Submitted URL: https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DT...
Effective URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Submission: On December 22 via manual from DE — Scanned from DE

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 62 HTTP transactions. The main IP is 151.101.1.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 2nd 2021. Valid for: 4 months.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 75.126.27.245 36351 (SOFTLAYER)
1 35.186.233.14 15169 (GOOGLE)
1 107.178.254.65 15169 (GOOGLE)
1 5 151.101.1.21 54113 (FASTLY)
32 151.101.194.133 54113 (FASTLY)
1 104.17.208.240 13335 (CLOUDFLAR...)
5 23.45.107.81 16625 (AKAMAI-AS)
1 2 64.4.245.84 17012 (PAYPAL)
2 2.18.232.75 16625 (AKAMAI-AS)
5 151.101.129.35 54113 (FASTLY)
1 2a04:4e42::291 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
62 14
Domain Requested by
32 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
5 t.paypal.com www.paypal.com
5 c.paypal.com www.paypal.com
c.paypal.com
5 www.paypal.com clicks.fanbridge.com
www.paypal.com
www.paypalobjects.com
4 www.recaptcha.net www.paypalobjects.com
www.gstatic.com
3 www.gstatic.com www.recaptcha.net
2 pics.paypal.com www.paypal.com
1 c6.paypal.com www.paypal.com
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com www.paypalobjects.com
1 pippio.com clicks.fanbridge.com
1 data-secure.circulate.com clicks.fanbridge.com
1 clicks.fanbridge.com
62 14

This site contains no links.

Subject Issuer Validity Valid
*.fanbridge.com
Sectigo RSA Organization Validation Secure Server CA
2021-01-01 -
2022-01-16
a year crt.sh
data-secure.circulate.com
COMODO RSA Domain Validation Secure Server CA
2018-08-29 -
2020-08-28
2 years crt.sh
pippio.com
GTS CA 1D4
2021-12-18 -
2022-03-18
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-11-02 -
2022-03-15
4 months crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-24 -
2022-09-24
a year crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-11-03 -
2022-12-04
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-09-21 -
2022-10-22
a year crt.sh
misc.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Frame ID: B2C777FD20A389453E7E0EF79E091CBC
Requests: 48 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
Frame ID: 174B455883C609407571FDA90DA23909
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
Frame ID: 239722C520113A8AD74BABAC72D21B7A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/665/c7ce9a364a0f45293a9e2b00f229c/recaptcha/grcenterprise_v3.html
Frame ID: 560B1A7642A01C23253FB26841D7EC2A
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
Frame ID: B15851CA8DD270F7E4B241F8C1B457D3
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Donate

Page URL History Show full URLs

  1. https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3F... Page URL
  2. https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ HTTP 301
    https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

62
Requests

95 %
HTTPS

23 %
IPv6

8
Domains

14
Subdomains

14
IPs

3
Countries

1391 kB
Transfer

4535 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ Page URL
  2. https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ HTTP 301
    https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ HTTP 301
  • https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Request Chain 26
  • https://b.stats.paypal.com/v2/counter.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
l.php
clicks.fanbridge.com/
2 KB
2 KB
Document
General
Full URL
https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.126.27.245 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
f5.1b.7e4b.ip4.static.sl-reverse.com
Software
Jagermeister /
Resource Hash
77909d6281bf831b2109358657f774d4f97ad89faf1884b036392e0fbd934278

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 22 Dec 2021 17:29:02 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
X-Backend
www7
Content-Length
917
Connection
close
Content-Type
text/html; charset=utf-8
X-Served-By
https
Server
Jagermeister
collect
data-secure.circulate.com/dapi/
0
0
Script
General
Full URL
https://data-secure.circulate.com/dapi/collect
Requested by
Host: clicks.fanbridge.com
URL: https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.233.14 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
14.233.186.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clicks.fanbridge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:55 GMT
via
1.1 google
alt-svc
clear
content-length
0
sync
pippio.com/api/
0
0
Script
General
Full URL
https://pippio.com/api/sync?pid=2016&it=4&iv=60d3282710f675e7efc4fbe5aabbdafc&it=4&iv=961de923385b35e6a1a5edb9a8af43eddc8ebea2&it=4&iv=5cccf885c37e80787cd031305e35096d539da97cc3718f57b0fc4e14197001f8
Requested by
Host: clicks.fanbridge.com
URL: https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clicks.fanbridge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

/
www.paypal.com/donate/
Redirect Chain
  • https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ
  • https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
0
0

Primary Request /
www.paypal.com/donate/
Redirect Chain
  • https://www.paypal.com/donate?hosted_button_id=TDDDCJ336H3MQ
  • https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
248 KB
85 KB
Document
General
Full URL
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Requested by
Host: clicks.fanbridge.com
URL: https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf80ad7714f33906a7d4cea8a21ceff4f42f69e80631875eb39e0087b76692c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-VSybILgKOotpOOk1Tq1WKYM9yTlSNKjqm0eHsIXgZFucCgRl' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://clicks.fanbridge.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-VSybILgKOotpOOk1Tq1WKYM9yTlSNKjqm0eHsIXgZFucCgRl' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type
text/html; charset=utf-8
etag
W/"3e018-aqlrGdqXnjKWvGxVh4C5z52/4xk"
paypal-debug-id
f7983967c68e5
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Wed, 22 Dec 2021 17:28:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn11538-HHN, cache-fra19161-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1640194136.096057,VS0,VE1086
vary
Accept-Encoding
server-timing
content-encoding;desc=br

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'none'
content-type
text/html; charset=UTF-8
location
/donate/?hosted_button_id=TDDDCJ336H3MQ
paypal-debug-id
f798396c19235
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Wed, 22 Dec 2021 17:28:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4044-HHN, cache-fra19161-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1640194136.927591,VS0,VE161
content-length
241
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/
21 KB
6 KB
Script
General
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1ce591669fc9c
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
6352
x-served-by
cache-sjc10044-SJC, cache-fra19160-FRA
last-modified
Wed, 10 Nov 2021 09:36:56 GMT
x-timer
S1640194137.250462,VS0,VE0
etag
W/"618b92b8-5428"
strict-transport-security
max-age=31557600
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
62651, 4
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
65806c789debc
dc
ccg11-origin-www-1.paypal.com
content-length
18320
x-served-by
cache-sjc10047-SJC, cache-fra19162-FRA
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1640194137.250041,VS0,VE0
etag
"60271cda-4790"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
5627, 10
PayPalSansBig-Light.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
dddfc565963ae
dc
ccg11-origin-www-1.paypal.com
content-length
18360
x-served-by
cache-sjc10028-SJC, cache-fra19162-FRA
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1640194137.250314,VS0,VE0
etag
"60271cda-47b8"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
33743, 28
fonts-and-normalize.min.css
www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT, HIT
content-encoding
gzip
vary
Accept-Encoding
content-length
1034
x-served-by
cache-lax8620-LAX, cache-sjc10057-SJC, cache-fra19160-FRA
last-modified
Thu, 30 Jul 2020 00:20:50 GMT
server
Apache
x-timer
S1640194137.250025,VS0,VE0
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
11860, 465, 82865
paypalcorp.344c0e9abeefb3ec3e3d.css
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
297 KB
30 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/paypalcorp.344c0e9abeefb3ec3e3d.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70495328f5bd7c067a02dbcdb9496a996f2588a047ef04bda532d499f4df4a79
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
fdf37871f76bc
x-cache-hits
1, 89
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
30738
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10058-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194137.250133,VS0,VE0
etag
W/"61b937bf-4a281"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:44 GMT
donate~member.c839ef3ec1eae0f624e2.css
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
124 KB
19 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/donate~member.c839ef3ec1eae0f624e2.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2071579c9f8109c09201d252c436cee736fedb63dfb66d58a35ae321f24c6985
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
977e000b012be
x-cache-hits
1, 90
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19084
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10072-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194137.250230,VS0,VE0
etag
W/"61b937bf-1efb6"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 15:30:57 GMT
donate.b7fc60593a3dba2dcec6.css
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
100 KB
16 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/donate.b7fc60593a3dba2dcec6.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fab650e2f9ab38a5c8862911e13a984a7ab890ca7c04d60b9030be1668929a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
10da90c1bcd1b
x-cache-hits
10, 88
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16422
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10025-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194137.250334,VS0,VE0
etag
W/"61b937bf-190d8"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:44 GMT
pa.js
www.paypalobjects.com/pa/js/min/
59 KB
23 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
149960d3127ec5afd4557373318c6f6cb15e767f81fdce7cc16bb2c6f4094de3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1c91bf360dacf
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
22938
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10055-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 17:47:53 GMT
x-timer
S1640194137.250519,VS0,VE0
etag
W/"61ba2a49-eb5f"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
39796, 80
latmconf.js
www.paypalobjects.com/pa/mi/
132 KB
25 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/mi/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3e86c407d903034a9e0287a4ac6676f5b5f5f5954655593ce9defed3c86bd31
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
b6b792d2521b8
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
25145
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10066-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 17:47:53 GMT
x-timer
S1640194137.287909,VS0,VE0
etag
W/"61ba2a49-20f34"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
34277, 86
logo_paypal_106x27.png
www.paypalobjects.com/webstatic/logo/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/webstatic/logo/logo_paypal_106x27.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b32a8f3a0a545d558e1451f1214fd0eaa0ac5fb61b4ccfee2b7cbb90caeaca25
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=2787 idim=106x27 ifmt=png ofsz=1986 odim=106x27 ofmt=png
paypal-debug-id
e83915e47234d
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1986
x-served-by
cache-sjc10060-SJC, cache-fra19160-FRA
x-timer
S1640194137.294962,VS0,VE1
etag
"qe2R9qdpIOL3HI0q+J/EfJvcphAcb/HJg+n5kfVdVUM"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
555, 1
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
742f6aadee256
dc
ccg11-origin-www-3.paypal.com
content-length
25368
x-served-by
cache-sjc10082-SJC, cache-fra19162-FRA
last-modified
Wed, 26 Aug 2020 18:33:55 GMT
x-timer
S1640194137.295264,VS0,VE0
etag
"5f46ab13-6318"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
25195, 106769
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/
130 KB
45 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71399ff1720fa4e82d94d92941a8fe5ec96a4449d5f83bae63da5d361d1bcdf8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1b71f58468e24
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
45867
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10029-SJC, cache-fra19162-FRA
last-modified
Thu, 09 Dec 2021 23:14:22 GMT
x-timer
S1640194137.331467,VS0,VE0
etag
W/"61b28dce-207a4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
41164, 79
OrchestratorMain.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
7 KB
3 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/OrchestratorMain.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb8adbe8a1e653c655e35a94448023f734d2325f137e5b304c31f44afbcb43b6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
c4d5d70aee9c6
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
3206
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10037-SJC, cache-fra19162-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194137.331552,VS0,VE0
etag
W/"60f5f6d4-1c0d"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
16893, 34
10.ea10bde9372ade24444e.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
50 KB
15 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/10.ea10bde9372ade24444e.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a9347562cafb27c31baa42f35c6666b5364e8e37c4aa2a5c1aaa148c149e6da
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
280b6c8af6079
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
14824
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10054-SJC, cache-fra19160-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194137.347246,VS0,VE0
etag
W/"60f5f6d4-c7b9"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
17309, 19
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/
6 KB
3 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1c32475b054daff0f2c3742e21952a7701bca38cdd00af6926d5f961a34bbea
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
ecbf378980261
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
2649
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10069-SJC, cache-fra19162-FRA
last-modified
Thu, 09 Dec 2021 23:14:22 GMT
x-timer
S1640194137.350983,VS0,VE0
etag
W/"61b28dce-18e4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
58468, 59
Targeting.php
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/
79 KB
7 KB
XHR
General
Full URL
https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374fe40ca99398772d4e4b317b7ca83f0e1b19f99d99c361a5dcd526dc9750a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
29
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.paypal.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
7a6e06ccbb69248d
cf-ray
6c1b11cece127033-FRA
CoreModule.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
93 KB
28 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/CoreModule.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/10.ea10bde9372ade24444e.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57df3ead3c1c04f639d3abbed056481e6b0a122e273ad81716cb11a819466831
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1fc848efd071d
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
28102
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10051-SJC, cache-fra19160-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194137.480781,VS0,VE0
etag
W/"60f5f6d4-17480"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
43100, 5
fbts.js
c.paypal.com/da/r/
55 KB
19 KB
Script
General
Full URL
https://c.paypal.com/da/r/fbts.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19bf38b4a1d6b0784af2bc2ba55c21fd19fe86ba98ae6daa551c5259330d759d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
149f19774e0ab
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19137
etag
W/"61782cb4-da87"
last-modified
Tue, 26 Oct 2021 16:28:36 GMT
date
Wed, 22 Dec 2021 17:28:57 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
expires
Thu, 23 Dec 2021 17:28:57 GMT
16.68869df1a16202c867ce.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
2 KB
1 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/16.68869df1a16202c867ce.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e43d3dd60091451e53930b737377158f1246b0d998571fd1337f9e17f96b226
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
7e00149f0c363
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1232
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10077-SJC, cache-fra19160-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194138.590109,VS0,VE0
etag
W/"60f5f6d4-9ee"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
27988, 6
1.d905c443312c4870f955.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
27 KB
7 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/1.d905c443312c4870f955.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
254cc465eb93d9e50b419d75731aa2377d95c5d130ac5b816aecb9da1d585285
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
dfc200447ea5
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
6380
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10031-SJC, cache-fra19160-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194138.590353,VS0,VE1
etag
W/"60f5f6d4-6a1d"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
19546, 1
14.734020dfc81262ac0f43.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/
18 KB
8 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/14.734020dfc81262ac0f43.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=hostedjs
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.56.0/OrchestratorMain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dcb8fb92eb81e039c2268eb01484bcd26c08761c4dd38303bfe7f3ec45e31a0b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
cc3fc05340858
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
7672
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10051-SJC, cache-fra19160-FRA
last-modified
Mon, 19 Jul 2021 22:04:04 GMT
x-timer
S1640194138.590566,VS0,VE0
etag
W/"60f5f6d4-4988"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
19624, 7
i
c.paypal.com/v1/r/d/ Frame 174B
162 B
936 B
Document
General
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fbts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e0866acf5088ba7ce5083a715bb65b75861fd8b35bf85c887c7bbe081930abb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/

Response headers

correlation-id
1c57001dc8e8b
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
162
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
1c57001dc8e8b
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Wed, 22 Dec 2021 17:28:57 GMT
strict-transport-security
max-age=63072000
counter2.cgi
dub.stats.paypal.com/v2/ Frame 2397
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
42 B
299 B
Image
General
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 22 Dec 2021 17:28:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
Date
Wed, 22 Dec 2021 17:28:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
runtime.5674f6e499189ec7d1cc.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
3 KB
2 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/runtime.5674f6e499189ec7d1cc.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0e805b1f8f55b4ece15c25017a3e2899d0ac5f2678aea920dd54d0bff700ee5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
7edd91bf59235
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1390
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10060-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.626516,VS0,VE0
etag
W/"61b937bf-a55"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
paypalcorp.cd02af4f4446fea70cd9.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
316 KB
58 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/paypalcorp.cd02af4f4446fea70cd9.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be865514810bb3b0679905c1fbef5e1b912bec056b7abacc7f2837b0eff71bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
de26ac9edd226
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
59082
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10064-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.626680,VS0,VE0
etag
W/"61b937bf-4f1e2"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
core-js.33f765cb884357b59e13.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
334 KB
58 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/core-js.33f765cb884357b59e13.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
deb7a8d81795d98227887ad47f080400bf635bfd970537fe70bc683ab7622cab
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
b1e35b09c96ed
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
58931
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10048-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.626981,VS0,VE0
etag
W/"61b937bf-537d0"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
react.a67ab9f175faf3c74646.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
124 KB
39 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/react.a67ab9f175faf3c74646.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd8ada79a03a45c92bb3dde5461c8c42e073231c2beca37cfecef54cfccaece3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
cb6e3d36be5e4
x-cache-hits
2, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
39276
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10076-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.627415,VS0,VE0
etag
W/"61b937bf-1efa3"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
vendors~donate~member.d9508be975ff2e7f6dab.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
376 KB
95 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/vendors~donate~member.d9508be975ff2e7f6dab.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9d2dddcca65bdad05a6f993caa0ebcc9b761f5b86163aa175ea3ebba2bd5368
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
b4097591b0635
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
97011
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10023-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.627681,VS0,VE0
etag
W/"61b937bf-5dfb4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
donate~member.9ed299250431b130347f.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
186 KB
45 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/donate~member.9ed299250431b130347f.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
feba227346e4aa01d7315fc9bd17bc017d690a88e87917b2f3afcf3539d28dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
0045add2f40e8
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
45812
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10039-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.627777,VS0,VE0
etag
W/"61b937bf-2e915"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
donate.d0dc3ffb85fe8a1a103f.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
163 KB
35 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/donate.d0dc3ffb85fe8a1a103f.bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ce0d889f24c513a5c0634c15a6e634d96537a54f72e0ce8cb5116f250570d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
b47e9c87fa73d
x-cache-hits
1, 13
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
35293
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10072-SJC, cache-fra19162-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.627844,VS0,VE0
etag
W/"61b937bf-28d00"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
recaptchav3.js
www.paypal.com/auth/createchallenge/020b385e73382d23/
10 KB
5 KB
Script
General
Full URL
https://www.paypal.com/auth/createchallenge/020b385e73382d23/recaptchav3.js?_sessionID=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72e2574c332ce9650996ce8deb3db9078476c9826371d65f8c8eb9d8d8d5f1fc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-rXbck9PoX0nSGs9a7N21Div62Y8X1uepx3fGaLwmoyNnatKx' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-rXbck9PoX0nSGs9a7N21Div62Y8X1uepx3fGaLwmoyNnatKx' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f3051011b55a8
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn4034-HHN, cache-fra19161-FRA
x-timer
S1640194138.629717,VS0,VE267
date
Wed, 22 Dec 2021 17:28:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/javascript; charset=utf-8
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"2715-AIZMxb/NuN+NeaUMgPOElDMvlKE"
accept-ranges
none
x-cache-hits
0, 0
vendors~bodymovin.95b6505c7df5a51c6201.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
247 KB
60 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/vendors~bodymovin.95b6505c7df5a51c6201.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/runtime.5674f6e499189ec7d1cc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc3da6e212cb12f553de5ad593ccf234b1457c3242d0976509a172b3e09a2058
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
fb5e2f4af1ac9
x-cache-hits
2, 19
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
61113
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10079-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.764273,VS0,VE0
etag
W/"61b937bf-3dd11"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:56:34 GMT
hearts.a93d85f8abdcbe7f82e9.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
15 KB
2 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/hearts.a93d85f8abdcbe7f82e9.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/runtime.5674f6e499189ec7d1cc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b01544e402269beae91e5fae7ad1bcb24f1aebd3d7335e0bf0982257f67eda51
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
2ebb9c654530e
x-cache-hits
1, 19
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
2151
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10052-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.764479,VS0,VE0
etag
W/"61b937bf-3c9f"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:56:34 GMT
GuestPage.97a5ff0368348c76abc2.bundle.js
www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/
183 KB
39 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/GuestPage.97a5ff0368348c76abc2.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/runtime.5674f6e499189ec7d1cc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66104d3bb5557ebd93a7e6c543744f93a2dfedeb83102e013357a9a3511557aa
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
e81011d3fd447
x-cache-hits
8, 82
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
39837
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10055-SJC, cache-fra19160-FRA
last-modified
Wed, 15 Dec 2021 00:33:03 GMT
x-timer
S1640194138.764600,VS0,VE0
etag
W/"61b937bf-2dd32"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 15 Dec 2022 16:39:45 GMT
file.JPG
pics.paypal.com/00/s/MDY3NzlmNTUtOWNiYS00NjkwLWE1NTAtYTc4ZGY5OTVmZjlm/
37 KB
37 KB
Image
General
Full URL
https://pics.paypal.com/00/s/MDY3NzlmNTUtOWNiYS00NjkwLWE1NTAtYTc4ZGY5OTVmZjlm/file.JPG
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e499cef109b905de1610a58312ea004db53eb8caeb6cca26fb9d3617edad79f2
Security Headers
Name Value
Content-Security-Policy default-src 'none', default-src 'none'
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src 'none', default-src 'none'
correlation-id
218900b35b8f0, 218900b35b8f0
last-modified
Wed, 24 Nov 2021 06:18:19 GMT
date
Wed, 22 Dec 2021 17:28:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=12767051
paypal-debug-id
218900b35b8f0
accept-ranges
none
dc
ccg11-origin-www-1.paypal.com
content-length
37958
x-content-type-options
nosniff
expires
Thu, 19 May 2022 11:53:08 GMT
file.PNG
pics.paypal.com/00/s/OTIxMjNkOWQtMDM1Ny00MzEwLWJiZWYtMGRkZGE2ZjdkY2Ey/
104 KB
105 KB
Image
General
Full URL
https://pics.paypal.com/00/s/OTIxMjNkOWQtMDM1Ny00MzEwLWJiZWYtMGRkZGE2ZjdkY2Ey/file.PNG
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36739c983891c463ba83faa26a4a1d222ebe8b89360b8eb64fb13f393c7d42a5
Security Headers
Name Value
Content-Security-Policy default-src 'none', default-src 'none'
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src 'none', default-src 'none'
correlation-id
d66e3b0c4e557, d66e3b0c4e557
last-modified
Tue, 14 May 2019 02:06:10 GMT
date
Wed, 22 Dec 2021 17:28:57 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=11750988
paypal-debug-id
d66e3b0c4e557
accept-ranges
none
dc
ccg11-origin-www-1.paypal.com
content-length
106433
x-content-type-options
nosniff
expires
Sat, 07 May 2022 17:38:45 GMT
ts
t.paypal.com/
42 B
774 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.5.13&t=1640194137770&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=1640194136194&calc=f7983967c68e5&nsid=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=9f03a540ef8740ddb713577a6935b271&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=gdpr_v2.1&context_id=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&token=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&xe=104406%2C103662%2C104405%2C103660%2C103661%2C104407&xt=119036%2C114646%2C120151%2C115131%2C114643%2C119038&ccd=DE&source=button&entry_point=button&button_id=TDDDCJ336H3MQ&hosted_button_id=TDDDCJ336H3MQ&bn_code=4QRJ3YJE59TR8%253APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=true&amttyp=MERCHANT_RECOMMENDED&autord=true&rdtyp=GET&gstalwd=true&mrid=4QRJ3YJE59TR8&pp_flow=Donate&one_touch_enabled=false&pglk=null&ui_type=full_page&is_allow_note=false&has_note=false&allow_amount_edit=true&displaypage=main%3Adonate%3Awps%3Aguest%3Aguestform&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1640194138.807498,VS0,VE155
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2e61b05fc4afe
expires
Wed, 22 Dec 2021 17:28:57 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11569-HHN, cache-fra19174-FRA
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
55915d3affe89
dc
ccg11-origin-www-1.paypal.com
content-length
18508
x-served-by
cache-sjc10032-SJC, cache-fra19162-FRA
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1640194138.782969,VS0,VE0
etag
"60271cda-484c"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
21430, 81
PPUI-Icons.woff2
www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/
27 KB
27 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/paypalcorp.344c0e9abeefb3ec3e3d.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a67c51d6f05a86d675afc8df57659f42e3bac9d1e28a08077f2c3280165fcae6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/db9/4d944af0831837eb7f50f68d663cb/js/apps/donate/paypalcorp.344c0e9abeefb3ec3e3d.css
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
6c0261bb1e2ae
dc
ccg11-origin-www-1.paypal.com
content-length
27188
x-served-by
cache-sjc10057-SJC, cache-fra19162-FRA
last-modified
Tue, 11 May 2021 02:07:44 GMT
x-timer
S1640194138.783059,VS0,VE0
etag
"6099e6f0-6a34"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
11201, 6
fbts.js
c.paypal.com/da/r/ Frame 174B
55 KB
19 KB
Script
General
Full URL
https://c.paypal.com/da/r/fbts.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19bf38b4a1d6b0784af2bc2ba55c21fd19fe86ba98ae6daa551c5259330d759d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
149f19774e0ab
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19137
etag
W/"61782cb4-da87"
last-modified
Tue, 26 Oct 2021 16:28:36 GMT
date
Wed, 22 Dec 2021 17:28:57 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
expires
Thu, 23 Dec 2021 17:28:57 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 174B
125 B
752 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fbts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2a1f4cec6282403ca998b9965b46394fcce948220577de6c443f4b743294cac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Dec 2021 17:28:58 GMT
correlation-id
901c2a950e800
strict-transport-security
max-age=63072000
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
901c2a950e800
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
application/json
content-length
125
e
c.paypal.com/v1/r/d/b/ Frame 174B
15 B
225 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fbts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fbts.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
17ed0ebff0939
date
Wed, 22 Dec 2021 17:28:58 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
correlation-id
17ed0ebff0939
content-length
15
strict-transport-security
max-age=63072000
content-type
application/json
p3
c6.paypal.com/v1/r/d/b/ Frame 174B
0
326 B
Image
General
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&s=donatenodeweb_landing
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:58 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
f24125bf77c8c
x-timer
S1640194138.920135,VS0,VE200
x-served-by
cache-hhn11521-HHN, cache-fra19122-FRA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f24125bf77c8c
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
x-cache-hits
0, 0
grcenterprise_v3.html
www.paypalobjects.com/web/res/665/c7ce9a364a0f45293a9e2b00f229c/recaptcha/ Frame 560B
4 KB
2 KB
Document
General
Full URL
https://www.paypalobjects.com/web/res/665/c7ce9a364a0f45293a9e2b00f229c/recaptcha/grcenterprise_v3.html
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/020b385e73382d23/recaptchav3.js?_sessionID=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
W/"61b1dd47-fae"
expires
Tue, 20 Dec 2022 15:20:55 GMT
last-modified
Thu, 09 Dec 2021 10:41:11 GMT
paypal-debug-id
2515858bf3a5a
dc
ccg11-origin-www-1.paypal.com
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Wed, 22 Dec 2021 17:28:57 GMT
x-served-by
cache-sjc10058-SJC, cache-fra19160-FRA
x-cache
HIT, HIT
x-cache-hits
1, 14639
x-timer
S1640194138.911356,VS0,VE0
vary
Accept-Encoding
x-content-type-options
nosniff
cache-control
max-age=31536000
strict-transport-security
max-age=31557600
content-length
1549
enterprise.js
www.recaptcha.net/recaptcha/ Frame 560B
977 B
1 KB
Script
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/665/c7ce9a364a0f45293a9e2b00f229c/recaptcha/grcenterprise_v3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38aa49ae0c2be695a357140b1f5d38366293e2ffe17e34f42bbbe4b4938df542
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
619
x-xss-protection
1; mode=block
expires
Wed, 22 Dec 2021 17:28:57 GMT
ts
t.paypal.com/
42 B
501 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.5.13&t=1640194137975&g=0&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3A%3Alanding%3AlandingPageComponent%3Aweb%3A%3A&pgst=1640194136194&calc=f7983967c68e5&nsid=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=9f03a540ef8740ddb713577a6935b271&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=gdpr_v2.1&context_id=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&token=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&xe=101561%2C103160%2C103916&xt=105030%2C112531%2C116007&ccd=DE&source=button&entry_point=button&button_id=TDDDCJ336H3MQ&hosted_button_id=TDDDCJ336H3MQ&bn_code=4QRJ3YJE59TR8%253APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=true&amttyp=MERCHANT_RECOMMENDED&autord=true&rdtyp=GET&gstalwd=true&mrid=4QRJ3YJE59TR8&pp_flow=Donate&one_touch_enabled=false&pglk=null&ui_type=full_page&is_allow_note=false&has_note=false&allow_amount_edit=true&action=landing_page_loaded&uicomp=landingPageComponent&uitype=page&tt=2051&view=%7B%22t11%22%3A2052%2C%22et%22%3A%224g%22%2C%22pt%22%3A%22Donate%22%2C%22ru%22%3A%22https%3A%2F%2Fclicks.fanbridge.com%2F%22%2C%22cd%22%3A24%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 17:28:58 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1640194138.980003,VS0,VE180
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f424079f7dd8c
expires
Wed, 22 Dec 2021 17:28:58 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4070-HHN, cache-fra19174-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 560B
348 KB
137 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypalobjects.com/
Origin
https://www.paypalobjects.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 15:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 22 Dec 2022 15:48:50 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame B158
39 KB
20 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0c58c8cd7b8f1dfceb4ee402f3433216f33f4545781c825752d354e16531a18
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T30qvJji0QqBAXNNC/xfWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 22 Dec 2021 17:28:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-T30qvJji0QqBAXNNC/xfWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20469
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame B158
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 12:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24152
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 21 Dec 2022 12:04:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame B158
348 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 15:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 22 Dec 2022 15:48:50 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame B158
102 B
134 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 17:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 22 Dec 2021 17:28:58 GMT
reload
www.recaptcha.net/recaptcha/enterprise/ Frame B158
30 KB
17 KB
XHR
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
999f3631d9cf9c43401fd6bf7774be85a54b0b64799bbaceb4abf113a5276767
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=vwyxb7fs6yji
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 22 Dec 2021 17:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17053
x-xss-protection
1; mode=block
expires
Wed, 22 Dec 2021 17:28:58 GMT
verifygrcenterprise
www.paypal.com/auth/
0
2 KB
XHR
General
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-iRHNLgBXrFI90kR+F1nT0ZKQRsM2HgmcDBsXIJnPIaSS3BA1' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
x-requested-with
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-iRHNLgBXrFI90kR+F1nT0ZKQRsM2HgmcDBsXIJnPIaSS3BA1' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f3051018d06fa
server-timing
content-encoding;desc=br
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn11541-HHN, cache-fra19161-FRA
x-timer
S1640194138.352284,VS0,VE267
date
Wed, 22 Dec 2021 17:28:58 GMT
vary
accept-encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/
42 B
147 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.5.13&t=1640194138396&g=0&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1640194136194&calc=f7983967c68e5&nsid=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=9f03a540ef8740ddb713577a6935b271&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=gdpr_v2.1&context_id=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&token=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&xe=101561%2C103160%2C103916&xt=105030%2C112531%2C116007&ccd=DE&source=button&entry_point=button&button_id=TDDDCJ336H3MQ&hosted_button_id=TDDDCJ336H3MQ&bn_code=4QRJ3YJE59TR8%253APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=true&amttyp=MERCHANT_RECOMMENDED&autord=true&rdtyp=GET&gstalwd=true&mrid=4QRJ3YJE59TR8&pp_flow=Donate&one_touch_enabled=false&pglk=null&ui_type=full_page&is_allow_note=false&has_note=false&allow_amount_edit=true&e=im&cdn=fastly&pl=pdf&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2247%2C%22tcp%22%3A1390%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A201%7D&pt=Donate&ru=https%3A%2F%2Fclicks.fanbridge.com%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=1093&t3=436&t4d=0&t4=0&t4e=7&tt=2051&rdc=1&protocol=h2&cenc=br&res=%7B%7D&rtt=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 17:28:58 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1640194138.401131,VS0,VE160
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9dc07493ba3ef
expires
Wed, 22 Dec 2021 17:28:58 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4030-HHN, cache-fra19174-FRA
ts
t.paypal.com/
42 B
148 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.5.13&t=1640194138396&g=0&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1640194136194&calc=f7983967c68e5&nsid=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=9f03a540ef8740ddb713577a6935b271&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=gdpr_v2.1&context_id=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&token=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&xe=101561%2C103160%2C103916&xt=105030%2C112531%2C116007&ccd=DE&source=button&entry_point=button&button_id=TDDDCJ336H3MQ&hosted_button_id=TDDDCJ336H3MQ&bn_code=4QRJ3YJE59TR8%253APP-DonationsBF&tmpl=%2F%2Ft.paypal.&ckusr=false&charitylogo=true&amttyp=MERCHANT_RECOMMENDED&autord=true&rdtyp=GET&gstalwd=true&mrid=4QRJ3YJE59TR8&pp_flow=Donate&one_touch_enabled=false&pglk=null&ui_type=full_page&is_allow_note=false&has_note=false&allow_amount_edit=true&event_name=t_paypal_cpl&cdn=fastly&t1=0&t1c=0&t1d=0&t1s=0&t2=0&t3=187&tt=187&protocol=h2&view=%7B%22t10%22%3A0%2C%22t11%22%3A187%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 17:28:58 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1640194138.401239,VS0,VE159
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
bc27d44740405
expires
Wed, 22 Dec 2021 17:28:58 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11533-HHN, cache-fra19174-FRA
ts
t.paypal.com/
42 B
148 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.5.13&t=1640194138397&g=0&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1640194136194&calc=f7983967c68e5&nsid=P7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=9f03a540ef8740ddb713577a6935b271&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=gdpr_v2.1&context_id=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&token=evcRgCq2qzKEYW7dGgTbakP9_H5d2sH7J-xV0EYD9gr7kkPDz1IZQqdI86b1ODw0_BW5hAXO-kmy_1m2&xe=101561%2C103160%2C103916&xt=105030%2C112531%2C116007&ccd=DE&source=button&entry_point=button&button_id=TDDDCJ336H3MQ&hosted_button_id=TDDDCJ336H3MQ&bn_code=4QRJ3YJE59TR8%253APP-DonationsBF&tmpl=%2F%2Fc.paypal.&ckusr=false&charitylogo=true&amttyp=MERCHANT_RECOMMENDED&autord=true&rdtyp=GET&gstalwd=true&mrid=4QRJ3YJE59TR8&pp_flow=Donate&one_touch_enabled=false&pglk=null&ui_type=full_page&is_allow_note=false&has_note=false&allow_amount_edit=true&event_name=c_paypal_cpl&cdn=akamai&t1=0&t1c=0&t1d=0&t1s=0&t2=0&t3=193&tt=193&view=%7B%22t10%22%3A0%2C%22t11%22%3A193%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Dec 2021 17:28:58 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1640194138.401355,VS0,VE192
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
36e7e68512482
expires
Wed, 22 Dec 2021 17:28:58 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11522-HHN, cache-fra19174-FRA
tealeaftarget
www.paypal.com/platform/
40 B
615 B
Fetch
General
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c447f1bfd8c23ec66e3e41b38652e1c032ae7afa298d201b57dfaab8a93df7cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-PageId
P.Q89JC7DRYKHB38LZ6HGV77NKFW29
X-Tealeaf
device (UIC) Lib/6.1.0.1989
X-Tealeaf-SyncXHR
false
Accept-Language
de-DE,de;q=0.9
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
40699013256050907208587268108182
X-Requested-With
fetch
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/donate/
Referer
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f9100492e460e
server-timing
content-encoding;desc=br
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-hhn11560-HHN, cache-fra19161-FRA
x-timer
S1640194139.516872,VS0,VE176
x-frame-options
SAMEORIGIN
date
Wed, 22 Dec 2021 17:28:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"28-c2UGwiJaymJb2V0St0sZWcogpHM"
accept-ranges
none
x-cache-hits
0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/donate/?hosted_button_id=TDDDCJ336H3MQ

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| paypalADSInterceptorInjected string| scriptWord string| webpackPublicPath object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| latmconf object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.56.0 object| pako object| TLT object| _qsie object| webpackJsonp function| setImmediate function| clearImmediate object| core object| regeneratorRuntime object| React object| ReactDOM function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x4763 function| _0x3cac

17 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcM6r2zvuZDcYFZsEUGFvcXmm_HquLGBNtjxOjfB2SFAWrJJTvZ8XCAwSJNasDNPBk4JtDYce5auQR39StU
clicks.fanbridge.com/ Name: liveramp_session
Value: 1
clicks.fanbridge.com/ Name: circulate_session
Value: 1
clicks.fanbridge.com/ Name: arbor_session
Value: 1
.paypal.com/ Name: l7_az
Value: dcg02.phx
.paypal.com/ Name: ts_c
Value: vr%3De33055ac17d0ad0073c84dbbf65ebb28%26vt%3De33055ac17d0ad0073c84dbbf65ebb27
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
www.paypal.com/ Name: nsid
Value: s%3AP7jBiNvGaTMn8iK11GyxRwKpKQmfwSBk.XPTlaI4Sg%2FfdV4EBtNSUEJLXbWqaVG7Y2O8Xk0mFrr4
.stats.paypal.com/ Name: c
Value: f59591eb429d6aa29b20
.paypal.com/ Name: TLTSID
Value: 40699013256050907208587268108182
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.c.paypal.com/ Name: sc_f
Value: O8yVbH973umBWwoUbZm2QZ5OCG6v4tvQ-4r3iQVi4O1xybajjS2mPQdjffFL2PKyDlhjcqZYAiGuOmiBqZD7m8uc_fD80HzcFCB-6m
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: y28kW7K423gzvhAjfHTm-kiteWsyEjjMht033jM84qAE_VtkweCWPOdpX7rHst5v3GPCe5p7WK1R5JQy
.paypal.com/ Name: ts
Value: vreXpYrS%3D1734888538%26vteXpYrS%3D1640195938%26vr%3De33055ac17d0ad0073c84dbbf65ebb28%26vt%3De33055ac17d0ad0073c84dbbf65ebb27%26vtyp%3Dnew
.paypal.com/ Name: x-cdn
Value: 0133
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY0MDE5NDEzODUzNSIsImwiOiIwIiwibSI6IjAifQ

3 Console Messages

Source Level URL
Text
security error URL: https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ(Line 7)
Message:
Mixed Content: The page at 'https://clicks.fanbridge.com/l.php?cid=1586409&sid=300466464&url=https%3A%2F%2Fwww.paypal.com%2Fdonate%3Fhosted_button_id%3DTDDDCJ336H3MQ' was loaded over HTTPS, but requested an insecure frame 'http://ei.rlcdn.com/361926.html?s=961de923385b35e6a1a5edb9a8af43eddc8ebea2'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://pippio.com/api/sync?pid=2016&it=4&iv=60d3282710f675e7efc4fbe5aabbdafc&it=4&iv=961de923385b35e6a1a5edb9a8af43eddc8ebea2&it=4&iv=5cccf885c37e80787cd031305e35096d539da97cc3718f57b0fc4e14197001f8
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://data-secure.circulate.com/dapi/collect
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
clicks.fanbridge.com
data-secure.circulate.com
dub.stats.paypal.com
pics.paypal.com
pippio.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
www.paypal.com
104.17.208.240
107.178.254.65
151.101.1.21
151.101.129.35
151.101.194.133
2.18.232.75
23.45.107.81
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a04:4e42::291
35.186.233.14
64.4.245.84
75.126.27.245
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0e43d3dd60091451e53930b737377158f1246b0d998571fd1337f9e17f96b226
149960d3127ec5afd4557373318c6f6cb15e767f81fdce7cc16bb2c6f4094de3
19bf38b4a1d6b0784af2bc2ba55c21fd19fe86ba98ae6daa551c5259330d759d
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2071579c9f8109c09201d252c436cee736fedb63dfb66d58a35ae321f24c6985
254cc465eb93d9e50b419d75731aa2377d95c5d130ac5b816aecb9da1d585285
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
36739c983891c463ba83faa26a4a1d222ebe8b89360b8eb64fb13f393c7d42a5
374fe40ca99398772d4e4b317b7ca83f0e1b19f99d99c361a5dcd526dc9750a5
38aa49ae0c2be695a357140b1f5d38366293e2ffe17e34f42bbbe4b4938df542
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
3e0866acf5088ba7ce5083a715bb65b75861fd8b35bf85c887c7bbe081930abb
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
57df3ead3c1c04f639d3abbed056481e6b0a122e273ad81716cb11a819466831
5ce0d889f24c513a5c0634c15a6e634d96537a54f72e0ce8cb5116f250570d2e
66104d3bb5557ebd93a7e6c543744f93a2dfedeb83102e013357a9a3511557aa
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
6a9347562cafb27c31baa42f35c6666b5364e8e37c4aa2a5c1aaa148c149e6da
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70495328f5bd7c067a02dbcdb9496a996f2588a047ef04bda532d499f4df4a79
71399ff1720fa4e82d94d92941a8fe5ec96a4449d5f83bae63da5d361d1bcdf8
72e2574c332ce9650996ce8deb3db9078476c9826371d65f8c8eb9d8d8d5f1fc
77909d6281bf831b2109358657f774d4f97ad89faf1884b036392e0fbd934278
999f3631d9cf9c43401fd6bf7774be85a54b0b64799bbaceb4abf113a5276767
a2a1f4cec6282403ca998b9965b46394fcce948220577de6c443f4b743294cac
a67c51d6f05a86d675afc8df57659f42e3bac9d1e28a08077f2c3280165fcae6
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b01544e402269beae91e5fae7ad1bcb24f1aebd3d7335e0bf0982257f67eda51
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
b32a8f3a0a545d558e1451f1214fd0eaa0ac5fb61b4ccfee2b7cbb90caeaca25
bd8ada79a03a45c92bb3dde5461c8c42e073231c2beca37cfecef54cfccaece3
be865514810bb3b0679905c1fbef5e1b912bec056b7abacc7f2837b0eff71bcb
c447f1bfd8c23ec66e3e41b38652e1c032ae7afa298d201b57dfaab8a93df7cc
cc3da6e212cb12f553de5ad593ccf234b1457c3242d0976509a172b3e09a2058
cf80ad7714f33906a7d4cea8a21ceff4f42f69e80631875eb39e0087b76692c2
d0e805b1f8f55b4ece15c25017a3e2899d0ac5f2678aea920dd54d0bff700ee5
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
dcb8fb92eb81e039c2268eb01484bcd26c08761c4dd38303bfe7f3ec45e31a0b
deb7a8d81795d98227887ad47f080400bf635bfd970537fe70bc683ab7622cab
e1c32475b054daff0f2c3742e21952a7701bca38cdd00af6926d5f961a34bbea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e499cef109b905de1610a58312ea004db53eb8caeb6cca26fb9d3617edad79f2
e9d2dddcca65bdad05a6f993caa0ebcc9b761f5b86163aa175ea3ebba2bd5368
f0c58c8cd7b8f1dfceb4ee402f3433216f33f4545781c825752d354e16531a18
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f3e86c407d903034a9e0287a4ac6676f5b5f5f5954655593ce9defed3c86bd31
fab650e2f9ab38a5c8862911e13a984a7ab890ca7c04d60b9030be1668929a1a
fb8adbe8a1e653c655e35a94448023f734d2325f137e5b304c31f44afbcb43b6
feba227346e4aa01d7315fc9bd17bc017d690a88e87917b2f3afcf3539d28dc2