www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pengapinga.xyz/#ne
Effective URL:
https://www.paypal.com/ca/home
Submission Tags: 0xscam
Submission: On December 28 via api (December 28th 2024, 2:20:26 pm UTC) from US — Scanned from CA

Summary HTTP 27 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 151.101.65.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3003.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.21.24.54 104.21.24.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
14	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1	209.85.201.94 209.85.201.94	15169 (GOOGLE) (GOOGLE)
27	5

5 104.21.24.54 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pengapinga.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2811	271 KB
5	pengapinga.xyz 1 redirects pengapinga.xyz	120 KB
4	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 3003	71 KB
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1188	2 KB
0	gstatic.com Failed www.gstatic.com Failed
27	5

	Domain	Requested by
14	www.paypalobjects.com	www.paypal.com
5	pengapinga.xyz	1 redirects pengapinga.xyz
4	www.paypal.com	1 redirects pengapinga.xyz www.paypal.com
1	www.recaptcha.net	www.paypal.com
0	www.gstatic.com Failed	www.recaptcha.net
27	5

This site contains links to these domains. Also see Links.

Domain
www.joinhoney.com
developer.paypal.com
newsroom.paypal-corp.com
careers.pypl.com

Subject Issuer	Validity	Valid
pengapinga.xyz WE1	`2024-12-26` - `2025-03-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
misc.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.paypal.com/ca/home
Frame ID: E01890A9348F8E9AC78C4AA5CAF945BE
Requests: 22 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: 2904C3B448EFBE761D282D7541BBFBBF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manage Your Money With PayPal’s Digital Wallet | PayPal CA

Page URL History Show full URLs

https://pengapinga.xyz/ Page URL
https://pengapinga.xyz/ HTTP 302
https://www.paypal.com/ HTTP 302
https://www.paypal.com/ca/home Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Page Statistics

27
Requests

81 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

463 kB
Transfer

2054 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.joinhoney.com/explore
Title: PayPal Honey

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/?_ga=2.192417769.238788070.1689001362-735340911.1681920501
Title: Developer

Search URL Search Domain Scan URL

URL: https://newsroom.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://careers.pypl.com/home/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/?_ga=2.93803037.1250679156.1694455386-1777746449.1692662225
Title: Developers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pengapinga.xyz/ Page URL
https://pengapinga.xyz/ HTTP 302
https://www.paypal.com/ HTTP 302
https://www.paypal.com/ca/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
pengapinga.xyz/ 4 KB
2 KB 372ms
268ms Document
text/html 104.21.24.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pengapinga.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f36637ceee35b5d69b8b187ad63df950766c77cd0c60ac4fd66c8d205a35d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f9230c1aa31aad0-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 14:20:20 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HHOt6WfhGyKRFAIIPNwyKacP50upNJwqCV%2FLORTxHhSOjdTyanv6m6DtPphsgxioW8swpxA8n7Cd0qBHaQfPiwG6CoOiPKyp6kjZ4ZH0wHmmqHFPhzay29Fz6ltkjnt%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24948&min_rtt=24527&rtt_var=4692&sent=13&recv=10&lost=1&retrans=1&sent_bytes=4184&recv_bytes=4482&delivery_rate=1872&cwnd=8400&unsent_bytes=0&cid=25987bdfb1e9484f&ts=279&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 6f57cdd7 Show response
pengapinga.xyz/ 590 KB
114 KB 263ms
263ms Script
application/javascript 104.21.24.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pengapinga.xyz/6f57cdd7
Requested by: Host: pengapinga.xyz
URL: https://pengapinga.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec31b3c67359d909d5aa26e068dea3134be34df074bca1b2e4308ba42cf26521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pengapinga.xyz/

Response headers

cache-control: no-cache, no-store, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzR9ylrTbrBNSbvhM6olJU2LpjGwj1fszTdToGKRIP8%2BusE2augx1juocOySvjsYvxAASfQDHF4gAEKg%2FSAtuNNh%2FX5sopYAFzd1du9%2BLAEXt7rtvnNffM5VlWMp%2ByvYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f9230c44cb4aad0-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24777&min_rtt=24422&rtt_var=1720&sent=21&recv=15&lost=4&retrans=5&sent_bytes=7991&recv_bytes=4946&delivery_rate=506&cwnd=5880&unsent_bytes=0&cid=25987bdfb1e9484f&ts=691&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 14:20:20 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 200 favicon.ico
pengapinga.xyz/ 4 KB
2 KB 263ms
263ms Other
text/html 104.21.24.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pengapinga.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f36637ceee35b5d69b8b187ad63df950766c77cd0c60ac4fd66c8d205a35d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pengapinga.xyz/

Response headers

cache-control: no-cache, no-store, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLW%2B3qiPKnrXN8dIOSsxAxCAVUFmdpGuPD3BT4bhE3WXRXyVscvbjxHBAGZd2umaBlSsoP92fKTzpDmaGspj3WwCCABCuGFwko5%2FUFKsd55ACHLaaDmZCbQk9bDWLIzlxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f9230d08e16aad0-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=489398&min_rtt=24422&rtt_var=195391&sent=154&recv=89&lost=21&retrans=22&sent_bytes=145435&recv_bytes=8778&delivery_rate=723&cwnd=5149&unsent_bytes=0&cid=25987bdfb1e9484f&ts=2650&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 28 Dec 2024 14:20:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET 399c9e13-6803-40d8-8636-3dface2963b3
https://pengapinga.xyz/ Frame 0
0

GET 0402fc83-d82e-424c-ac16-770849a99a84
https://pengapinga.xyz/ Frame 0
0

GET 23c24ada-dde1-4161-bbdd-baea72a09db1
https://pengapinga.xyz/ Frame 0
0

POST
H3 200 6f57cdd7
pengapinga.xyz/ 46 B
718 B 1338ms
1330ms Fetch 104.21.24.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pengapinga.xyz/6f57cdd7
Requested by: Host: pengapinga.xyz
URL: https://pengapinga.xyz/6f57cdd7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://pengapinga.xyz/

Response headers

cache-control: no-cache, no-store, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDJFBxlwq%2FJgp%2BrEbPUFnCDSTjufgfFSICbarnBCs%2BUuz6w0rhni2xQm%2F4%2FlLEhUxVV2huQR7AKcRfID%2BjbSFQTIvBIONstS6Rn1Wch6Dk%2FRK2QbohfMUwxsa2fUJCeNzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f9230d42848aad0-YYZ
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=466513&min_rtt=24422&rtt_var=192313&sent=164&recv=103&lost=21&retrans=22&sent_bytes=148025&recv_bytes=24095&delivery_rate=7744&cwnd=5149&unsent_bytes=0&cid=25987bdfb1e9484f&ts=4307&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 46
date: Sat, 28 Dec 2024 14:20:24 GMT
server: cloudflare
priority: u=1,i

GET
H2

200

Primary Request home Show response
www.paypal.com/ca/
Redirect Chain

https://pengapinga.xyz/
https://www.paypal.com/
https://www.paypal.com/ca/home

205 KB
61 KB

118ms
117ms

Document
text/html

151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ca/home

Requested by

Host: pengapinga.xyz
URL: https://pengapinga.xyz/6f57cdd7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9e13854b89cf44106f21c9e0a9df37451111a46ebd99d7546d3d1385e7a2ace

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.paypal-mktg.com https://.qualtrics.com; script-src 'nonce-M2ZiNTAyZjUtOTE3ZS00NzdkLWI2YjYtMjgyODFhNjE3ZWMz' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://.qualtrics.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pengapinga.xyz/#ne
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-M2ZiNTAyZjUtOTE3ZS00NzdkLWI2YjYtMjgyODFhNjE3ZWMz' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sat, 28 Dec 2024 14:20:24 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"40ee1-2/8Z0ELlKcgzqf+gLv9HMWL6lWw"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f44464139aa54
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000f2315327cfa00-fa2ae929d2a34d49-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS, MISS, MISS, MISS, MISS
x-cache-hits: 1, 0, 0, 0, 0, 0
x-content-type-options: nosniff
x-served-by: cache-yyz4550-YYZ, cache-yyz4534-YYZ
x-timer: S1735395625.744421,VS0,VE91
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
content-length: 0
date: Sat, 28 Dec 2024 14:20:24 GMT
location: https://www.paypal.com/ca/home
retry-after: 0
server: Varnish
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yyz4534-YYZ

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
7 KB 239ms
79ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/1694) /

Resource Hash

d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 43db88626efbc
content-encoding: br
etag: W/"6697f682-5a55"
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-000000000000000000043db88626efbc-ce4055f74e9d9a0a-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 6901
server: ECAcc (chf/1694)

GET
H2 200 helpers-0d27c83e.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 467 KB
37 KB 220ms
82ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/helpers-0d27c83e.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16A6) /

Resource Hash

0d27c83ebd93e8e084d79b8c7ea32fd09bb6ef3105790d507bf82621c0aefa7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 6ddd757b9b64f
content-encoding: br
etag: W/"6762f4e8-74b04"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000006ddd757b9b64f-2ef28e58732a700f-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Wed, 18 Dec 2024 16:14:32 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37636
server: ECAcc (chf/16A6)

GET
H2 200 Hero-0a33112e.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 28 KB
3 KB 178ms
41ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/Hero-0a33112e.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16A2) /

Resource Hash

0a33112e44fcdb9c33b6d62159dc0de7d75fb2af2103cec0b6466d3fe77c10d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 20acc87cfec74
content-encoding: br
etag: W/"676db76a-6e63"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-000000000000000000020acc87cfec74-bdec639b22ac29b6-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Thu, 26 Dec 2024 20:07:06 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2985
server: ECAcc (chf/16A2)

GET core-1aa2e69f.js
www.paypalobjects.com/ppcmsnodeweb/core/ 0
0

GET
H2 200 datadog-b1cfe729.js Show response
www.paypalobjects.com/ppcmsnodeweb/core/ 163 KB
53 KB 426ms
42ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/core/datadog-b1cfe729.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/1696) /

Resource Hash

47ee8c5b1970e91c96d87a5641d28cb8b555355c542b5653d6f3b080967978de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4f2520c55a610
content-encoding: br
etag: W/"676955c8-28a5a"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000004f2520c55a610-fe0aa374e68bc2cf-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 12:21:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53394
server: ECAcc (chf/1696)

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 541ms
156ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16A2) /

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 2858ca05c8169
etag: "6298f2c0-6b41"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000002858ca05c8169-b7413bd45baeefd3-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/font-woff2
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27457
server: ECAcc (chf/16A2)

GET
H2 200 PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ 26 KB
26 KB 466ms
82ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16B9) /

Resource Hash

9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4257c51bffed4
etag: "6298f2c0-684c"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000004257c51bffed4-794f8a536fd449c2-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/font-woff2
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26700
server: ECAcc (chf/16B9)

GET
H2 200 main-f4a6edf8.css
www.paypalobjects.com/globalnav/css/ 329 KB
20 KB 212ms
80ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/globalnav/css/main-f4a6edf8.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16BA) /

Resource Hash

f4a6edf8c5cdcfa5bcd56e8cdba5f39cb9795263168e05e7bb7bf58f169fd768

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 7835781978544
content-encoding: br
etag: W/"673604f7-525fc"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000007835781978544-2fdda91e938d5043-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19835
server: ECAcc (chf/16BA)

GET
H2 200 main-6bedacaf.js Show response
www.paypalobjects.com/globalnav/js/ 85 KB
30 KB 542ms
159ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/globalnav/js/main-6bedacaf.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16CB) /

Resource Hash

52076183ab4e47879c35639033f376d43abbf039c28d65ade0c28a465325c64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: fe78dec74dff5
content-encoding: br
etag: W/"673604f7-15378"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-0000000000000000000fe78dec74dff5-b887630a8d473331-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30217
server: ECAcc (chf/16CB)

GET
H2 200 hero-size-tablet-up-v1.png
www.paypalobjects.com/marketing/web23/ca/consumer/homepage-uncookied/ 63 KB
63 KB 214ms
82ms Image
image/webp 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web23/ca/consumer/homepage-uncookied/hero-size-tablet-up-v1.png?quality=75&width=1500&format=webp

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16BD) /

Resource Hash

f462c33642943cd80d1ec490102cddeba094bc0b5cd84aa8e9262521868152f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: eee6982391ca7
etag: "65d303bd-25906"
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-0000000000000000000eee6982391ca7-377ce1f3642e8b09-01
x-edgeio-status: OK
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: image/webp
last-modified: Mon, 19 Feb 2024 07:31:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 64210
server: ECAcc (chf/16BD)

GET
H2 200 SplitGraphicSection-74018cb4.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 3 KB
566 B 51ms
50ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/SplitGraphicSection-74018cb4.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/1695) /

Resource Hash

74018cb4f8607cd850bf7555c7c713a0b183ecb73074dd7569698a4b7c485af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: ae01096d82302
content-encoding: br
etag: W/"676db76c-ada"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-0000000000000000000ae01096d82302-1ea6a422a51074d8-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Thu, 26 Dec 2024 20:07:08 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 420
server: ECAcc (chf/1695)

GET
H2 200 DiscoveryLinkSection-4630e1b9.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 3 KB
776 B 52ms
51ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/DiscoveryLinkSection-4630e1b9.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16BD) /

Resource Hash

4630e1b9d975e63c373874a7194a2111647bc43ab783559a5525e2e6973c0671

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 2c497e694112a
content-encoding: br
etag: W/"676db76a-da9"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000002c497e694112a-fea7d07629699058-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Thu, 26 Dec 2024 20:07:06 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 666
server: ECAcc (chf/16BD)

GET
H2 200 CtaSection-eeefabf6.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 1 KB
507 B 81ms
80ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CtaSection-eeefabf6.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/16A9) /

Resource Hash

eeefabf6cbf7a6d48acb0b6a986486efd0902201fa22562790538ae500c012c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 9a5a6b4227d72
content-encoding: br
etag: "676db76a-549"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000009a5a6b4227d72-7fac23847d8b655d-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/css
last-modified: Thu, 26 Dec 2024 20:07:06 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 382
server: ECAcc (chf/16A9)

GET
H2 200 ncs.js Show response
www.paypalobjects.com/ncs/ 15 KB
4 KB 82ms
81ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/ncs.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/169A) /

Resource Hash

69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: fc0b275b3dfb0
content-encoding: br
etag: "67378b7b-3b53"
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-0000000000000000000fc0b275b3dfb0-00487d2dd6239ebe-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 17:57:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
content-length: 3620
server: ECAcc (chf/169A)

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/0e8e2d939dbaadc9/ 11 KB
7 KB 239ms
238ms Script
text/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/0e8e2d939dbaadc9/recaptchav3.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc02b3869c83f439f7260e888c2898e6945e80a3cc97b4ead5541fd4c236af55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-u9VEOuJDi91rvsp6o8KioLPjyuyT92V0CYPFJsyv8hs/Hj3R' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/ca/home

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f44464111c2aa
content-encoding: gzip
etag: W/"2a99-5OmhZqwX3YuMgieo2vPuejZEfF0"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f44464111c2aa-8fbbfeeb7358b4f1-01
server-timing: "traceparent;desc="00-0000000000000000000f44464111c2aa-61ced2badacc0363-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-bur-kbur8200035-BUR, cache-yyz4534-YYZ, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-u9VEOuJDi91rvsp6o8KioLPjyuyT92V0CYPFJsyv8hs/Hj3R' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1735395625.179441,VS0,VE212
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/marketing/web/logos/ 1 KB
674 B 39ms
38ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/logos/paypal-mark-color.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ca/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chf/1691) /

Resource Hash

f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 6c7ca67bfe0ea
content-encoding: br
etag: W/"66ded570-436"
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 15:20:25 GMT
traceparent: 00-00000000000000000006c7ca67bfe0ea-932468555960f00a-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 28 Dec 2024 14:20:25 GMT
content-type: image/svg+xml
last-modified: Mon, 09 Sep 2024 11:01:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 518
server: ECAcc (chf/1691)

GET
DATA 200
OK truncated
/ 485 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e5dc909c6898cc8fd69877f39bbed52f531cfd95f075e50b4bbbb5b63910e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame 2904 5 KB
3 KB 140ms
139ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/0e8e2d939dbaadc9/recaptchav3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/ca/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 28 Dec 2024 14:20:25 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"15c2-193241934e0"
last-modified: Wed, 13 Nov 2024 05:57:32 GMT
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f942218607225
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f942218607225-7abcc96ed2b60a4a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f942218607225-bd863181f5c5c236-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-served-by: cache-bur-kbur8200077-BUR, cache-yyz4534-YYZ, cache-yyz4534-YYZ
x-timer: S1735395626.537942,VS0,VE111

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 2904 2 KB
2 KB 361ms
62ms Script
text/javascript 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

ESF /

Resource Hash

d7e4305fdbe850808831ff0a9c52477784a3833624fc68ff807e631e9df235e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 14:20:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 28 Dec 2024 14:20:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET recaptcha__en.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ Frame 2904 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pengapinga.xyz
URL: blob:https://pengapinga.xyz/399c9e13-6803-40d8-8636-3dface2963b3

Domain: pengapinga.xyz
URL: blob:https://pengapinga.xyz/0402fc83-d82e-424c-ac16-770849a99a84

Domain: pengapinga.xyz
URL: blob:https://pengapinga.xyz/23c24ada-dde1-4161-bbdd-baea72a09db1

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-1aa2e69f.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pengapinga.xyz/	1969-12-31 23:59:59	Name: _abck Value: 90045f01-62e7-4fd0-8eea-a63ea18080a8
.paypal.com/	1970-01-21 02:03:47	Name: LANG Value: en_US%3BCA
.paypal.com/	1970-01-21 10:48:51	Name: ts_c Value: vr%3D0da3c74719473697031d0ad7fffffffe%26vt%3D0da3c74719473697031d0ad7fffffffd
.paypal.com/	1970-01-21 10:48:51	Name: enforce_policy Value: ccpa
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTczNTM5NTYyNTMzOCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 02:07:34	Name: tsrce Value: authchallengenodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AV3Oit_0fRSaMAfzibq8uHLO7rntPrc8o.lUbFuvC5j7lFQgsn0r4j3ywUyu8StfcVaNIwEnCuhjI
.paypal.com/	1970-01-21 02:03:17	Name: l7_az Value: dcg01.phx
.paypal.com/	1970-01-21 10:48:51	Name: ts Value: vreXpYrS%3D1766931625%26vteXpYrS%3D1735397425%26vr%3D0da3c74719473697031d0ad7fffffffe%26vt%3D0da3c74719473697031d0ad7fffffffd%26vtyp%3Dnew

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://pengapinga.xyz/#ne Message: [GroupMarkerNotSet(crbug.com/242999)!:A0501D00340C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker	verbose	URL: blob:https://pengapinga.xyz/0402fc83-d82e-424c-ac16-770849a99a84 Message: Error
worker	warning	URL: https://pengapinga.xyz/#ne Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F01C00340C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://pengapinga.xyz/#ne Message: [GroupMarkerNotSet(crbug.com/242999)!:A0201D00340C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://pengapinga.xyz/#ne Message: [GroupMarkerNotSet(crbug.com/242999)!:A050E107340C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://pengapinga.xyz/#ne Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0E007340C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	warning	URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pengapinga.xyz
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
pengapinga.xyz
www.gstatic.com
www.paypalobjects.com
104.21.24.54
151.101.65.21
192.229.210.155
209.85.201.94
0a33112e44fcdb9c33b6d62159dc0de7d75fb2af2103cec0b6466d3fe77c10d8
0d27c83ebd93e8e084d79b8c7ea32fd09bb6ef3105790d507bf82621c0aefa7a
4630e1b9d975e63c373874a7194a2111647bc43ab783559a5525e2e6973c0671
47ee8c5b1970e91c96d87a5641d28cb8b555355c542b5653d6f3b080967978de
52076183ab4e47879c35639033f376d43abbf039c28d65ade0c28a465325c64a
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2
74018cb4f8607cd850bf7555c7c713a0b183ecb73074dd7569698a4b7c485af0
79f36637ceee35b5d69b8b187ad63df950766c77cd0c60ac4fd66c8d205a35d8
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
c2e5dc909c6898cc8fd69877f39bbed52f531cfd95f075e50b4bbbb5b63910e0
d7e4305fdbe850808831ff0a9c52477784a3833624fc68ff807e631e9df235e9
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
dc02b3869c83f439f7260e888c2898e6945e80a3cc97b4ead5541fd4c236af55
e9e13854b89cf44106f21c9e0a9df37451111a46ebd99d7546d3d1385e7a2ace
ec31b3c67359d909d5aa26e068dea3134be34df074bca1b2e4308ba42cf26521
eeefabf6cbf7a6d48acb0b6a986486efd0902201fa22562790538ae500c012c1
f462c33642943cd80d1ec490102cddeba094bc0b5cd84aa8e9262521868152f3
f4a6edf8c5cdcfa5bcd56e8cdba5f39cb9795263168e05e7bb7bf58f169fd768
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

81 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

463 kBTransfer

2054 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

9 Cookies

7 Console Messages

Indicators

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

81 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

463 kB
Transfer

2054 kB
Size

9
Cookies

27 HTTP transactions
1 data transactions