urlscan.io logo urlscan.io
SecurityTrails logo

www.mydomain.com Open in urlscan Pro
52.0.92.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paypal.de.memberpp.com/safe/492-286-641-167/Ynef/ynef.yrvcmvt%40jro.qr/Orygre/
Effective URL: https://www.mydomain.com/paypal.de.memberpp.com
Submission Tags: phishing malicious Search All
Submission: On January 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 36 HTTP transactions. The main IP is 52.0.92.213, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.mydomain.com.
TLS certificate: Issued by Amazon on November 12th 2019. Valid for: a year.
This is the only time www.mydomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.199.130.184 24961 (MYLOC-AS)
1 13 52.0.92.213 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.194 15169 (GOOGLE)
1 34.254.13.19 16509 (AMAZON-02)
6 143.204.101.76 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.41 16509 (AMAZON-02)
2 34.206.28.113 14618 (AMAZON-AES)
36 14
1    5.199.130.184 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: mail.homelogs.de
paypal.de.memberpp.com
13    52.0.92.213 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-92-213.compute-1.amazonaws.com
www.mydomain.com
1    2a02:26f0:6c00:18b::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
www.googleadservices.com
1    34.254.13.19 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-254-13-19.eu-west-1.compute.amazonaws.com
resources.xg4ken.com
6    143.204.101.76 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-76.fra50.r.cloudfront.net
consent.trustarc.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2001:4860:4802:34::75 (United States)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    143.204.101.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-41.fra50.r.cloudfront.net
consent-pref.trustarc.com
2    34.206.28.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-28-113.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
13 www.mydomain.com 1 redirects www.mydomain.com
6 consent.trustarc.com www.mydomain.com
consent.trustarc.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com www.mydomain.com
2 errors.client.optimizely.com cdn.optimizely.com
2 www.google.de www.mydomain.com
2 www.google.com 1 redirects www.mydomain.com
1 consent-pref.trustarc.com consent.trustarc.com
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 resources.xg4ken.com www.mydomain.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.mydomain.com
1 fonts.googleapis.com www.mydomain.com
1 cdn.optimizely.com www.mydomain.com
1 paypal.de.memberpp.com 1 redirects
36 16

This site contains links to these domains. Also see Links.

Domain
www1.mydomain.com
www.facebook.com
twitter.com
endurance.clarip.com
Subject Issuer Validity Valid
mydomain.com
Amazon		 2019-11-12 -
2020-12-12		 a year crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2017-12-17 -
2020-12-17		 3 years crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2017-07-18 -
2020-07-17		 3 years crt.sh
www.google.de
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.mydomain.com/paypal.de.memberpp.com
Frame ID: F2A63272DADDAF8007B9D5246ACDE725
Requests: 35 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=endurance&site=ipage.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: D01367465C8BE78B53B405B04EB689CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://paypal.de.memberpp.com/safe/492-286-641-167/Ynef/ynef.yrvcmvt%40jro.qr/Orygre/ HTTP 302
    http://www.mydomain.com/paypal.de.memberpp.com HTTP 301
    https://www.mydomain.com/paypal.de.memberpp.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i

Page Statistics

36
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

16
Subdomains

14
IPs

5
Countries

579 kB
Transfer

1845 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paypal.de.memberpp.com/safe/492-286-641-167/Ynef/ynef.yrvcmvt%40jro.qr/Orygre/ HTTP 302
    http://www.mydomain.com/paypal.de.memberpp.com HTTP 301
    https://www.mydomain.com/paypal.de.memberpp.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1420497282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&ul=en-us&de=UTF-8&dt=Mydomain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAL~&jid=1612791917&gjid=1190824913&cid=649947597.1578939099&tid=UA-69116836-5&_gid=858190564.1578939099&_r=1&gtm=2wg121PPRPX8&cd2=none&cd4=no%20adblocker&cd9=none&cd12=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&cd14=domain%20brands&cd15=mydomain&cd17=none&cd19=GTM-PPRPX8-346&cd22=-&cd25=none&cd26=none&cd57=none&z=1642355702 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_gid=858190564.1578939099&gjid=1190824913&_v=j79&z=1642355702 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702&slf_rd=1&random=2747508280

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request paypal.de.memberpp.com
www.mydomain.com/
Redirect Chain
  • https://paypal.de.memberpp.com/safe/492-286-641-167/Ynef/ynef.yrvcmvt%40jro.qr/Orygre/
  • http://www.mydomain.com/paypal.de.memberpp.com
  • https://www.mydomain.com/paypal.de.memberpp.com
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/ Next.js
Resource Hash
a144e75d1946121b28fb562b446eef358d319ee09336b4284e21ed0fd6cad575
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.mydomain.com
:scheme
https
:path
/paypal.de.memberpp.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
404
date
Mon, 13 Jan 2020 18:11:37 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-powered-by
Next.js
etag
"5e0b-l/1JEbN1vXV4r9lcJ7EWjwGcHcU"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
awselb/2.0
Date
Mon, 13 Jan 2020 18:11:37 GMT
Content-Type
text/html
Content-Length
150
Connection
keep-alive
Location
https://www.mydomain.com:443/paypal.de.memberpp.com
_app.js
www.mydomain.com/_next/static/IIT7sukY7WHgFtH3G8Doi/pages/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/IIT7sukY7WHgFtH3G8Doi/pages/_app.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
85b30e88ae78a6d02b37d7b920d72eb45874ca6f95827ead1786f26a7ca88a7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"f187-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
webpack-4b444dab214c6491079c.js
www.mydomain.com/_next/static/runtime/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/runtime/webpack-4b444dab214c6491079c.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"5fb-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
commons.8eafbabfd7ac99dc4fa3.js
www.mydomain.com/_next/static/chunks/ 		567 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/chunks/commons.8eafbabfd7ac99dc4fa3.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
2e4d695c56b5bdf123b8b2dedc4f833867550a61897a5ca183074972f161f270
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"8dcaa-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
main-701d7b0d70eb4f527144.js
www.mydomain.com/_next/static/runtime/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/runtime/main-701d7b0d70eb4f527144.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
02f5c82a6d6a34c0c5029180238a57dc42edbfff22ffad91ff56caaa80502696
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"369f-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
commons.20506edb.chunk.css
www.mydomain.com/_next/static/css/ 		264 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/css/commons.20506edb.chunk.css
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
8eb6b0a4bb73dc5ee3ab441b991f104a2ebfbeac567aa8966497fc0215095e3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"42012-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
13415320116.js
cdn.optimizely.com/js/ 		334 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/13415320116.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:18b::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd29644ef5bc8fbbfec791f13eae26ed3f94a3e093ada840b9b1b2181856d9b0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
OI66pEOC1KvpH8v1HhPcCphv_TehEK3N
content-encoding
gzip
x-amz-request-id
ED4CA5805C7FE38E
status
200
access-control-max-age
86400
date
Mon, 13 Jan 2020 18:11:38 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:18b::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
95185
x-amz-id-2
MQpJd/PHDqHABumiyn22NxQNSkIhJrb1DRZYdZoyxLzhdjkTsCX1pog3Nn/xWKf9lrBIk4eXiM0=
last-modified
Mon, 13 Jan 2020 17:59:23 GMT
server
AmazonS3
etag
"984d91aec645d966aa70a03d3e1fb93c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
2576
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
logo.svg
www.mydomain.com/static/img/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydomain.com/static/img/logo.svg
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
3f061ddce9fd5afd62af4c8d884bf9f3047a9bff7399448b1eb463e0a9e1b726
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"2ba4-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
inverted-logo.svg
www.mydomain.com/static/img/ 		31 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydomain.com/static/img/inverted-logo.svg
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
3bf3899e05df2c19b640583cb7fc973b54ffe477a5825d53480cecc451c29de7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"7d8f-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
socialFacebook.svg
www.mydomain.com/static/img/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydomain.com/static/img/icons/socialFacebook.svg
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
9ec762dbf8ded4e30468fa462ea494e6823c1e8a5fb9bce3bab136f17c0a942f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"628-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
socialTwitter.svg
www.mydomain.com/static/img/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydomain.com/static/img/icons/socialTwitter.svg
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
8c07551d5308bd643a2eadb146701d1b1d41de17991735021b5e6b0f9bf5068b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"908-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 13 Jan 2020 18:11:38 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 13 Jan 2020 18:11:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 13 Jan 2020 18:11:38 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://www.mydomain.com

Response headers

date
Thu, 21 Nov 2019 23:16:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
4560881
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:16:57 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://www.mydomain.com

Response headers

date
Thu, 09 Jan 2020 01:23:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
406101
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Fri, 08 Jan 2021 01:23:17 GMT
fontawesome-webfont.woff2
www.mydomain.com/static/vendor/font-awesome/fonts// 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/static/vendor/font-awesome/fonts//fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.mydomain.com/_next/static/css/commons.20506edb.chunk.css
Origin
https://www.mydomain.com

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"ddcc-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
56780
x-xss-protection
1; mode=block
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://www.mydomain.com

Response headers

date
Wed, 08 Jan 2020 20:08:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
424974
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13912
x-xss-protection
0
expires
Thu, 07 Jan 2021 20:08:44 GMT
gtm.js
www.googletagmanager.com/ 		285 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPRPX8
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a99923060a3fa9c6ca8fd9fd0be0641ede7041fcd6f18ebde034d2b6fe08cc5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
64095
x-xss-protection
0
expires
Mon, 13 Jan 2020 18:11:38 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPRPX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2004
date
Mon, 13 Jan 2020 17:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 13 Jan 2020 19:38:14 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPRPX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
78fa84511c061e24b78e812c46136c22091b00fe53a9e799062fc9f563fa7ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9875
x-xss-protection
0
server
cafe
etag
17419624424165271662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Jan 2020 18:11:38 GMT
ktag.js
resources.xg4ken.com/js/v2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N42D8-3EB
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.13.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-254-13-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dc69c40ab6a9829b9bacda37c35531e0296b82e106538f3c658d5a8db31eb7b5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 13 Jan 2020 18:11:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 12:17:41 GMT
Server
nginx
ETag
"5dcbf465-1085"
Content-Type
text/plain
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
4229
X-XSS-Protection
1; mode=block
Expires
Tue, 14 Jan 2020 18:11:38 GMT
notice
consent.trustarc.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=ipage.com&c=teconsent&gtm=1
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
50f41dcdb2df4ba7b3504aa1050af29b86394ffd1e5770341f8656082ac0bfe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
status
200
vary
Accept-Encoding
content-length
1532
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
0llIAKc1IRqLS5-mfxvCWV0RvILV__BYu6MTqQ9_1BweJVLrNKHDYw==
expires
Mon, 13 Jan 2020 18:11:37 GMT
_error.js
www.mydomain.com/_next/static/IIT7sukY7WHgFtH3G8Doi/pages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mydomain.com/_next/static/IIT7sukY7WHgFtH3G8Doi/pages/_error.js
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/_next/static/runtime/main-701d7b0d70eb4f527144.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.92.213 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-92-213.compute-1.amazonaws.com
Software
/
Resource Hash
a19615ba78644c5f5ec1690480399329aa5debe4f00681c7325df49c31da66c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Dec 2019 20:13:34 GMT
etag
W/"a7f-16f157e91b0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 17:40:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1851
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Mon, 13 Jan 2020 18:40:47 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072682780/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072682780/?random=1578939098515&cv=9&fst=1578939098515&num=1&label=GArvCNqNugEQnK6__wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&tiba=Mydomain&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a479597e10cdc72d1c0f58cb2bdc7507264041c8afbb3ceff94a8940149bdbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Jan 2020 18:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1.7-220
consent.trustarc.com/asset/notice.js/v/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-220
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=ipage.com&c=teconsent&gtm=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a92f5fff342c3aa776c328f7518ab38a2af0ff0ddbb538e11f86b74908176099
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.mydomain.com/paypal.de.memberpp.com
Origin
https://www.mydomain.com

Response headers

date
Sun, 12 Jan 2020 14:45:19 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
status
200
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
pragma
public
last-modified
Thu, 19 Dec 2019 02:34:11 GMT
server
nginx
x-frame-options
ALLOWALL
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
3MgK9nmEgEHVzXpPMZtQbLVPE48xk7gU2kILGsivQTPGotdOVFPBSw==
expires
Tue, 11 Feb 2020 14:45:19 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1420497282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&ul=en-us&de=UTF-8&dt=Mydomain&sd=24-bit&sr=1600x1200&vp...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_gid=858190564.1578939099&gjid=1190824913&_v=j79&z=1642355702
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702&slf_rd=1&random=2747508280
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702&slf_rd=1&random=2747508280
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Jan 2020 18:11:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Jan 2020 18:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69116836-5&cid=649947597.1578939099&jid=1612791917&_v=j79&z=1642355702&slf_rd=1&random=2747508280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1072682780/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1072682780/?random=1578939098515&cv=9&fst=1578938400000&num=1&label=GArvCNqNugEQnK6__wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&tiba=Mydomain&async=1&fmt=3&is_vtc=1&random=1443841600&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Jan 2020 18:11:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1072682780/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1072682780/?random=1578939098515&cv=9&fst=1578938400000&num=1&label=GArvCNqNugEQnK6__wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&tiba=Mydomain&async=1&fmt=3&is_vtc=1&random=1443841600&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Jan 2020 18:11:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
consent-pref.trustarc.com/ Frame D013 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=endurance&site=ipage.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-220
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-41.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/?type=endurance&site=ipage.com&action=notice&country=nl&locale=en&behavior=expressed&gtm=1&layout=default_eu&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.mydomain.com/paypal.de.memberpp.com
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.mydomain.com/paypal.de.memberpp.com

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2019 07:34:41 GMT
server
nginx
etag
W/"5700-1576192060000"
last-modified
Thu, 12 Dec 2019 23:07:40 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RluoD28EZkyayPYYlBqbtvKFYfnX8Drk8nsZ-ffVs8mrpweJB5Wh5A==
age
4226
endurance_cookie.png
consent.trustarc.com/asset/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/endurance_cookie.png
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e8dfaac8cf9da7f54e3e5028d985ef9ea292f744f5c558a7c932ffac19aed59d
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 12 Jan 2020 14:45:19 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
age
98779
x-cache
Hit from cloudfront
status
200
content-length
1145
pragma
public
last-modified
Fri, 2 Nov 2018 19:08:11 GMT
server
nginx
x-frame-options
ALLOWALL
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6_-cspgOiDmgN-HoSC81NtcoQ56aQyYwazBDeD8aKQBojdEtfNMdfw==
expires
Tue, 11 Feb 2020 14:45:19 GMT
transparent.png
consent.trustarc.com/asset/ 		95 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/transparent.png
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
public
date
Sun, 12 Jan 2020 14:45:19 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Thu, 24 May 2018 00:46:39 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000
access-control-allow-origin
*
content-length
95
x-amz-cf-id
0scg4qxOplc8LSpl2mojqqsy37G5Eir8HGG7JRIRqKuhBE5oHE2wAg==
expires
Tue, 11 Feb 2020 14:45:19 GMT
noticemsg
consent.trustarc.com/ 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=ipage.com&behavior=expressed&country=nl&language=en&rand=0.1146616911092142
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 13 Jan 2020 18:11:38 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
GLKH9djo6bw5Z2quxt2x7eKYN-FMtDt7ti7wvolvRt0y8pVXDZGCUw==
expires
Mon, 13 Jan 2020 18:11:37 GMT
trans.png
consent.trustarc.com/asset/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/trans.png
Requested by
Host: www.mydomain.com
URL: https://www.mydomain.com/paypal.de.memberpp.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-76.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
public
date
Sun, 12 Jan 2020 14:45:19 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Thu, 24 May 2018 00:46:39 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000
access-control-allow-origin
*
content-length
923
x-amz-cf-id
Mhisn1cHk2JkdtPU34ZZXRHUZROojbDB41EHZGYwPK8IUjr9gJtZhQ==
expires
Tue, 11 Feb 2020 14:45:19 GMT
log
errors.client.optimizely.com/ 		13 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13415320116.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-28-113.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.mydomain.com
Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 13 Jan 2020 18:11:39 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.mydomain.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1420497282&t=timing&_s=2&dl=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&ul=en-us&de=UTF-8&dt=Mydomain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4288&pdt=1&dns=0&rrt=3087&srt=112&tcp=190&dit=3697&clt=3698&_gst=3748&_gbt=3874&_cst=3697&_cbt=3734&_u=aGBACEALB~&jid=&gjid=&cid=649947597.1578939099&tid=UA-69116836-5&_gid=858190564.1578939099&gtm=2wg121PPRPX8&cd2=none&cd4=no%20adblocker&cd9=none&cd12=https%3A%2F%2Fwww.mydomain.com%2Fpaypal.de.memberpp.com&cd14=domain%20brands&cd15=mydomain&cd17=none&cd19=GTM-PPRPX8-346&cd22=-&cd25=none&cd26=none&cd57=none&z=36696341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Nov 2019 19:08:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4662209
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
errors.client.optimizely.com/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-28-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mydomain.com/paypal.de.memberpp.com
Origin
https://www.mydomain.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.mydomain.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Mon, 13 Jan 2020 18:11:39 GMT
Content-Type
text/plain

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| V undefined| _ object| dataLayer object| webpackJsonp object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| ktag string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| optimizely object| e object| s string| domain string| domainHostName object| __NEXT_P object| __core-js_shared__ object| regeneratorRuntime object| __NEXT_DATA__ object| next object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _truste_eumap object| truste object| Kenshoo_Constants object| Kenshoo_Toggles object| Kenshoo_Amp_Helpers object| Kenshoo_Helpers object| Ktag_Functions function| setup function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG

6 Cookies

Domain/Path Name / Value
.mydomain.com/ Name: notice_behavior
Value: expressed,eu
.mydomain.com/ Name: _gcl_au
Value: 1.1.1196421506.1578939098
.mydomain.com/ Name: _gat_UA-69116836-5
Value: 1
.mydomain.com/ Name: _ga
Value: GA1.2.649947597.1578939099
.mydomain.com/ Name: _gid
Value: GA1.2.858190564.1578939099
www.mydomain.com/ Name: loglevel
Value: ERROR

1 Console Messages

Source Level URL
Text
console-api log (Line 2)
Message:
https://consent.trustarc.com/notice?domain=ipage.com&c=teconsent&gtm=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
consent-pref.trustarc.com
consent.trustarc.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
paypal.de.memberpp.com
resources.xg4ken.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mydomain.com
143.204.101.41
143.204.101.76
172.217.21.194
2001:4860:4802:34::75
2a00:1450:4001:806::200a
2a00:1450:4001:815::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9b
2a02:26f0:6c00:18b::13b8
34.206.28.113
34.254.13.19
5.199.130.184
52.0.92.213
02f5c82a6d6a34c0c5029180238a57dc42edbfff22ffad91ff56caaa80502696
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
2606b91cca1f76efe9c503aaef5b7956ef6415a9403b8bbc0f5eb857d515bb05
2e4d695c56b5bdf123b8b2dedc4f833867550a61897a5ca183074972f161f270
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
3bf3899e05df2c19b640583cb7fc973b54ffe477a5825d53480cecc451c29de7
3f061ddce9fd5afd62af4c8d884bf9f3047a9bff7399448b1eb463e0a9e1b726
50f41dcdb2df4ba7b3504aa1050af29b86394ffd1e5770341f8656082ac0bfe4
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
78fa84511c061e24b78e812c46136c22091b00fe53a9e799062fc9f563fa7ffa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b30e88ae78a6d02b37d7b920d72eb45874ca6f95827ead1786f26a7ca88a7f
8c07551d5308bd643a2eadb146701d1b1d41de17991735021b5e6b0f9bf5068b
8eb6b0a4bb73dc5ee3ab441b991f104a2ebfbeac567aa8966497fc0215095e3b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ec762dbf8ded4e30468fa462ea494e6823c1e8a5fb9bce3bab136f17c0a942f
a144e75d1946121b28fb562b446eef358d319ee09336b4284e21ed0fd6cad575
a19615ba78644c5f5ec1690480399329aa5debe4f00681c7325df49c31da66c0
a479597e10cdc72d1c0f58cb2bdc7507264041c8afbb3ceff94a8940149bdbae
a92f5fff342c3aa776c328f7518ab38a2af0ff0ddbb538e11f86b74908176099
a99923060a3fa9c6ca8fd9fd0be0641ede7041fcd6f18ebde034d2b6fe08cc5e
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc69c40ab6a9829b9bacda37c35531e0296b82e106538f3c658d5a8db31eb7b5
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dfaac8cf9da7f54e3e5028d985ef9ea292f744f5c558a7c932ffac19aed59d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd29644ef5bc8fbbfec791f13eae26ed3f94a3e093ada840b9b1b2181856d9b0