104449%2C104375&xt=119299%2C118916&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=consumer&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=165&t3=1&tt=167&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A1%2C%22t11%22%3A167%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/de/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:08:00 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a694f453988cc
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4054-HHN, cache-fra19138-FRA
pragma: no-cache
traceparent: 00-0000000000000000000a694f453988cc-d8b6bd21ed05ad12-01
x-timer: S1658988480.014357,VS0,VE157
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 06:08:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 09:09:00	Name: _GRECAPTCHA Value: 09AMjm62V1Wh5WUx1ISOsfgmJTyu7ZnOA212g5s2n2VJRert1CXbUa7wO439NSwVf6KFzMYBRenu1I71OxFQvqBDc
www.auth-summary-reward.hibicemesootsm.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3d5a61c31d69c7eee199270bb5532d72
www.auth-summary-reward.hibicemesootsm.online/	1970-01-20 04:49:55	Name: access_key Value: dc913c539d90889549a4e6494b63599f
.paypal.com/	1970-01-20 13:35:24	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-23 20:30:07	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 04:50:20	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AqolxOqZCNuTjodrRqbCJlsv1Gt08kZ92.ATNusTBNEm%2BKVNQPgMBPImtXE7jFZExdOkRSLtuU2ms
.paypal.com/	1970-01-21 07:08:02	Name: ts_c Value: vr%3D436b3c0e1820ad046cc6fe28f981bc8f%26vt%3D436b3c0e1820ad046cc6fe28f981bc8e
.paypal.com/	1970-01-20 04:49:50	Name: l7_az Value: dcg15.slc
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1ODk4ODQ3OTE2MiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 04:54:07	Name: tsrce Value: authchallengenodeweb
.paypal.com/	1970-01-21 07:08:02	Name: ts Value: vreXpYrS%3D1753682880%26vteXpYrS%3D1658990280%26vr%3D436b3c0e1820ad046cc6fe28f981bc8f%26vt%3D436b3c0e1820ad046cc6fe28f981bc8e%26vtyp%3Dnew

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.paypal.com/de/home Message: Access to font at 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2' from origin 'https://www.paypal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.paypal.com/de/home Message: Access to font at 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2' from origin 'https://www.paypal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-wtM9fk5PdadPeBt3oSU7X/FjGY48S4vYMXKIl7Ha1ssJeIgu' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

over.st
paypal.com
t.paypal.com
www.auth-summary-reward.hibicemesootsm.online
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
www.paypalobjects.com
103.187.147.30
104.17.208.240
151.101.65.21
151.101.65.35
192.229.221.25
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2003
64.4.250.36
70.32.23.44
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
06ee77bee05bd09330f0ba3907b3e0708054d81b35a12791dd3fc93c455bdee6
0ba65b070bd90dbf9075867afbd9c3f8b591619c2a678f2ea7562a469db82181
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
1882c3d3110a950440178c20796290ec9d0fe02980743b05196c0423dee61479
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
3f666a9075adfe7f201d3ce22b5d06be2a0812094efa34353ad0d3517120c590
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4db62137dffee2ab0d510197115508b3b7ee0f3d4589c2ac14020e3894819bb1
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
64abb53a057be9d29b3242a1a7d6933dda3277de9e488a434cd399ea85120e56
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78
82408434321ae01c103b9e90193dbbd597b6d90e3969ef902fff5f5c371be312
87464df6eaff4335c15649776f22e02af91230be70d76976b173dcff00f3d795
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
8df36f715b9b9bc39fd0c52629ce60cdcc562162f12041c60c74361e8b143615
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
a160dc8793943cd4b4e9e4a210a55877164e154a06ba7229b2d1b938d3095326
a83d8c52931020c34890c83b52bde9dc75236757f088c67de4e88ad79feb0ab9
adebdbbefb71a0158f1efd5fd89cc74e3467befaed642c29b6cab4c43e2ba287
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b663cabf7314517c93cae20fa9cc7c528886bfc216a0b3801aeb9f2dee9d24a5
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
c2dc53d2a7d2752370275433a32a7ca555719067dbae20215c7be72038ccde1f
da579f964718ba0aaf9bdfd4f396d800b7a13f9e6bbaca246bcfd255e534eb0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64bf60fdea2ef2be556c03fec0eec58e8fd6246a8237bbc75da2555851c16b5
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

95 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

7 IPs

4 Countries

2098 kBTransfer

4312 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

95 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

2098 kB
Transfer

4312 kB
Size

12
Cookies

40 HTTP transactions
0 data transactions