new-origin-www.paypal.com.akadns.net Open in urlscan Pro
173.0.88.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://new-origin-www.paypal.com.akadns.net/welcome/signup/
Submission Tags: phishing malicious Search All
Submission: On November 22 via api (November 22nd 2019, 1:27:29 pm UTC) from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 173.0.88.6, located in United States and belongs to PAYPAL - PayPal, Inc., US. The main domain is new-origin-www.paypal.com.akadns.net.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 28th 2018. Valid for: 2 years.

This is the only time new-origin-www.paypal.com.akadns.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.0.88.6 173.0.88.6	17012 (PAYPAL) (PAYPAL - PayPal)
17	2.21.38.79 2.21.38.79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL - PayPal)
20	3

2 173.0.88.6 (United States)

ASN17012 (PAYPAL - PayPal, Inc., US)
PTR: slc-b-origin-www.paypal.com

new-origin-www.paypal.com.akadns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.21.38.79 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-79.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL - PayPal, Inc., US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	paypalobjects.com www.paypalobjects.com	359 KB
5	paypal.com 1 redirects c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com	19 KB
2	akadns.net new-origin-www.paypal.com.akadns.net	26 KB
20	3

	Domain	Requested by
14	www.paypalobjects.com	new-origin-www.paypal.com.akadns.net
2	c.paypal.com	www.paypalobjects.com c.paypal.com
2	new-origin-www.paypal.com.akadns.net	new-origin-www.paypal.com.akadns.net
1	t.paypal.com
1	dub.stats.paypal.com	new-origin-www.paypal.com.akadns.net
1	b.stats.paypal.com	1 redirects
20	6

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2018-08-28` - `2020-09-01`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2018-02-16` - `2020-04-29`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
Frame ID: CC3AFED8D02197318F11D5F8D46EF080
Requests: 18 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: F9B675A44027CA8B96FF8776D03F6C47
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi
Frame ID: 2BCF553C90605226E2C6D7EDFC303B06
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

3
IPs

2
Countries

404 kB
Transfer

994 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://b.stats.paypal.com/v2/counter.cgi?p=ca4229f00d2b11ea9eeacb4affad8304&s=t_s HTTP 302
https://dub.stats.paypal.com/counter2.cgi

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
new-origin-www.paypal.com.akadns.net/welcome/signup/ 40 KB
14 KB 1312ms
444ms Document
text/html 173.0.88.6
PayPal

General

Check archive.org

Show headers Download Go to

Full URL

https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

173.0.88.6 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),

Reverse DNS

slc-b-origin-www.paypal.com

Software

Resource Hash

b29392a7f365211aae13d0baa0cd6682b7e7e6fcfe5e334e5901e8af9d8c135d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com; script-src 'nonce-LpT71DnHEwif6/r1oxq+xNG5WAKYtTmeg9hPxXZZ4eCttaDp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com https://.cardinalcommerce.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: new-origin-www.paypal.com.akadns.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com; script-src 'nonce-LpT71DnHEwif6/r1oxq+xNG5WAKYtTmeg9hPxXZZ4eCttaDp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Nov 2019 13:27:11 GMT
Etag: W/"9d5c-P/p89rMJ7Hav/LSyP3e8OeG+p1U"
Paypal-Debug-Id: e65a663e35ff8
Set-Cookie: enforce_policy=; Path=/; Domain=paypal.com; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Fri, 22 Nov 2019 22:13:07 GMT; Max-Age=31556; HttpOnly; Secure tsrce=progressivenodeweb; Path=/; Domain=paypal.com; Expires=Mon, 25 Nov 2019 13:27:10 GMT; Max-Age=259199; HttpOnly; Secure ts=vr%3D934b89fb16e0a5a06128d6dcfffe337e%26vreXpYrS%3D1669100008%26vteXpYrS%3D1574431031%26vt%3D934b8a0f16e0a5a06128d6dcfffe337d; Path=/; Domain=paypal.com; Expires=Tue, 22 Nov 2022 06:53:27 GMT; Max-Age=94670776; HttpOnly; Secure x-pp-s=eyJ0IjoiMTU3NDQyOTIzMTg1NiIsImwiOiIwIiwibSI6IjAifQ; Path=/; Domain=paypal.com; HttpOnly; Secure nsid=s%3A11AzDtEfxkx-8h4_weOv-wmyDuFIVNun.peO6uNtSlS0Tg5Hn8wAu2yUmOYYhASSb7CPauayF99w; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dprogressivenodeweb%26TIME%3D1574429231%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; Path=/; Domain=paypal.com; Expires=Fri, 22 Nov 2019 13:57:11 GMT; HttpOnly; Secure X-PP-L7=1; Path=/; Domain=paypal.com; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
DC: slc-b-origin-www-1.paypal.com

GET
H2 200 xhr-ads.min.js Show response
www.paypalobjects.com/web/res/40f/264f98d5d1f113e33bd9c3be2bba5/js/ 21 KB
6 KB 22ms
7ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/40f/264f98d5d1f113e33bd9c3be2bba5/js/xhr-ads.min.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

08d604303801d3eb8b48337e4b1ac48550e5a1f9524b9863b557ff0b6992d5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:11 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 6343
last-modified: Thu, 07 Nov 2019 17:10:49 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 20 Feb 2020 13:27:11 GMT

GET
H2 200 page.7ddc458c2298b82c9a69.css
www.paypalobjects.com/eboxapps/css/common/ 146 KB
27 KB 7ms
7ms Stylesheet
text/css 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d07ba143cc71300ac5acef5a19a2e7c92ff2317c39c8e997cd26809d88a47571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 21:31:29 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 27538
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 oneTouchInject.min.js Show response
www.paypalobjects.com/web/res/e59/ec6c2b16fc0a5365f00c2a3798b1c/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/e59/ec6c2b16fc0a5365f00c2a3798b1c/oneTouchInject.min.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bb0137cafd9fd7cb0dd226887a73a0c265b53f41979d7a51c4563543b80aa2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 1334
last-modified: Tue, 18 Oct 2016 22:40:13 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 ppcom.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ 5 KB
2 KB 7ms
7ms Image
image/svg+xml 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom.svg

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Apr 2014 21:29:42 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2352
expires: Sun, 22 Dec 2019 13:27:12 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 21ms
9ms Font
application/font-woff2 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css
Origin: https://new-origin-www.paypal.com.akadns.net

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-check-cacheable: YES
server: Apache
access-control-allow-origin: *
x-serial: 16973
vary: Accept-Encoding
content-type: application/font-woff2
status: 200
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18348
expires: Sun, 22 Dec 2019 13:27:12 GMT

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 21ms
11ms Font
application/font-woff2 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css
Origin: https://new-origin-www.paypal.com.akadns.net

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/font-woff2
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18388
expires: Sun, 22 Dec 2019 13:27:12 GMT

GET
H2 200 PayPalVXIcons-Regular.woff2
www.paypalobjects.com/ui-web/vx-icons/2-0-2/ 9 KB
9 KB 25ms
15ms Font
application/font-woff2 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/vx-icons/2-0-2/PayPalVXIcons-Regular.woff2

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2bd489558b2373c5faeecbdf17bfd8a619cf5db1cad8d648dcbd40d98d3d980d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css
Origin: https://new-origin-www.paypal.com.akadns.net

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 00:59:04 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
content-type: application/font-woff2
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8983
expires: Sun, 22 Dec 2019 13:27:12 GMT

GET
H2 200 react-16_2_0-bundle.js Show response
www.paypalobjects.com/digitalassets/c/website/js/ 99 KB
32 KB 9ms
8ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/website/js/react-16_2_0-bundle.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8f65237b4b242a73227a0de928dbd7582cf648d874c5f83e439fe527294c7403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Thu, 09 Aug 2018 00:24:16 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 32638
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 43 KB
16 KB 19ms
6ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

79dc5d32ab06d909d8565847ff4857fac1101096b8793e7d9065c4fb49033251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 15632
last-modified: Sun, 17 Nov 2019 03:56:24 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Fri, 22 Nov 2019 14:27:12 GMT

GET
H2 200 6a72d4030d1e41867edacada8ed9ec0f006276.js Show response
www.paypalobjects.com/eboxapps/js/21/ 73 KB
23 KB 24ms
12ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/eboxapps/js/21/6a72d4030d1e41867edacada8ed9ec0f006276.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3eeb72de9f01bdd8da8a4fd0b966794d9881e16597da3fde81b0bd9df3805db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Wed, 06 Nov 2019 21:31:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 23454
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 vendor.145c8b4fd6e8d935dad5.js Show response
www.paypalobjects.com/eboxapps/js/common/ 144 KB
43 KB 21ms
10ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/eboxapps/js/common/vendor.145c8b4fd6e8d935dad5.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed0776a2a30cdb810ced641b04100364591dd308bc277e1ae43bde1e5470c39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Fri, 15 Nov 2019 18:58:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 43656
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 page.d6cde15f8f5d7a39a381.js Show response
www.paypalobjects.com/eboxapps/js/common/ 207 KB
54 KB 27ms
16ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/eboxapps/js/common/page.d6cde15f8f5d7a39a381.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9f42e4c60ec7544063f0bfb431440a5b2535cbf1cb5c498d1c4906bf411a732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Fri, 15 Nov 2019 18:58:37 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 54673
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H2 200 bs-chunk.js Show response
www.paypalobjects.com/tagmgmt/ 19 B
294 B 29ms
19ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/tagmgmt/bs-chunk.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Nov 2019 01:44:09 GMT
server: Apache
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
status: 200
cache-control: max-age=7776000
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
content-length: 19
expires: Thu, 20 Feb 2020 13:27:12 GMT

GET
H/1.1 200
OK recaptchav3.js Show response
new-origin-www.paypal.com.akadns.net/auth/createchallenge/5f90e732888dfbd1/ 10 KB
12 KB 323ms
316ms Script
text/javascript 173.0.88.6
PayPal

General

Check archive.org

Show headers Download Go to

Full URL

https://new-origin-www.paypal.com.akadns.net/auth/createchallenge/5f90e732888dfbd1/recaptchav3.js

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

173.0.88.6 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),

Reverse DNS

slc-b-origin-www.paypal.com

Software

Resource Hash

136d47bae2204166ab259efa2f4984deb7e5a1a3dc1aea97b04a58f302e2b3a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-yj6Q1037ORIYv1jiAcd78oApIJmjgz60ZXQiNKa0aH7mbi7r' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-yj6Q1037ORIYv1jiAcd78oApIJmjgz60ZXQiNKa0aH7mbi7r' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
X-Content-Type-Options: nosniff
Etag: W/"288d-fsy2ycwxdBzb7rseLoLXFdebxM4"
Content-Type: text/javascript; charset=utf-8
Paypal-Debug-Id: 6842a56a5d446
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Date: Fri, 22 Nov 2019 13:27:11 GMT
DC: slc-b-origin-www-1.paypal.com
Content-Length: 10381
X-Xss-Protection: 1; mode=block

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 23ms
21ms Image
image/png 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Requested by

Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/eboxapps/css/common/page.7ddc458c2298b82c9a69.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 13:27:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 20:58:54 GMT
server: Apache
strict-transport-security: max-age=31536000
p3p: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-type: image/png
content-length: 110177
expires: Fri, 22 Nov 2019 13:27:12 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 51 KB
17 KB 10ms
8ms Script
application/x-javascript 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/eboxapps/js/common/page.d6cde15f8f5d7a39a381.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-79.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 803b2a9f6bad0794919c893aff445bcca329b3eb5183aa0e482b7b602655e081

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 13:27:12 GMT
x-pad: avoid browser bug
status: 200
access-control-max-age: 86400
content-encoding: gzip
content-length: 17480
last-modified: Thu, 10 Oct 2019 17:38:27 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
expires: Sat, 23 Nov 2019 13:27:12 GMT

GET
H2 200 i
c.paypal.com/v1/r/d/ Frame F9B6 0
0 169ms
169ms Document
text/html 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-21-38-79.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/

Response headers

status: 200
correlation-id: 3f388958510f6
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 160
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 3f388958510f6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2019 13:27:12 GMT

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame 2BCF
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=ca4229f00d2b11ea9eeacb4affad8304&s=t_s
https://dub.stats.paypal.com/counter2.cgi

42 B
494 B

185ms
46ms

Image
image/jpeg

64.4.245.84
PayPal

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi
Requested by: Host: new-origin-www.paypal.com.akadns.net
URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 13:27:12 GMT
Cache-Control: private, must-revalidate, proxy-revalidate
Server
Connection: close
ETag: "00efc53aa62f218ee286"
Content-Length: 42
Content-type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi
Date: Fri, 22 Nov 2019 13:27:12 GMT
Server
Connection: close
Content-Length: 289
Content-Type: text/html; charset=utf-8

GET
H2 200 ts
t.paypal.com/ 42 B
563 B 178ms
176ms Image
image/gif 2.21.38.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.3.28&t=1574429232920&g=-60&e=im&pgst=Unknown&calc=e65a663e35ff8&nsid=mS9-pdYLd8-q-Xct-2J_BzvEvnize5-w&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=0f99f08f6afe4edbb79efacc933f63ae&comp=progressivenodeweb&tsrce=progressivenodeweb&cu=0&xe=100117%2C100760%2C101159%2C101231%2C101158%2C100944%2C100753%2C2233&xt=100276%2C104373%2C103535%2C103956%2C103534%2C102736%2C102037%2C5348&pros=4&pgld=Unknown&bzsr=main&bchn=onbrd&pgsf=personal&lgin=out&shir=main_onbrd_personal_&lgcook=0&pgrp=main%3Aonbrd%3Aorganic%3Asignup%3Aaccount&page=main%3Aonbrd%3Aorganic%3Asignup%3Aaccount%3A%3A%3A&tmpl=email_password&l7=null&view=%7B%22t10%22%3A869%2C%22t11%22%3A2045%2C%22tcp%22%3A1503%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Sign%20Up%20for%20PayPal%3A%20Create%20a%20Business%20or%20Personal%20Account%20Now%20With%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=869&t1c=869&t1d=23&t1s=690&t2=444&t3=309&t4d=677&t4=679&t4e=2&tt=1994&res=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-79.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.7 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://new-origin-www.paypal.com.akadns.net/welcome/signup/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 13:27:13 GMT
server: akka-http/10.1.7
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 42
expires: Fri, 22 Nov 2019 13:27:13 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			new-origin-www.paypal.com.akadns.net/	1969-12-31 23:59:59	Name: nsid Value: s%3AnyWHNAeNN54q-kmB8w0uqeSuMdf2itpl.FFbLMhxPb35Gf%2Fm0L2kJuON%2BpnDjrn6IzuvGyec9uGU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/(Line 26) Message: %c WARNING!!! color:#FF8F1C; font-size:40px;
console-api	log	URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/(Line 27) Message: %c This browser feature is for developers only. Please do not copy-paste any code or run any scripts here. It may cause your PayPal account to be compromised. color:#003087; font-size:12px;
console-api	log	URL: https://new-origin-www.paypal.com.akadns.net/welcome/signup/(Line 28) Message: %c For more information, http://en.wikipedia.org/wiki/Self-XSS color:#003087; font-size:12px;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com; script-src 'nonce-LpT71DnHEwif6/r1oxq+xNG5WAKYtTmeg9hPxXZZ4eCttaDp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com https://.cardinalcommerce.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
dub.stats.paypal.com
new-origin-www.paypal.com.akadns.net
t.paypal.com
www.paypalobjects.com
173.0.88.6
2.21.38.79
64.4.245.84
08d604303801d3eb8b48337e4b1ac48550e5a1f9524b9863b557ff0b6992d5b9
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
136d47bae2204166ab259efa2f4984deb7e5a1a3dc1aea97b04a58f302e2b3a0
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
2bd489558b2373c5faeecbdf17bfd8a619cf5db1cad8d648dcbd40d98d3d980d
3eeb72de9f01bdd8da8a4fd0b966794d9881e16597da3fde81b0bd9df3805db5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
79dc5d32ab06d909d8565847ff4857fac1101096b8793e7d9065c4fb49033251
803b2a9f6bad0794919c893aff445bcca329b3eb5183aa0e482b7b602655e081
8f65237b4b242a73227a0de928dbd7582cf648d874c5f83e439fe527294c7403
9f42e4c60ec7544063f0bfb431440a5b2535cbf1cb5c498d1c4906bf411a732d
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b29392a7f365211aae13d0baa0cd6682b7e7e6fcfe5e334e5901e8af9d8c135d
bb0137cafd9fd7cb0dd226887a73a0c265b53f41979d7a51c4563543b80aa2d9
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
d07ba143cc71300ac5acef5a19a2e7c92ff2317c39c8e997cd26809d88a47571
ed0776a2a30cdb810ced641b04100364591dd308bc277e1ae43bde1e5470c39b

new-origin-www.paypal.com.akadns.net Open in urlscan Pro 173.0.88.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

20 Requests

90 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

3 IPs

2 Countries

404 kBTransfer

994 kBSize

1 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

new-origin-www.paypal.com.akadns.net Open in urlscan Pro
173.0.88.6 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

3
IPs

2
Countries

404 kB
Transfer

994 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions