urlscan.io logo urlscan.io
SecurityTrails logo

payments.bookkeepingagents.com Open in urlscan Pro
62.3.5.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.bookkeepingagents.com/
Submission: On January 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 27 HTTP transactions. The main IP is 62.3.5.66, located in St Louis, United States and belongs to CYBERCON, US. The main domain is payments.bookkeepingagents.com.
TLS certificate: Issued by R3 on January 26th 2024. Valid for: 3 months.
This is the only time payments.bookkeepingagents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 62.3.5.66 7393 (CYBERCON)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 152.199.19.160 15133 (EDGECAST)
6 151.101.129.21 54113 (FASTLY)
3 151.101.130.133 54113 (FASTLY)
2 151.101.1.35 54113 (FASTLY)
27 6
14    62.3.5.66 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: securec5p4.ezhostingserver.com
payments.bookkeepingagents.com
2    2606:4700:10::ac43:2910 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
6    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
14 bookkeepingagents.com
payments.bookkeepingagents.com
565 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3015
t.paypal.com — Cisco Umbrella Rank: 3523
89 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
32 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 46008
109 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2316
16 KB
27 5
Domain Requested by
14 payments.bookkeepingagents.com payments.bookkeepingagents.com
6 www.paypal.com payments.bookkeepingagents.com
www.paypal.com
www.paypalobjects.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 t.paypal.com payments.bookkeepingagents.com
2 cdn.tailwindcss.com 1 redirects payments.bookkeepingagents.com
1 ajax.aspnetcdn.com payments.bookkeepingagents.com
27 6

This site contains no links.

Subject Issuer Validity Valid
payments.bookkeepingagents.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://payments.bookkeepingagents.com/
Frame ID: F8E438573B7AB47A26C107FFDDC8D804
Requests: 22 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 3E92CEBCFEF799ADAA37C890BDA02585
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BOI Registration

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

27
Requests

96 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

811 kB
Transfer

1736 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.bookkeepingagents.com/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
895cab24f49ccec50c480f767b19cf46aa8990f5a92c7dba7cad5fffd988529b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
4902
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Jan 2024 20:54:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
roboto-font.css
payments.bookkeepingagents.com/css/ 		1 KB
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/css/roboto-font.css
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a993e0e006279a76e7670b098b32c169df01565f414e6ca8a31c882730f941a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:51:32 GMT
Server
Microsoft-IIS/10.0
ETag
"66bb9620ea4dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
331
material-design-iconic-font.min.css
payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/ 		69 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da6917372bdb0f0fa325d72c45527dc8f21bd097ebf4e145a3ef84417421756a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:52:10 GMT
Server
Microsoft-IIS/10.0
ETag
"63fa2937ea4dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
16293
jquery-ui.min.css
payments.bookkeepingagents.com/css/ 		30 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/css/jquery-ui.min.css
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d49f5279b7cf722c55ed080b160c89a273e676ed730847cd57ef7b4e6584da2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:51:33 GMT
Server
Microsoft-IIS/10.0
ETag
"dda3e020ea4dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
9470
3.4.1
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.1
359 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.1
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:58 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
last-modified
Fri, 05 Jan 2024 20:53:26 GMT
x-vercel-id
cle1::iad1::nrl2g-1704488004870-28d22f50c8bf
cf-cache-status
HIT
age
1814410
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
84bba776fbf5abd2-CPH

Redirect headers

date
Fri, 26 Jan 2024 20:54:58 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::7ppcj-1706301404401-fa1d5d538c8c
server
cloudflare
age
457
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.1
cache-control
max-age=14400
cf-ray
84bba776cb85abd2-CPH
content-length
0
style.css
payments.bookkeepingagents.com/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/css/style.css
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4537809ab8229e99445dbf3a9c37aa9ae6ca0c64bd0f08c73a9ff808d7532bdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jan 2024 16:37:16 GMT
Server
Microsoft-IIS/10.0
ETag
"d952edc1ac4fda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3643
jquery-3.3.1.min.js
payments.bookkeepingagents.com/js/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/js/jquery-3.3.1.min.js
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:51:35 GMT
Server
Microsoft-IIS/10.0
ETag
"6b69922ea4dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
38887
jquery.steps.js
payments.bookkeepingagents.com/js/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/js/jquery.steps.js
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1591281f92394d16d6cc50fd69c9ca67619cdff00f5447eecd9b6e2345c1afaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:51:35 GMT
Server
Microsoft-IIS/10.0
ETag
"b5b85b22ea4dda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
15271
jquery.validate.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.15.0/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.15.0/jquery.validate.js
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F778) /
Resource Hash
68129d48e23b33fad0e38459beb4c7633d7531b264de8441d06c17a360b7858d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28320737
x-cache
HIT
content-length
16049
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:31 GMT
server
ECAcc (ska/F778)
etag
"86626672d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-ui.min.js
payments.bookkeepingagents.com/js/ 		248 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/js/jquery-ui.min.js
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35f185a2aacd3c120d77143582a9fede64aa4568dcc65a3137ff3a5a711de6a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 10:51:37 GMT
Server
Microsoft-IIS/10.0
ETag
"dacfb723ea4dda1:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
main.js
payments.bookkeepingagents.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/js/main.js?v=0.2
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55b671b0a6fbed9ca8eac1a2cde55b879fde2d08c4b4d2a7d022290cfc38b6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Jan 2024 20:18:28 GMT
Server
Microsoft-IIS/10.0
ETag
"c57453a8cb4fda1:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1560
js
www.paypal.com/sdk/ 		294 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Ad8jUgXBxig9NFXHhdx-_opBrB4wSuSx-b_oI5Y9yBYygoBHQMZczS4PiDx2XQO_m52x-4UW9yPOQL_f&disable-funding=credit
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e8e15285ad95840839f02919cbd0f29825a4a9030c9ab8a6351b0b8869d760f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EscmO0d02+Wq9FCaRwTSSYIc6PcIzgoa/MnELw3J863Cql96' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EscmO0d02+Wq9FCaRwTSSYIc6PcIzgoa/MnELw3J863Cql96' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-EscmO0d02+Wq9FCaRwTSSYIc6PcIzgoa/MnELw3J863Cql96' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-EscmO0d02+Wq9FCaRwTSSYIc6PcIzgoa/MnELw3J863Cql96' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Fri, 26 Jan 2024 20:54:59 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f18019521e0a9
server-timing
"traceparent;desc="00-0000000000000000000f18019521e0a9-f426556cfe4dc6b7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
80126
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f18019521e0a9-c95db5baab122737-01
x-timer
S1706302498.363145,VS0,VE1075
etag
W/"138fe-kPppms2lbvjvhzaduwJNigdpS+o"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
wizard_v4_icon.png
payments.bookkeepingagents.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.bookkeepingagents.com/images/wizard_v4_icon.png
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4927e407f1f4b81dbc5d6269117fafdda60011698398015591dd10f33b779ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Last-Modified
Tue, 23 Jan 2024 10:51:35 GMT
Server
Microsoft-IIS/10.0
ETag
"38f45622ea4dda1:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1131
Roboto-Bold.ttf
payments.bookkeepingagents.com/fonts/Roboto/ 		167 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/fonts/Roboto/Roboto-Bold.ttf
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/css/roboto-font.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Request headers

Referer
https://payments.bookkeepingagents.com/css/roboto-font.css
Origin
https://payments.bookkeepingagents.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Last-Modified
Tue, 23 Jan 2024 10:51:54 GMT
Server
Microsoft-IIS/10.0
ETag
"11c782dea4dda1:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
170760
Roboto-Regular.ttf
payments.bookkeepingagents.com/fonts/Roboto/ 		168 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/css/roboto-font.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Referer
https://payments.bookkeepingagents.com/css/roboto-font.css
Origin
https://payments.bookkeepingagents.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Last-Modified
Tue, 23 Jan 2024 10:52:08 GMT
Server
Microsoft-IIS/10.0
ETag
"766bf635ea4dda1:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
171676
Material-Design-Iconic-Fontd1f1.woff2
payments.bookkeepingagents.com/fonts/material-design-iconic-font/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Fontd1f1.woff2?v=2.2.0
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css
Origin
https://payments.bookkeepingagents.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
1245
Content-Type
text/html
Material-Design-Iconic-Fontd1f1.woff
payments.bookkeepingagents.com/fonts/material-design-iconic-font/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Fontd1f1.woff?v=2.2.0
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.3.5.66 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
securec5p4.ezhostingserver.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c74c136895350e927bf69fe9fcb9f33fe9fae6340709d6ec4f8cb838a9470a3

Request headers

Referer
https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/css/material-design-iconic-font.min.css
Origin
https://payments.bookkeepingagents.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 20:54:58 GMT
Last-Modified
Tue, 23 Jan 2024 10:52:10 GMT
Server
Microsoft-IIS/10.0
ETag
"6fbc6c37ea4dda1:0"
X-Powered-By
ASP.NET
Content-Type
font/x-woff
Accept-Ranges
bytes
Content-Length
50312
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=payments.bookkeepingagents.com&t=xo&v=5.0.421&source=payments_sdk&client_id=Ad8jUgXBxig9NFXHhdx-_opBrB4wSuSx-b_oI5Y9yBYygoBHQMZczS4PiDx2XQO_m52x-4UW9yPOQL_f&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ad8jUgXBxig9NFXHhdx-_opBrB4wSuSx-b_oI5Y9yBYygoBHQMZczS4PiDx2XQO_m52x-4UW9yPOQL_f&disable-funding=credit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1ed2fbce5a50307526f9c016493765f57c7512699550f39d48905709093c288
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Cq+W5BTQ5ctNv12mrwF8XEhrvGSCKzHJ6Z2gazioyB8SXDtP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Cq+W5BTQ5ctNv12mrwF8XEhrvGSCKzHJ6Z2gazioyB8SXDtP' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 20:55:00 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS
paypal-debug-id
f795668e503fc
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4788
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f795668e503fc-decac256f27095f4-01
x-timer
S1706302500.507610,VS0,VE699
etag
W/"368d-1Rq+ex3wkxYctqhWCXp+wCSBaZI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=payments.bookkeepingagents.com&t=xo&v=5.0.421&source=payments_sdk&client_id=Ad8jUgXBxig9NFXHhdx-_opBrB4wSuSx-b_oI5Y9yBYygoBHQMZczS4PiDx2XQO_m52x-4UW9yPOQL_f&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:55:00 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
log-origin
shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security
max-age=31557600
log-timing
fetch=178261,misspass=93,do_stream=0
x-cache
HIT, HIT
paypal-debug-id
3fd9c4a83a728
dc
ccg11-origin-www-1.paypal.com
content-length
15742
x-served-by
cache-sjc10081-SJC, cache-fra-eddf8230038-FRA
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
traceparent
00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer
S1706302500.339694,VS0,VE0
etag
W/"64f25363-daa8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
9, 84217
ts
t.paypal.com/ 		42 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ANJ24R38FRCWWQ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ANJ24R38FRCWWQ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=e289caca-8e4d-4123-84e2-c90e4b59a339&fltp=analytics&mrid=NJ24R38FRCWWQ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=BOI%20Registration&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706302500223&g=-60&completeurl=https%3A%2F%2Fpayments.bookkeepingagents.com%2F&disableSetCookie=true
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 26 Jan 2024 20:55:00 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
6dcf39faf0bd6
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230099-FRA
pragma
no-cache
correlation-id
6dcf39faf0bd6
traceparent
00-00000000000000000006dcf39faf0bd6-30234d65eff376a4-01
x-timer
S1706302500.313670,VS0,VE161
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 20:55:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 3E92 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://payments.bookkeepingagents.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
16039
content-type
text/html
date
Fri, 26 Jan 2024 20:55:00 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"64f25363-dacc"
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
log-origin
shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com
log-timing
fetch=147177,misspass=72,do_stream=0
paypal-debug-id
7d8e18e65f05e
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
7, 83611
x-content-type-options
nosniff
x-served-by
cache-sjc1000107-SJC, cache-fra-eddf8230038-FRA
x-timer
S1706302500.381213,VS0,VE0
noop.js
www.paypalobjects.com/muse/ Frame 3E92 		18 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
10437, 82145
date
Fri, 26 Jan 2024 20:55:00 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
log-origin
shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com
log-timing
fetch=146948,misspass=79,do_stream=0
x-cache
HIT, HIT
paypal-debug-id
7f4693eaf4cf1
dc
ccg11-origin-www-1.paypal.com
content-length
18
x-served-by
cache-sjc1000145-SJC, cache-fra-eddf8230038-FRA
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
traceparent
00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01
x-timer
S1706302500.435577,VS0,VE0
etag
"60271cd0-12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-client-location
DE
ts
t.paypal.com/ 		42 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ANJ24R38FRCWWQ-1&page=muse%3Aoffer%3A%3A%3ANJ24R38FRCWWQ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=e289caca-8e4d-4123-84e2-c90e4b59a339&es=visitorInfoFlowStarted&mrid=NJ24R38FRCWWQ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=BOI%20Registration&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706302500422&g=-60&completeurl=https%3A%2F%2Fpayments.bookkeepingagents.com%2F&disableSetCookie=true
Requested by
Host: payments.bookkeepingagents.com
URL: https://payments.bookkeepingagents.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.bookkeepingagents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 26 Jan 2024 20:55:00 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
6f456157ed8de
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230099-FRA
pragma
no-cache
correlation-id
6f456157ed8de
traceparent
00-00000000000000000006f456157ed8de-23c7725e09e03eee-01
x-timer
S1706302500.436885,VS0,VE147
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 20:55:00 GMT
graphql
www.paypal.com/targeting/ Frame 3E92 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98786a38a6ccd4724fdd6d0314857cf4be1521e3e1bf4b9c688bd84646c027f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-//zoKCkpAfqiwBUqgfHznoUw1eJ2DndsOYR88ccC8puDPtmN' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-//zoKCkpAfqiwBUqgfHznoUw1eJ2DndsOYR88ccC8puDPtmN' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 26 Jan 2024 20:55:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f6491329a3b07
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f6491329a3b07-a217320910ee1cbb-01
x-timer
S1706302501.746246,VS0,VE275
etag
W/"1b3-RNrLHbEPLFDYoVKG+BayCSXRDg0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 26 Jan 2024 20:55:00 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f649132c3936f
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f649132c3936f-335ac8558c9a7290-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230078-FRA, cache-fra-eddf8230078-FRA
x-timer
S1706302501.531993,VS0,VE183
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://payments.bookkeepingagents.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://payments.bookkeepingagents.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Fri, 26 Jan 2024 20:55:00 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f64913246bf95
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f64913246bf95-af2267b1251deea3-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230078-FRA, cache-fra-eddf8230078-FRA
x-timer
S1706302501.666364,VS0,VE205
logger
www.paypal.com/xoplatform/logger/api/ 		1018 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ad8jUgXBxig9NFXHhdx-_opBrB4wSuSx-b_oI5Y9yBYygoBHQMZczS4PiDx2XQO_m52x-4UW9yPOQL_f&disable-funding=credit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b10ecc8ee4257e47ecf9138ea3e41d4caa7b091637c176bc2aebbd41e5f6ab6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://payments.bookkeepingagents.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jan 2024 20:55:01 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f649132009787
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230078-FRA, cache-fra-eddf8230078-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f649132009787-73867b89e53efaa8-01
x-timer
S1706302501.901139,VS0,VE202
etag
W/"3fa-gpKsDK2r/GJgbTOne3+v4OiKKBU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://payments.bookkeepingagents.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| tailwind string| /template.html function| $ function| jQuery object| __post_robot_11_0_0___uid_amqwvtjrjnlpxbcissdjhttpumbzdh object| paypal object| __zoid_10_3_3___uid_amqwvtjrjnlpxbcissdjhttpumbzdh function| setupPayPalBtn object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

1 Cookies

Domain/Path Name / Value
payments.bookkeepingagents.com/ Name: PHPSESSID
Value: 7uipdebkmhi95ve4kjgbi15b7b

1 Console Messages

Source Level URL
Text
network error URL: https://payments.bookkeepingagents.com/fonts/material-design-iconic-font/fonts/Material-Design-Iconic-Fontd1f1.woff2?v=2.2.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.tailwindcss.com
payments.bookkeepingagents.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.129.21
151.101.130.133
152.199.19.160
2606:4700:10::ac43:2910
62.3.5.66
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
1591281f92394d16d6cc50fd69c9ca67619cdff00f5447eecd9b6e2345c1afaa
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
35f185a2aacd3c120d77143582a9fede64aa4568dcc65a3137ff3a5a711de6a4
3e8e15285ad95840839f02919cbd0f29825a4a9030c9ab8a6351b0b8869d760f
4537809ab8229e99445dbf3a9c37aa9ae6ca0c64bd0f08c73a9ff808d7532bdb
4927e407f1f4b81dbc5d6269117fafdda60011698398015591dd10f33b779ffc
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
55b671b0a6fbed9ca8eac1a2cde55b879fde2d08c4b4d2a7d022290cfc38b6b1
5a993e0e006279a76e7670b098b32c169df01565f414e6ca8a31c882730f941a
68129d48e23b33fad0e38459beb4c7633d7531b264de8441d06c17a360b7858d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7c74c136895350e927bf69fe9fcb9f33fe9fae6340709d6ec4f8cb838a9470a3
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
895cab24f49ccec50c480f767b19cf46aa8990f5a92c7dba7cad5fffd988529b
98786a38a6ccd4724fdd6d0314857cf4be1521e3e1bf4b9c688bd84646c027f7
b10ecc8ee4257e47ecf9138ea3e41d4caa7b091637c176bc2aebbd41e5f6ab6b
c1ed2fbce5a50307526f9c016493765f57c7512699550f39d48905709093c288
d49f5279b7cf722c55ed080b160c89a273e676ed730847cd57ef7b4e6584da2f
da6917372bdb0f0fa325d72c45527dc8f21bd097ebf4e145a3ef84417421756a