paypal.contentgrabber.cloud Open in urlscan Pro
81.169.197.166  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response paypal.contentgrabber.cloud/	911 B 2 KB	72ms 28ms	Document text/html	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash 35a59dd2ed5fcbbc2e914e80eb4b2f65f20b02dab22b656bca1b5db0028a467f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, private Connection Keep-Alive Content-Encoding gzip Content-Length 563 Content-Type text/html; charset=UTF-8 Date Tue, 05 Jul 2022 17:28:20 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H2	200	all.css use.fontawesome.com/releases/v5.0.12/css/	38 KB 9 KB	326ms 307ms	Stylesheet text/css	2606:4700:3032::ac43:a9f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.12/css/all.css Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63 Request headers Referer https://paypal.contentgrabber.cloud/ Origin https://paypal.contentgrabber.cloud accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 17:28:20 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Y7RZG5PHX7J3NA1Q access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 60VRGjdzO+B8GOfpKS/x2W79y8eaFzbDV68IDXz0aVhQpQqXKLw8dImCtfmm+OwyL5U/CiWdDYw= last-modified Wed, 30 Jun 2021 15:27:17 GMT server cloudflare etag W/"d896a88b71aa2ba5d6bd670429bf1bad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eD2fjqeIMXiTGz2FnSFNIx2dFonjNauxd1OJQFtUOZGJfFw7f813hXwI2B2Todz5N2TW7YV6KjJfDV69CsKxG7GZaJjWUm7UK12qDElXPM784PTX%2B464oFhw50MJlTZ1JlLjqJiZD15VC9SMq7KqMiQ"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 7261d1084fb59b7d-FRA
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/	26 KB 6 KB	34ms 16ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 17:28:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617, 617 age 13944792 cdn-cachedat 2021-04-13 02:48:33 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 3e4766ad0ddfa4bdecb1b0dc22b73ef7 cf-ray 7261d1084bfd902e-FRA cdn-requestcountrycode US cdn-requestpullsuccess True
GET H/1.1	200 OK	app.css paypal.contentgrabber.cloud/css/	205 KB 33 KB	28ms 27ms	Stylesheet text/css	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://paypal.contentgrabber.cloud/css/app.css Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash 61299d8b450150a010086116fa97a88f7d15bd14726298aed90d8ee85ab65b1c Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:20 GMT Content-Encoding gzip Last-Modified Thu, 11 Jun 2020 15:08:44 GMT Server Apache/2.4.29 (Ubuntu) ETag "3352c-5a7d056273700-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 32995
GET H2	200	js Show response www.paypal.com/sdk/	333 KB 103 KB	1251ms 1208ms	Script application/javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=ATTKkiRvgOJ5scp_Hz5kmRg5TXg-k_d_r26Pl5hJgNfjRcxkP0SE_hU2Wd2oHFazckfOdY9coi2IERtw&currency=EUR Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 918e54d7fa1476bed437173699d5c863f65e19519b6794b9ac92ab3ff6d86f59 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-VTBx+MePaxZ69I/ZmBY1ewkOp0G38k1ILriIzRvoB34fmMWr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-VTBx+MePaxZ69I/ZmBY1ewkOp0G38k1ILriIzRvoB34fmMWr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-VTBx+MePaxZ69I/ZmBY1ewkOp0G38k1ILriIzRvoB34fmMWr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-VTBx+MePaxZ69I/ZmBY1ewkOp0G38k1ILriIzRvoB34fmMWr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff age 0 via 1.1 varnish x-cache MISS p3p true paypal-debug-id f8974809e94a9 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 104500 x-xss-protection 1; mode=block x-served-by cache-hhn4041-HHN traceparent 00-0000000000000000000f8974809e94a9-39e170fdc0df7453-01 x-timer S1657042101.560254,VS0,VE1194 x-frame-options SAMEORIGIN date Tue, 05 Jul 2022 17:28:21 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=10800 etag W/"19834-yFTtOh8GpUJ4AYvrrGtRYQ+C7AI" accept-ranges bytes x-cache-hits 0
GET H/1.1	200 OK	app.js Show response paypal.contentgrabber.cloud/js/	4 MB 747 KB	75ms 41ms	Script application/javascript	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://paypal.contentgrabber.cloud/js/app.js Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash 948f2f2e02d58b1c7072aea94aa46d3aad3ddcae8db12d6a0edde54e77cf3309 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:20 GMT Content-Encoding gzip Last-Modified Wed, 10 Jun 2020 10:27:06 GMT Server Apache/2.4.29 (Ubuntu) ETag "405956-5a7b8491cd280-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	custom.js Show response paypal.contentgrabber.cloud/js/	192 KB 59 KB	62ms 28ms	Script application/javascript	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://paypal.contentgrabber.cloud/js/custom.js Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash 00348ae736916b83fe8bf977fd9f8011de3f70b9aa609d2934ec9a36ec92c901 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:20 GMT Content-Encoding gzip Last-Modified Tue, 06 Nov 2018 09:49:21 GMT Server Apache/2.4.29 (Ubuntu) ETag "2ff43-579fbea776a40-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 60438
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	40ms 17ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,400,600 Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3a53622fbc52ee52013c8950ff7bafc9ca5400ddf29d5f8189046976d772b663 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Jul 2022 17:17:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 05 Jul 2022 17:28:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Jul 2022 17:28:20 GMT
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	301ms 300ms	Script application/x-javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=paypal.contentgrabber.cloud&source=checkoutjs&t=xo&v=4.0.280 Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-72s5lchbviOAJdRDVCrazxpo4Y83VuJOwiJDvevUHACEX5tp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-72s5lchbviOAJdRDVCrazxpo4Y83VuJOwiJDvevUHACEX5tp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff age 0 x-cache MISS paypal-debug-id f1177312299ec server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4299 x-xss-protection 1; mode=block x-served-by cache-hhn4041-HHN traceparent 00-0000000000000000000f1177312299ec-d08bc0c41704b461-01 x-timer S1657042102.014111,VS0,VE292 x-frame-options SAMEORIGIN date Tue, 05 Jul 2022 17:28:22 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/x-javascript; charset=utf-8 via 1.1 varnish cache-control public, max-age=3600 etag W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4" accept-ranges bytes x-cache-hits 0
GET H2	200	css fonts.googleapis.com/	6 KB 763 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Jul 2022 16:29:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 05 Jul 2022 17:28:22 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Jul 2022 17:28:22 GMT
GET H/1.1	200 OK	logo.png paypal.contentgrabber.cloud/img/	32 KB 33 KB	19ms 18ms	Image image/png	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://paypal.contentgrabber.cloud/img/logo.png Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash d158e6103db6b4d0401d6fe5d2fa764c5235d71d655849ad53d53346bfe90b43 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:22 GMT Last-Modified Tue, 28 Aug 2018 07:32:30 GMT Server Apache/2.4.29 (Ubuntu) ETag "8119-57479d8293f80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 33049
GET H/1.1	200 OK	paypal.png paypal.contentgrabber.cloud/img/	7 KB 8 KB	20ms 20ms	Image image/png	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://paypal.contentgrabber.cloud/img/paypal.png Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash db784d15592691365db94ef5fa0b9c8c84747a6f95c77176a84312463ecc5875 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:22 GMT Last-Modified Mon, 22 Jul 2019 08:07:06 GMT Server Apache/2.4.29 (Ubuntu) ETag "1d15-58e408fd97e80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7445
GET H/1.1	200 OK	securepay.jpg paypal.contentgrabber.cloud/img/	45 KB 45 KB	19ms 19ms	Image image/jpeg	81.169.197.166 STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://paypal.contentgrabber.cloud/img/securepay.jpg Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.169.197.166 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2868445.stratoserver.net Software Apache/2.4.29 (Ubuntu) / Resource Hash 248410fa9788865e93299eff8b083f413d99f1b868959366ad0a0dd01d94d00f Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 17:28:22 GMT Last-Modified Mon, 22 Jul 2019 08:11:58 GMT Server Apache/2.4.29 (Ubuntu) ETag "b3a8-58e40a1410f80" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 45992
GET H3	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/	63 KB 64 KB	26ms 15ms	Font font/woff2	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Origin https://paypal.contentgrabber.cloud accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 17:28:22 GMT x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 age 23958 cdn-proxyver 1.02 cdn-cachedat 06/09/2022 10:24:04 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64464 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 etag "4b5a84aaf1c9485e060c503a0ff8cadb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid cddd3af70b341ce75ae1e9bd8972e0c5 accept-ranges bytes cf-ray 7261d1125ce2bb41-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	31ms 8ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paypal.contentgrabber.cloud accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 11:07:47 GMT x-content-type-options nosniff age 109235 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 11:07:47 GMT
GET H2	200	ts t.paypal.com/	42 B 808 B	224ms 168ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=ContentGrabber%20%7C%20PPP&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1657042102314&g=0&completeurl=https%3A%2F%2Fpaypal.contentgrabber.cloud%2F%23%2Flogin&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: paypal.contentgrabber.cloud URL: https://paypal.contentgrabber.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.contentgrabber.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 17:28:22 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id a45abae4901e9 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4069-HHN pragma no-cache traceparent 00-0000000000000000000a45abae4901e9-f8be9a91a7580a56-01 x-timer S1657042102.374019,VS0,VE161 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Tue, 05 Jul 2022 17:28:22 GMT
POST H2	200	logger Show response www.sandbox.paypal.com/xoplatform/logger/api/	1003 B 1 KB	162ms 161ms	XHR application/json	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=ATTKkiRvgOJ5scp_Hz5kmRg5TXg-k_d_r26Pl5hJgNfjRcxkP0SE_hU2Wd2oHFazckfOdY9coi2IERtw&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 307a104c263f9d7bdca97a2350e9cc71b56ed4c80a352ef3b789c384289d11c4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.contentgrabber.cloud/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 content-type application/json Response headers date Tue, 05 Jul 2022 17:28:22 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff x-cache MISS, MISS paypal-debug-id 67724797deaf7 server-timing content-encoding;desc=br content-encoding br x-served-by cache-fra19174-FRA, cache-hhn4032-HHN x-timer S1657042103.834722,VS0,VE154 etag W/W/"3eb-PSLMYJUWxsay0LmIdCgsQMnQubM" vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json; charset=utf-8 access-control-allow-origin https://paypal.contentgrabber.cloud cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true accept-ranges none x-cache-hits 0, 0
OPTIONS H2	200	logger www.sandbox.paypal.com/xoplatform/logger/api/	0 0	236ms 170ms	Preflight	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://paypal.contentgrabber.cloud Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers accept-ranges none access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://paypal.contentgrabber.cloud cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br date Tue, 05 Jul 2022 17:28:22 GMT paypal-debug-id 7a859491d33f0 server-timing content-encoding;desc=br strict-transport-security max-age=63072000; includeSubDomains; preload vary accept-encoding via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-content-type-options nosniff x-served-by cache-fra19134-FRA, cache-hhn4032-HHN x-timer S1657042103.673284,VS0,VE153

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __post_robot_11_0_0___uid_hlrfqkrdjrrjdriisejljfrdcclpzf object| paypal object| __zoid_10_1_0___uid_hlrfqkrdjrrjdriisejljfrdcclpzf function| setImmediate function| clearImmediate object| __core-js_shared__ object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| regeneratorRuntime function| $ function| jQuery object| bootstrap function| FastClick object| adminlte object| paypalDDL

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paypal.contentgrabber.cloud/	1970-01-20 04:17:29	Name: XSRF-TOKEN Value: eyJpdiI6Ijc4UmVxSXdvMXhPakdGXC9hR3JKblZRPT0iLCJ2YWx1ZSI6IitrdXlZYWkxV2FwS0RPTnZ1dTliY0t6SFVvaFpzNjBRWWtvUVNSTFwvOUFMU1wvTSt0dnVBaDh1ajBBckducWNvWmQ2aWh0KzM0RmErZk0waTRMSGdHRkE9PSIsIm1hYyI6ImM0NmI0YTJlZGY2Zjk0NjEyMjQzOTY5NDI0N2U0YWY5ZGZjMDIwZmVjZDExMGY4NTA5YWYwODRkZmM0MTg5YWIifQ%3D%3D
			paypal.contentgrabber.cloud/	1970-01-20 04:17:29	Name: laravel_session Value: eyJpdiI6ImVEM0hiMTZwazhHeWdBUTlFbGtpUlE9PSIsInZhbHVlIjoiV0lcL1F2R3VHeU9tbndGVWZpd1FcL0dkZm9tcHRpT1d0UlhqSFFmd0lrczI3SXZqNGt2WXBoWlZITUlGenlZb3FpajJPWHRmVFgzdVwvVjI0WHk4QUZCREE9PSIsIm1hYyI6ImQ2NWIxOWJiZjIyMTUwYjFjMzU3MDQxNWQwYjRiNDc5YjA5ZTk3YjQyZDRmZTY1N2Y0OTlhMjU1OWFkMzc1M2IifQ%3D%3D
			.paypal.com/	1970-01-21 06:35:36	Name: ts Value: vreXpYrS%3D1751736502%26vteXpYrS%3D1657043902%26vr%3Dcf67e8b91810a6240137e56bffffffff%26vt%3Dcf67e8b91810a6240137e56bfffffffe
			.paypal.com/	1970-01-21 06:35:36	Name: ts_c Value: vr%3Dcf67e8b91810a6240137e56bffffffff%26vt%3Dcf67e8b91810a6240137e56bfffffffe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
paypal.contentgrabber.cloud
t.paypal.com
use.fontawesome.com
www.paypal.com
www.sandbox.paypal.com
151.101.129.21
151.101.65.35
2606:4700:3032::ac43:a9f7
2606:4700::6812:bcf
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
81.169.197.166
00348ae736916b83fe8bf977fd9f8011de3f70b9aa609d2934ec9a36ec92c901
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
248410fa9788865e93299eff8b083f413d99f1b868959366ad0a0dd01d94d00f
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
307a104c263f9d7bdca97a2350e9cc71b56ed4c80a352ef3b789c384289d11c4
35a59dd2ed5fcbbc2e914e80eb4b2f65f20b02dab22b656bca1b5db0028a467f
3a53622fbc52ee52013c8950ff7bafc9ca5400ddf29d5f8189046976d772b663
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
61299d8b450150a010086116fa97a88f7d15bd14726298aed90d8ee85ab65b1c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
918e54d7fa1476bed437173699d5c863f65e19519b6794b9ac92ab3ff6d86f59
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
948f2f2e02d58b1c7072aea94aa46d3aad3ddcae8db12d6a0edde54e77cf3309
d158e6103db6b4d0401d6fe5d2fa764c5235d71d655849ad53d53346bfe90b43
db784d15592691365db94ef5fa0b9c8c84747a6f95c77176a84312463ecc5875
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615