urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.65.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sabro.net/paypal2.htm
Effective URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Submission Tags: @phishunt_io
Submission: On February 13 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 107.161.189.250 33182 (DIMENOC)
1 8 151.101.65.21 54113 (FASTLY)
15 151.101.114.133 54113 (FASTLY)
2 23.79.143.246 16625 (AKAMAI-AS)
25 4
Apex Domain
Subdomains		 Transfer
15 paypalobjects.com
www.paypalobjects.com
875 KB
10 paypal.com
www.paypal.com
t.paypal.com
31 KB
1 sabro.net
www.sabro.net
649 B
25 3
Domain Requested by
15 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
8 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
2 t.paypal.com
1 www.sabro.net
25 4

This site contains no links.

Subject Issuer Validity Valid
sabro.net
Sectigo RSA Domain Validation Secure Server CA		 2020-09-05 -
2021-09-05		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-12 -
2022-02-12		 a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2019-12-09 -
2021-12-13		 2 years crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-18 -
2021-11-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Frame ID: 6039185A2CEDF0688C1D65D87E4B7128
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.sabro.net/paypal2.htm Page URL
  2. https://www.paypal.com/cgi-bin/webscr?item_name=OnlinePayment_to_Sabro&cmd=_xclick&business=samuel%... HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

905 kB
Transfer

4289 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sabro.net/paypal2.htm Page URL
  2. https://www.paypal.com/cgi-bin/webscr?item_name=OnlinePayment_to_Sabro&cmd=_xclick&business=samuel%40sabro%2enet&no_shipping=0&no_note=1&currency_code=USD&lc=ES&bn=PP%2dBuyNowBF&charset=UTF%2d8 HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
paypal2.htm
www.sabro.net/ 		410 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sabro.net/paypal2.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.189.250 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
ftp.grupobrooks.com
Software
Apache /
Resource Hash
333eca46226d3a0b08967609d4857a1291d6c29a93298267a7a9e7c0039ee02c

Request headers

Host
www.sabro.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:25:35 GMT
Server
Apache
Last-Modified
Sun, 04 Aug 2013 00:13:26 GMT
ETag
"9222c8-19a-4e3140f83f580"
Accept-Ranges
bytes
Content-Length
410
Connection
close
Content-Type
text/html
Primary Request shoppingcart
www.paypal.com/webapps/
Redirect Chain
  • https://www.paypal.com/cgi-bin/webscr?item_name=OnlinePayment_to_Sabro&cmd=_xclick&business=samuel%40sabro%2enet&no_shipping=0&no_note=1&currency_code=USD&lc=ES&bn=PP%2dBuyNowBF&charset=UTF%2d8
  • https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
261af1775faf934ae5b37985830a463d05159905715ff98e4ea9054b1337e60c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-zbPz/sQjGZapjpiIDWD+whSP00tS6kJnmWEGl6qfQFVFrj0M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.sabro.net/paypal2.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYxMzIxMTkzNzM2MiIsImwiOiIwIiwibSI6IjAifQ; tsrce=xorouternodeweb; nsid=s%3AR98ZGDUUYE780YcWop-Xa6zHR2u_AO0M.fgtzAqRxXTxf6fz%2BYlJNdsGHJXItYfhZtMnOXUovoWU; l7_az=dcg01.phx; ts=vreXpYrS%3D1707819936%26vteXpYrS%3D1613213736%26vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8%26vtyp%3Dnew; ts_c=vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8; x-cdn=fastly:CDG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sabro.net/paypal2.htm

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-zbPz/sQjGZapjpiIDWD+whSP00tS6kJnmWEGl6qfQFVFrj0M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
paypal-debug-id
c17c27aeabb04
set-cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sat, 13 Feb 2021 19:11:33 GMT; HttpOnly; Secure LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sat, 13 Feb 2021 19:11:33 GMT; HttpOnly; Secure; SameSite=None x-csrf-jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Imp5ZU5obDV4MnJtU0NhcDlSYnFqSFJKSnFYMmw2U3BMTkxxTFYxZ1VNUGtDSmJnNWdFQk9wZVlWM2NCajRpWjlMbG1SdWladU9EOGtaTWgzbnZ4R3V1TnpWOGp0d0lzelZQYVExNWs0NzR4V0hEVk9ObXVyaExjSTNjNm5lYVB4MmxtLV9GOExyQ0o0NU5MSmlFSXdoYmpERk12S0tkbURrWmlBS2htQ25kWEVQaTN2czlsR2hjcHBCZHEiLCJpYXQiOjE2MTMyMTE5MzcsImV4cCI6MTYxMzIxNTUzN30.NBnQhmtno7LuG8tzFXGFN_QLLwPEvjXIHPN1wCEFca0; Domain=.paypal.com; Path=/; Expires=Sat, 20 Feb 2021 10:25:37 GMT; HttpOnly; Secure; SameSite=None tsrce=shoppingcartnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 16 Feb 2021 10:25:37 GMT; HttpOnly; Secure; SameSite=None tsrce=shoppingcartnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 16 Feb 2021 10:25:37 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sat, 13 Feb 2021 10:55:37 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1707819937%26vteXpYrS%3D1613213737%26vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 13 Feb 2024 10:25:37 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8; Path=/; Domain=paypal.com; Expires=Tue, 13 Feb 2024 10:25:37 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-cookies
{"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"sEE9CvZja6VOkLNXlAfQBhR0FvVvIV2eS3OyrtC2KZ9tOlukfJ0YbNd5MBf_vO8j67YB_GbDcqK-sv-0","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"yfzmEIYndFtTCUcWImzDAUDFmWbwnI1Spt7Qa2zLgMTmz4vwdGB0kuPRt5OuhJgjUF70DVkzO5DA_Z71OOBt5xkBV671LTWcWmmPKLQor67VI4K0-cB-XkUZTsI7YCC34ZpPwup3Lrg3-C-5mFH3V-k8qede9PMHWWkgDgcrZl2Rm7IvTkj0pcW-B_uLwiuakYsJiasURCGSGIk4O9cuF4jlOoeBHfUoIR6Of8OWDwF3qX6o1S4MVPykROiEiKec7_hXjWOD3m8AhRbf40Xbe-iYq19WPsBkXmHRfr6CPCZ0SaZxiywpClMo0ienfskvDy5vBsspkuoxo4JcaiejhjSCLjnXf5_R8bHq272qYZ-kssJLdq9n7Jxl05rLWdpVTGnwvmlbE7HauuXHXlxNLvhZ054bwMtXvQtpKRwSVRzcHfB2yqS4RgFnyvu9w2PHGlJUHnxAyzcfPhxD4QLidn4TdFv4b2BJvOagFqmjhmlpdMsg8JR0NV3ADGDpCWQ1lNrLt0pD1e0pTJ4RUUY4D5Bo6OToj5jSE1VmDSZ1EnAmhDZd902koKC9e3REax8_-OmCCUUvaoLjSyOH","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"1SFwjSmuc2eZzIc-9YYZAUdN7uZiKGsDRDkS3Camu_zpTCnDmrdYLLUY9GEQovlE-e5Awwy18Bzy51CHjWmhzH1JNMu"}
x-cookies-hash
b6363f3a4fb361e25116bcdf0d7198f26e5c9dbbead891ee7a51728deb7e93b5
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IjdtckZZSGZydHVaLVlnY2J3YzFTU1JWR1lUZGdZM0o1X3hNMTJUN01ZVENBQ1lieEpiZ29OR1J2cUUwd0hJNHlnM04wMm1VNVB5S2ZDbHg3ZldTb18wZHVMc3NWdW0xNmVxTW11bEM2TElPdTRROVByNEZmOTJKSmh5VlV3eEZvajJLQkx3T0U1OThlT2tMaTBwY01IamFrbVlna3pJd2pFNjdsSUh2S0RLVm8wMTgwVmIyb0M1Z1pHTTQiLCJpYXQiOjE2MTMyMTE5MzcsImV4cCI6MTYxMzIxNTUzN30.AMzJKsHGsERU7L3VPYxjS3W1XUvnDq3Q-9ZZJNOQ19I
x-csrf-jwt-hash
32eb2da6313f8fd1fd67689679254a17c25dceca73683f3185b03cb7035c8979
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
phx-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Sat, 13 Feb 2021 10:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7335-LHR, cache-cdg20768-CDG
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1613211937.476983,VS0,VE212
vary
Accept-Encoding
content-encoding
br

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com; script-src 'nonce-Gk0WeKinab1aVMlfslScXE8O5kHUZc3pyqIVQxlMfFaiQe2B' 'self' https://*.paypal.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
location
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
paypal-debug-id
ed4f514a746eb
set-cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sat, 13 Feb 2021 19:11:33 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 13 Feb 2022 10:25:37 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxMzIxMTkzNzM2MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=xorouternodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 16 Feb 2021 10:25:37 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AR98ZGDUUYE780YcWop-Xa6zHR2u_AO0M.fgtzAqRxXTxf6fz%2BYlJNdsGHJXItYfhZtMnOXUovoWU; Path=/; HttpOnly; Secure l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sat, 13 Feb 2021 10:55:37 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1707819936%26vteXpYrS%3D1613213736%26vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 13 Feb 2024 10:25:37 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8; Path=/; Domain=paypal.com; Expires=Tue, 13 Feb 2024 10:25:37 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Sat, 13 Feb 2021 10:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7344-LHR, cache-cdg20768-CDG
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1613211937.824007,VS0,VE629
content-length
262
styles.css
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/css/styles.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-methods
GET
csp
www.paypal.com/csplog/api/log/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-8LwHX6Kb8UpblQk43GUlz6lHpB7kGd3yNzSgn4WfWULYVY0u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-8LwHX6Kb8UpblQk43GUlz6lHpB7kGd3yNzSgn4WfWULYVY0u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
ae7a1ebba0ee2
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by
cache-lhr7337-LHR, cache-cdg20768-CDG
x-timer
S1613211938.719053,VS0,VE200
x-frame-options
SAMEORIGIN
date
Sat, 13 Feb 2021 10:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
framework.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/ 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/framework.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e4905263d652cc043a7688119266721f664464c87a97939b75be7ea98bf8ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198514
x-cache
HIT, HIT
paypal-debug-id
c5903e5aa9e2b
x-cache-hits
1, 1
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
139470
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10036-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:21 GMT
x-timer
S1613211938.844560,VS0,VE1
etag
W/"600f4899-64ae4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 11 Feb 2022 03:10:39 GMT
config.js
www.paypal.com/webapps/shoppingcart/static/js/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/static/js/config.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cc97ef115b50a5f7071c0bdb4499f7d68d4fde079d611d9e24fdc66b025035c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
a4c7d9d9557e4
x-cookies-hash
5178cca94b478e6d44abf875e76c94549d24946ddc14cc205ee8d26da705dcf4
dc
ccg11-origin-www-1.paypal.com
x-cookies
{}
x-served-by
cache-lhr7372-LHR, cache-cdg20768-CDG
x-timer
S1613211938.750757,VS0,VE233
etag
W/"8b23-r67GPago4f8jnbjT47yMdVDt54Y"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
main.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/ 		2 MB
366 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/main.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45cdb344e7703b271da8634d91f8534b17ebe137eab456b04f178b45da44f654
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1522778
x-cache
HIT, HIT
paypal-debug-id
2859dba7937e
x-cache-hits
3, 1
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
374551
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10061-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:21 GMT
x-timer
S1613211938.844546,VS0,VE1
etag
W/"600f4899-1dae0e"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 26 Jan 2022 19:19:04 GMT
pa.js
www.paypalobjects.com/pa/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2004f42ff100e56dbc6da83ea8f136a9aea3b9d8f88ad5c9e0a201c5af366b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130327
x-cache
HIT, HIT
paypal-debug-id
1456c0b715be9
dc
slc-b-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20118
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10026-SJC, cache-hhn4038-HHN
last-modified
Thu, 11 Feb 2021 22:01:50 GMT
x-timer
S1613211938.844650,VS0,VE0
etag
W/"6025a94e-cfb0"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
2669, 22
en.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/locales/US/ 		298 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/locales/US/en.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
51f01c54b042faa97d251509bc1beb932e7dec87e2566166780496551f1fc7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198074
x-cache
HIT, HIT
paypal-debug-id
5b4c063a22eca
x-cache-hits
1, 2
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
71182
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10043-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:29 GMT
x-timer
S1613211938.844744,VS0,VE0
etag
W/"600f48a1-4a727"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 11 Feb 2022 03:17:17 GMT
metadata.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/metadata/US/en/ 		291 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/metadata/US/en/metadata.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e78a6e61c562519b935533d6eafc9c6a30b9d2795b6a913152a7116e23556e31
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1286285
x-cache
HIT, HIT
paypal-debug-id
de47e948ccf86
x-cache-hits
1, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
37422
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10042-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:53 GMT
x-timer
S1613211938.844792,VS0,VE1
etag
W/"600f48b9-48b64"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jan 2022 13:00:31 GMT
icon_ot_spin_lock_skinny.png
www.paypalobjects.com/images/checkout/hermes/ 		395 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/icon_ot_spin_lock_skinny.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60668cd1ce79ddd5a0615433bc913eca1f17da711f00cc0e40e14744f6cc3cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
8580652
x-cache
HIT, HIT
fastly-io-info
ifsz=395 idim=50x50 ifmt=png ofsz=395 odim=50x50 ofmt=png
paypal-debug-id
cb8e83efaeab3
fastly-stats
io=1
dc
slc-b-origin-www-3.paypal.com
content-length
395
fastly-io-warning
Failed to shrink image
x-served-by
cache-sjc10045-SJC, cache-hhn4038-HHN
x-timer
S1613211938.043389,VS0,VE0
etag
"9/TeXB0V+j3W4UHnkH0U0tXVJqfiTsEVVUAU4yIq4wk"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
11663, 86
miconfig.js
www.paypalobjects.com/pa/mi/ 		110 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40608
x-cache
HIT, HIT
paypal-debug-id
597d3859034df
dc
ccg11-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20779
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10047-SJC, cache-hhn4029-HHN
last-modified
Fri, 12 Feb 2021 22:44:08 GMT
x-timer
S1613211938.204407,VS0,VE0
etag
W/"602704b8-1b9c2"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
7837, 254
locale
www.paypal.com/webapps/shoppingcart/api/ 		479 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/locale?ipCountry=FR&checkoutSessionLocale=ES&localeParam=ES&meta=%7B%22flowlogging_id%22%3A%22ed4f514a746eb%22%2C%22calc%22%3A%22d0ab7cd0d5d9f%22%2C%22csci%22%3A%227bddf5708bbf4bf98dea023a33a8d417%22%2C%22locale%22%3A%7B%7D%2C%22state%22%3A%22ui_checkout_init%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82ad7a45c7db87b8f1450b128130dc790a5a3d012d6f91b7a6f1f7e033674c31
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-8ff5r1D2x17xbE8aZcnmaKhIsTtgqzsNFO6IVXdIT4Lgw4zB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
X-Requested-With
XMLHttpRequest
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IjdtckZZSGZydHVaLVlnY2J3YzFTU1JWR1lUZGdZM0o1X3hNMTJUN01ZVENBQ1lieEpiZ29OR1J2cUUwd0hJNHlnM04wMm1VNVB5S2ZDbHg3ZldTb18wZHVMc3NWdW0xNmVxTW11bEM2TElPdTRROVByNEZmOTJKSmh5VlV3eEZvajJLQkx3T0U1OThlT2tMaTBwY01IamFrbVlna3pJd2pFNjdsSUh2S0RLVm8wMTgwVmIyb0M1Z1pHTTQiLCJpYXQiOjE2MTMyMTE5MzcsImV4cCI6MTYxMzIxNTUzN30.AMzJKsHGsERU7L3VPYxjS3W1XUvnDq3Q-9ZZJNOQ19I
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-8ff5r1D2x17xbE8aZcnmaKhIsTtgqzsNFO6IVXdIT4Lgw4zB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
000d5466a8509
dc
phx-origin-www-3.paypal.com
content-encoding
br
vary
Accept-Encoding
x-csrf-jwt-hash
bf0950e595e8ed72400b3c7b9d0803c2d9d6364c369d85cef8bc1c2e1512e439
x-xss-protection
1; mode=block
x-served-by
cache-lhr7332-LHR, cache-cdg20768-CDG
pragma
no-cache
x-timer
S1613211938.150725,VS0,VE337
x-frame-options
SAMEORIGIN
date
Sat, 13 Feb 2021 10:25:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlVRQmxOR3AxYy1QcUMzUkhMSEFTZ0FRaHBEZmNma1NpQWxlV25nRWM5NFM1LUkyeFAzU0lzdnZFSmNMYVBpZWstTHhOOVdtQ19VNWFYMXBBWmstSFY3bGgyTE5KMDJGSmZyS3FLNXdfb0RnbXFVYlVaeTBrQVRaYjgxYXFldm4yYzRBX0FYX2xNOFcyRTJqR0puR0Y5SDNuZ0ItR29kbVhlYV9BZC1RcXdEYzM0SEdLVGVXanBYNGIweVciLCJpYXQiOjE2MTMyMTE5MzgsImV4cCI6MTYxMzIxNTUzOH0.llBruTMJCnKaTaB7VLtO6UP5YUgZc3e71NzMa3pTwms
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"1df-Xgi/t/7h0LaF4XAMkZZQ9x5QmCM"
accept-ranges
none
x-cache-hits
0, 0
es.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/locales/ES/ 		232 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/locales/ES/es.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
289b5d8a44e539ae59ee64bb4c32f18a457491ada08a20a593e0da2cdb4e0108
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171164
x-cache
MISS, HIT
paypal-debug-id
c8e48f3379a81
x-cache-hits
0, 1
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
52524
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10039-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:23 GMT
x-timer
S1613211939.528851,VS0,VE1
etag
W/"600f489b-3a05a"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 11 Feb 2022 04:32:27 GMT
metadata.js
www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/metadata/ES/es/ 		294 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/metadata/ES/es/metadata.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2e6996bfa6a25f54d294ac66d20c760cab96f3115942df1203e3a4b9ac2b568
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176638
x-cache
MISS, HIT
paypal-debug-id
a711b4c4bc333
x-cache-hits
0, 1
dc
ccg11-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
37305
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10077-SJC, cache-hhn4038-HHN
last-modified
Mon, 25 Jan 2021 22:39:33 GMT
x-timer
S1613211939.528857,VS0,VE1
etag
W/"600f48a5-497dc"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 11 Feb 2022 08:00:18 GMT
button.js
www.paypalobjects.com/api/ 		582 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/button.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
60d564068c8f17ec2e2680d846e0e7acad1debcc63ac3972fc234892fed56bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
16763812
x-cache
HIT, HIT, HIT
content-encoding
gzip
vary
Accept-Encoding
content-length
69149
x-served-by
cache-lax8650-LAX, cache-sjc10033-SJC, cache-hhn4038-HHN
last-modified
Fri, 16 Sep 2016 16:02:16 GMT
server
Apache
x-timer
S1613211939.605735,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
35, 3075, 118
getData
www.paypal.com/webapps/shoppingcart/api/openbutton/ 		636 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/openbutton/getData
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0485352a2bb861e1780b0a65d6eb6557b65dfb8ecee87c288f819411f05fa459
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
X-Requested-With
XMLHttpRequest
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlVRQmxOR3AxYy1QcUMzUkhMSEFTZ0FRaHBEZmNma1NpQWxlV25nRWM5NFM1LUkyeFAzU0lzdnZFSmNMYVBpZWstTHhOOVdtQ19VNWFYMXBBWmstSFY3bGgyTE5KMDJGSmZyS3FLNXdfb0RnbXFVYlVaeTBrQVRaYjgxYXFldm4yYzRBX0FYX2xNOFcyRTJqR0puR0Y5SDNuZ0ItR29kbVhlYV9BZC1RcXdEYzM0SEdLVGVXanBYNGIweVciLCJpYXQiOjE2MTMyMTE5MzgsImV4cCI6MTYxMzIxNTUzOH0.llBruTMJCnKaTaB7VLtO6UP5YUgZc3e71NzMa3pTwms
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 13 Feb 2021 10:25:39 GMT
via
1.1 varnish, 1.1 varnish
x-served-by
cache-lhr7358-LHR, cache-cdg20768-CDG
x-timer
S1613211939.624492,VS0,VE1122
etag
W/"27c-wjXhTL6SLAolWAX0HWaLNZtDajA"
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
application/json; charset=utf-8
paypal-debug-id
ffdf76e5fffcb
cache-control
max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
none
content-encoding
br
x-cache-hits
0, 0
hermes_window_sprite_v15.png
www.paypalobjects.com/images/checkout/hermes/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v15.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0bd1b32efa65f84af705a535185634139810b4c9b4c01d3a3658cee5b92d456
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
1375500
x-cache
HIT, HIT
fastly-io-info
ifsz=27173 idim=250x350 ifmt=png ofsz=27163 odim=250x350 ofmt=png
paypal-debug-id
b6e615971fcf
fastly-stats
io=1
dc
slc-b-origin-www-2.paypal.com
content-length
27163
x-served-by
cache-sjc10063-SJC, cache-hhn4038-HHN
x-timer
S1613211939.645781,VS0,VE1
etag
"T7GZL0BmSxl/pRKnuKKG+OvT31cTjcs+fcIjsNM8kg8"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
9, 1
hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:38 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
8580650
x-cache
HIT, HIT
fastly-io-info
ifsz=23268 idim=250x350 ifmt=png ofsz=23268 odim=250x350 ofmt=png
paypal-debug-id
5d46010930694
fastly-stats
io=1
dc
ccg11-origin-www-3.paypal.com
content-length
23268
fastly-io-warning
Failed to shrink image
x-served-by
cache-sjc10025-SJC, cache-hhn4038-HHN
x-timer
S1613211939.645760,VS0,VE0
etag
"nnzRlS9MBgJaF5KTitXTyIJxOe9T0imDmyJbBzcjo2U"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1405, 4
cookieBanner
www.paypal.com/webapps/shoppingcart/api/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/cookieBanner?meta=%7B%22flowlogging_id%22%3A%22ed4f514a746eb%22%2C%22calc%22%3A%22d0fad5501b254%22%2C%22csci%22%3A%22d1969d5ea0d945bf80a282feea5a5ac4%22%2C%22locale%22%3A%7B%22country%22%3A%22ES%22%2C%22language%22%3A%22es%22%7D%2C%22state%22%3A%22ui_checkout_openButton%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37569e5cb713b21afab94fb288eba32fecd9f603e24658e651614d3db2b127d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-SHyEX01nzhyjn7+B/a8s/EDtakoCDXSyBC1pBvLAmwfg/Qa9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
X-Requested-With
XMLHttpRequest
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlVRQmxOR3AxYy1QcUMzUkhMSEFTZ0FRaHBEZmNma1NpQWxlV25nRWM5NFM1LUkyeFAzU0lzdnZFSmNMYVBpZWstTHhOOVdtQ19VNWFYMXBBWmstSFY3bGgyTE5KMDJGSmZyS3FLNXdfb0RnbXFVYlVaeTBrQVRaYjgxYXFldm4yYzRBX0FYX2xNOFcyRTJqR0puR0Y5SDNuZ0ItR29kbVhlYV9BZC1RcXdEYzM0SEdLVGVXanBYNGIweVciLCJpYXQiOjE2MTMyMTE5MzgsImV4cCI6MTYxMzIxNTUzOH0.llBruTMJCnKaTaB7VLtO6UP5YUgZc3e71NzMa3pTwms
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-SHyEX01nzhyjn7+B/a8s/EDtakoCDXSyBC1pBvLAmwfg/Qa9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
e1cdd3e8f94ce
dc
ccg11-origin-www-1.paypal.com
content-encoding
br
vary
Accept-Encoding
x-csrf-jwt-hash
0e848bf9d3c78a5c731e6c7d54d6c3a8fa87c2dba2c1833f593ef80e656614f6
x-xss-protection
1; mode=block
x-served-by
cache-lhr7325-LHR, cache-cdg20768-CDG
pragma
no-cache
x-timer
S1613211939.699276,VS0,VE329
x-frame-options
SAMEORIGIN
date
Sat, 13 Feb 2021 10:25:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IjJjdFpCTW1Lc2toazJVTlVLam5LcjJqLXROOXBZZ2lBMDhFZGRCV0Z0R1E4QVllZDA1SmJNUWE2Q0JuSDVYckhmS1B1MW5jd3N4dGtTeEF4X2NTU1ZkWlZDUlViZHJFNXNQUW0zRXpCcEZkQkRNZXJLTXY0aDBMR1dWbjNNUTZobGJnREhRQ25pa3Nza2t6VkxXT0ExSDNhRGxDUG05YlpNVTdRWHlPdEdsa3JjMVJWdUNiOGQyNDN2NzAiLCJpYXQiOjE2MTMyMTE5MzgsImV4cCI6MTYxMzIxNTUzOH0.HO1PEAI9vTYbRyHkcIk8X4jV4o59GqVbQyZHplncSho
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"29d3-f17NjoGkYqG2pbcB/2qQYo9Fd1A"
accept-ranges
none
x-cache-hits
0, 0
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:39 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
12271257
x-cache
HIT, HIT
paypal-debug-id
4430072ed4be7
dc
slc-b-origin-www-2.paypal.com
content-length
18320
x-served-by
cache-sjc10062-SJC, cache-hhn4029-HHN
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
x-timer
S1613211939.068053,VS0,VE0
etag
"5a66ae4b-4790"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
121508, 879312
btn_tracking_pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/btn_tracking_pixel.gif?teal=null&Id=null&ru=null&fltk=undefined&calc=ffdf76e5fffcb&page=main:ec:hermes::fullpage-openButton:wps:openbutton:&xe=null&xt=null&fpti=9aeca8841770ad005cbc2076fe3dcfb9&WWW_AKA_MVT_BUTTONS=null&WWW_AKA_MVT_ID=null&ip=82.102.18.114&mrid=null&calf=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 10:25:39 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
250278
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
405a674ef1d30
fastly-stats
io=1
dc
slc-b-origin-www-2.paypal.com
content-length
42
x-served-by
cache-sjc10070-SJC, cache-hhn4038-HHN
x-timer
S1613211940.797496,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
470, 4
log
www.paypal.com/webapps/shoppingcart/api/ 		216 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/31a/ff672ce73a403f2b81428faf575ef/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29c54d0976ec0061770da665fe9fed9f0f7b7f1bab68f9ab4035a07437f22e8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-N7IKvcZu3V3/UOcOPS4fbRJvKQJZiVx3u6SKZrSCkZU9g3gv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-N7IKvcZu3V3/UOcOPS4fbRJvKQJZiVx3u6SKZrSCkZU9g3gv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
788d225f7ea6b
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-lhr7361-LHR, cache-cdg20768-CDG
x-timer
S1613211940.795115,VS0,VE390
x-frame-options
SAMEORIGIN
date
Sat, 13 Feb 2021 10:25:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"d8-nlkmdPLThEitC1Ie1iJBJBUkQnM"
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.29&t=1613211939802&g=-60&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2&vers=member%3Ahermes%3A&qual=fullpage&tmpl=openButton.dust%3Afullpage&goal=openButton%20page&fltk=undefined&calc=ffdf76e5fffcb&csci=d1969d5ea0d945bf80a282feea5a5ac4&pgst=1613211939780&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&displayPage=main%3Aec%3Ahermes%3A%3Afullpage-openButton&ppage=privacy_banner&bannerType=cookiebanner&ccpg=ES&flag=gdpr_v2&bannerVersion=v2&bannerSource=ConsentNodeServ&e=ac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-246.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Feb 2021 10:25:40 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sat, 13 Feb 2021 10:25:40 GMT
ts
t.paypal.com/ 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.29&t=1613211940061&g=-60&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aec%3Ahermes%3A%3Afullpage-openButton&page=main%3Aec%3Ahermes%3A%3Afullpage-openButton%3Awps%3Aopenbutton%3A&vers=member%3Ahermes%3A&qual=fullpage&tmpl=openButton.dust%3Afullpage&goal=openButton%20page&fltk=undefined&calc=ffdf76e5fffcb&csci=d1969d5ea0d945bf80a282feea5a5ac4&pgst=1613211939780&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&e=im&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&ef_policy=gdpr_v2&imsrc=setup&view=%7B%22t10%22%3A697%2C%22t11%22%3A3063%2C%22tcp%22%3A1376%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=Proceso%20de%20pago%20de%20PayPal&ru=https%3A%2F%2Fwww.sabro.net%2Fpaypal2.htm&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=233&t3=37&t4d=543&t4=543&t4e=0&tt=1477&rdc=1&res=%7B%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-246.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=ed4f514a746eb&mfid=1613211937350_ed4f514a746eb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Feb 2021 10:25:40 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sat, 13 Feb 2021 10:25:40 GMT

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| meta object| cookies object| beaconQueue function| beacon function| scripterror function| webpackJsonp object| angular object| config object| __core-js_shared__ object| core boolean| main object| jQuery112407614559350019261 function| $Class function| $Error function| $Contingency function| $Forbidden function| $ApiError function| $FallbackError function| $ShortCircuit object| pre function| preload function| preloadComplete function| $Api function| $Model function| $pxp function| $elmo function| addContent function| addMetadata function| $ContentModel function| $MetadataModel function| $LocaleModel function| $Component function| $ComponentRoute function| $TeslaFlowIdModel function| $PXPModel function| $LocaleConfigModel function| $AppDataModel function| $MessengerIntegrationDataModel function| $TokenizedWalletEligibilityModel function| $TokenizedWalletInfoModel function| $TokenizedFundingCapabilitiesModel function| $TokenizedWalletPinModel function| $TokenizedWalletMsbOfferModel function| $AuthApi function| $AuthModel function| $ULoginModel function| $VenmoOnboardModel function| $VenmoUserModel function| $VenmoSupplementaryInfo function| $VenmoTransactionEligibility function| $CheckoutCartModel function| $CheckoutAppDataModel function| $FundingSourceModel function| $FundingOptionsModel function| $InstallmentOptionsModel function| $FlowEligibilityModel function| $CheckoutShippingAddressModel function| $ShippingAddressModel function| $CheckoutPayeeModel function| $CheckoutShippingAddressesModel function| $CheckoutPlanModel function| $CardBackupModel function| $CheckoutSessionModel function| $FptiDataModel function| $FptiBuilder function| $ShoppingCartModel function| $LandingRoute function| $xoInvalidAddressComponent function| $InvalidAddressRoute function| $CheckoutClientDataModel function| $CheckoutInputDataModel function| $UserInfoModel function| $ValidatePhoneModel function| $AddKYCModel function| $PatchPhoneModel function| $WaxUserModel function| $EConsentModel function| $UserPhotoModel function| $AuthConsentModel function| $UserProductSubscriptionModel function| $xoBanner function| $xoGenericErrorComponent function| $xoGenericErrorPageComponent function| $GenericErrorRoute function| $xoErrorDirective function| $ErrorRoute function| $xoGenericMessagePageComponent function| $GenericMessageRoute function| $OpenButtonModel function| $xoOpenButton function| $xoOpenButtonRoute function| $ShippingMethodModel function| $ShippingRuleSummaryModel function| $xoShoppingCart function| $ShoppingCartRoute function| $xoEmptyCartPageComponent function| $EmptyCartRoute function| $xoSoldoutPageDirective function| $xoSoldOutPageRoute function| $GDPRCookieBannerModel function| $xoMerchantHeaderDirective function| $CreateBAModel function| $SubscriptionModel function| $SubscriptionsV1Model function| $subscription function| _ function| $installmentplan function| $SubscriptionsV1 function| $xoShoppingCartFooter function| $gdprCookieBanner function| $xoCheckoutComponent function| $xoCheckoutRoute boolean| bootstrap object| PAYPAL object| fpti string| fptiserverurl object| root object| injector object| miconfig object| paypal function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| _ifpti object| laDataLayer

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: tsrce
Value: cspreportnodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYxMzIxMTkzNzgzMiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1707819937%26vteXpYrS%3D1613213737%26vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8%26vtyp%3Dnew
.paypal.com/ Name: x-cdn
Value: fastly:CDG
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts_c
Value: vr%3D9aeca8841770ad005cbc2076fe3dcfb9%26vt%3D9aeca8841770ad005cbc2076fe3dcfb8
www.paypal.com/ Name: nsid
Value: s%3AR98ZGDUUYE780YcWop-Xa6zHR2u_AO0M.fgtzAqRxXTxf6fz%2BYlJNdsGHJXItYfhZtMnOXUovoWU
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: x-csrf-jwt
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Imp5ZU5obDV4MnJtU0NhcDlSYnFqSFJKSnFYMmw2U3BMTkxxTFYxZ1VNUGtDSmJnNWdFQk9wZVlWM2NCajRpWjlMbG1SdWladU9EOGtaTWgzbnZ4R3V1TnpWOGp0d0lzelZQYVExNWs0NzR4V0hEVk9ObXVyaExjSTNjNm5lYVB4MmxtLV9GOExyQ0o0NU5MSmlFSXdoYmpERk12S0tkbURrWmlBS2htQ25kWEVQaTN2czlsR2hjcHBCZHEiLCJpYXQiOjE2MTMyMTE5MzcsImV4cCI6MTYxMzIxNTUzN30.NBnQhmtno7LuG8tzFXGFN_QLLwPEvjXIHPN1wCEFca0
.paypal.com/ Name: LANG
Value: en_US%3BUS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.paypal.com
www.paypalobjects.com
www.sabro.net
107.161.189.250
151.101.114.133
151.101.65.21
23.79.143.246
0485352a2bb861e1780b0a65d6eb6557b65dfb8ecee87c288f819411f05fa459
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0e4905263d652cc043a7688119266721f664464c87a97939b75be7ea98bf8ed0
2004f42ff100e56dbc6da83ea8f136a9aea3b9d8f88ad5c9e0a201c5af366b0a
261af1775faf934ae5b37985830a463d05159905715ff98e4ea9054b1337e60c
289b5d8a44e539ae59ee64bb4c32f18a457491ada08a20a593e0da2cdb4e0108
29c54d0976ec0061770da665fe9fed9f0f7b7f1bab68f9ab4035a07437f22e8a
333eca46226d3a0b08967609d4857a1291d6c29a93298267a7a9e7c0039ee02c
37569e5cb713b21afab94fb288eba32fecd9f603e24658e651614d3db2b127d7
45cdb344e7703b271da8634d91f8534b17ebe137eab456b04f178b45da44f654
51f01c54b042faa97d251509bc1beb932e7dec87e2566166780496551f1fc7fe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60668cd1ce79ddd5a0615433bc913eca1f17da711f00cc0e40e14744f6cc3cb4
60d564068c8f17ec2e2680d846e0e7acad1debcc63ac3972fc234892fed56bf1
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
82ad7a45c7db87b8f1450b128130dc790a5a3d012d6f91b7a6f1f7e033674c31
8cc97ef115b50a5f7071c0bdb4499f7d68d4fde079d611d9e24fdc66b025035c
a0bd1b32efa65f84af705a535185634139810b4c9b4c01d3a3658cee5b92d456
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
c2e6996bfa6a25f54d294ac66d20c760cab96f3115942df1203e3a4b9ac2b568
e78a6e61c562519b935533d6eafc9c6a30b9d2795b6a913152a7116e23556e31
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc