www.paypal.ebzor.com Open in urlscan Pro
45.138.51.149 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.paypal.ebzor.com/
Submission: On December 21 via automatic, source certstream-suspicious (December 21st 2024, 1:55:58 pm UTC) — Scanned from PT

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 45.138.51.149, located in Frankfurt am Main, Germany and belongs to ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG, DE. The main domain is www.paypal.ebzor.com.
TLS certificate: Issued by R11 on December 21st 2024. Valid for: 3 months.

This is the only time www.paypal.ebzor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.138.51.149 45.138.51.149	213250 (ITP-SOLUT...) (ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
3	151.101.67.1 151.101.67.1	54113 (FASTLY) (FASTLY)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
9	4

3 45.138.51.149 (Frankfurt am Main, Germany)

ASN213250 (ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG, DE)
PTR: ns1.skull-hosting.com

www.paypal.ebzor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.67.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.sandbox.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	paypal.com www.paypal.com — Cisco Umbrella Rank: 3003 www.sandbox.paypal.com — Cisco Umbrella Rank: 43638	85 KB
3	ebzor.com www.paypal.ebzor.com	3 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2811	2 KB
9	3

	Domain	Requested by
3	www.sandbox.paypal.com	www.paypal.com
3	www.paypal.ebzor.com	www.paypal.ebzor.com
2	www.paypalobjects.com	www.paypal.ebzor.com
1	www.paypal.com	www.paypal.ebzor.com
9	4

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.ebzor.com R11	`2024-12-21` - `2025-03-21`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
www.sandbox.paypal.com DigiCert EV RSA CA G2	`2024-02-05` - `2025-02-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.ebzor.com/
Frame ID: 10EE3193B2685AFC428EF4C41538977F
Requests: 5 HTTP requests in this frame

Frame: https://www.sandbox.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&message.amount=100&message.color=black&message.position=top&message.align=center&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_7b212a699f_mtm6ntu6ntq&buttonSize=huge&buyerCountry=US&customerId=&clientID=AYs8R4yFQpXo5Ca-G4KZRUkC3hdVzmlnMq4XIBBiGEi060gECpmGhU1lJRrRbtcB-wRTtTIBAIzfQatS&clientMetadataID=uid_4633981f74_mtm6ntu6ntq&commit=true&components.0=buttons&currency=USD&debug=false&disableFunding.0=venmo&disableFunding.1=paylater&disableSetCookie=true&enableFunding.0=card&env=sandbox&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hZXN0cm8iOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpbmVycyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiY3VwIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=card&sessionID=uid_4633981f74_mtm6ntu6ntq&sdkCorrelationID=prebuild&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVlzOFI0eUZRcFhvNUNhLUc0S1pSVWtDM2hkVnptbG5NcTRYSUJCaUdFaTA2MGdFQ3BtR2hVMWxKUnJSYnRjQi13UlR0VElCQUl6ZlFhdFMmYnV5ZXItY291bnRyeT1VUyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1idXR0b25zJmVuYWJsZS1mdW5kaW5nPWNhcmQmZGlzYWJsZS1mdW5kaW5nPXZlbm1vLHBheWxhdGVyIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiZGV2ZWxvcGVyLXN0dWRpbyIsImRhdGEtdWlkIjoidWlkX3VzeGZ3YWR4d2l1dWFjZW9tZ3d1dHZ4YnhwZ3F0cCJ9fQ&sdkVersion=5.0.465&storageID=uid_4eef51ebfd_mtm6ntu6ntq&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: A6738426BE444986C057657AADA1E51F
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 94FA17D587B656A546EDAFCBBD58A95D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal JS SDK Standard Integration

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

90 kB
Transfer

316 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.paypal.ebzor.com/ 765 B
643 B 280ms
88ms Document
text/html 45.138.51.149
ITP-SOLUTIONS Dom...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.ebzor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.51.149 Frankfurt am Main, Germany, ASN213250 (ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG, DE),
Reverse DNS: ns1.skull-hosting.com
Software: /
Resource Hash: 2940fe8b1583cbb15efc299edd16c54989079f3905896c67c2f604f86e826dab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 398
content-type: text/html
date: Sat, 21 Dec 2024 13:55:53 GMT
last-modified: Sat, 21 Dec 2024 18:51:14 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.paypal.com/sdk/ 305 KB
84 KB 862ms
745ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AYs8R4yFQpXo5Ca-G4KZRUkC3hdVzmlnMq4XIBBiGEi060gECpmGhU1lJRrRbtcB-wRTtTIBAIzfQatS&buyer-country=US&currency=USD&components=buttons&enable-funding=card&disable-funding=venmo,paylater

Requested by

Host: www.paypal.ebzor.com
URL: https://www.paypal.ebzor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98f8aaaf1b683099c2d2d44c44bece311c2e91b1733ebf2d68868f90ec528de0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-x8rVU3vULlexuf+EYs3E5YBdS4ufCb4fKakihNnvT4zPpTYQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-x8rVU3vULlexuf+EYs3E5YBdS4ufCb4fKakihNnvT4zPpTYQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.ebzor.com/

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f760080c0e667
content-encoding: gzip
etag: W/"148f6-0/bbwwpQCFQcUx00gcih75vAHc4"
age: 0
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
disable-set-cookie: true
traceparent: 00-0000000000000000000f760080c0e667-96665e7d1e1cd4ce-01
server-timing: "traceparent;desc="00-0000000000000000000f760080c0e667-bf3b3c7938768874-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
p3p: true
date: Sat, 21 Dec 2024 13:55:54 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-lhr-egll1980051-LHR, cache-lis1490043-LIS, cache-lis1490043-LIS
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
x-cache: MISS, MISS, MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-x8rVU3vULlexuf+EYs3E5YBdS4ufCb4fKakihNnvT4zPpTYQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-x8rVU3vULlexuf+EYs3E5YBdS4ufCb4fKakihNnvT4zPpTYQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: public, max-age=3600, s-maxage=10800
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734789354.595292,VS0,VE697
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84214
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
www.paypal.ebzor.com/ 4 KB
1 KB 87ms
87ms Script
text/javascript 45.138.51.149
ITP-SOLUTIONS Dom...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.ebzor.com/app.js
Requested by: Host: www.paypal.ebzor.com
URL: https://www.paypal.ebzor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.51.149 Frankfurt am Main, Germany, ASN213250 (ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG, DE),
Reverse DNS: ns1.skull-hosting.com
Software: /
Resource Hash: 3eb0f831ac7d620ac2d35f5164a88eb823d65749c4834f38a23d38561238ec03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.ebzor.com/

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 1087
date: Sat, 21 Dec 2024 13:55:53 GMT
content-type: text/javascript
last-modified: Sat, 21 Dec 2024 18:51:14 GMT
vary: Accept-Encoding

GET
H2 200 buttons
www.sandbox.paypal.com/smart/ Frame A673 0
0 666ms
551ms Document
text/html 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&message.amount=100&message.color=black&message.position=top&message.align=center&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_7b212a699f_mtm6ntu6ntq&buttonSize=huge&buyerCountry=US&customerId=&clientID=AYs8R4yFQpXo5Ca-G4KZRUkC3hdVzmlnMq4XIBBiGEi060gECpmGhU1lJRrRbtcB-wRTtTIBAIzfQatS&clientMetadataID=uid_4633981f74_mtm6ntu6ntq&commit=true&components.0=buttons&currency=USD&debug=false&disableFunding.0=venmo&disableFunding.1=paylater&disableSetCookie=true&enableFunding.0=card&env=sandbox&experiment.enableVenmo=false&experiment.venmoVaultWithoutPurchase=false&experiment.venmoWebEnabled=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hZXN0cm8iOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpbmVycyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiY3VwIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&hasShippingCallback=false&platform=desktop&renderedButtons.0=paypal&renderedButtons.1=card&sessionID=uid_4633981f74_mtm6ntu6ntq&sdkCorrelationID=prebuild&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVlzOFI0eUZRcFhvNUNhLUc0S1pSVWtDM2hkVnptbG5NcTRYSUJCaUdFaTA2MGdFQ3BtR2hVMWxKUnJSYnRjQi13UlR0VElCQUl6ZlFhdFMmYnV5ZXItY291bnRyeT1VUyZjdXJyZW5jeT1VU0QmY29tcG9uZW50cz1idXR0b25zJmVuYWJsZS1mdW5kaW5nPWNhcmQmZGlzYWJsZS1mdW5kaW5nPXZlbm1vLHBheWxhdGVyIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoiZGV2ZWxvcGVyLXN0dWRpbyIsImRhdGEtdWlkIjoidWlkX3VzeGZ3YWR4d2l1dWFjZW9tZ3d1dHZ4YnhwZ3F0cCJ9fQ&sdkVersion=5.0.465&storageID=uid_4eef51ebfd_mtm6ntu6ntq&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AYs8R4yFQpXo5Ca-G4KZRUkC3hdVzmlnMq4XIBBiGEi060gECpmGhU1lJRrRbtcB-wRTtTIBAIzfQatS&buyer-country=US&currency=USD&components=buttons&enable-funding=card&disable-funding=venmo,paylater

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.venmo.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.ebzor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.venmo.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sat, 21 Dec 2024 13:55:55 GMT
etag: W/"8032a-UpHtwt5sHM4OcaKDn/uJ4Hrzy3A"
http_x_pp_az_locator: ccg18.slc
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f648708d4b571
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc=gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f648708d4b571-ec18543b3f1013fb-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr-egll1980088-LHR, cache-lhr-egll1980091-LHR, cache-lis1490042-LIS
x-timer: S1734789355.611867,VS0,VE505
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 94FA 3 KB
2 KB 400ms
62ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: www.paypal.ebzor.com
URL: https://www.paypal.ebzor.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mdr/6751) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id: d18d9e9ea48ff
content-encoding: br
etag: W/"642c9aab-cc2"
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 14:55:54 GMT
traceparent: 00-0000000000000000000d18d9e9ea48ff-876595a86b750599-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 21 Dec 2024 13:55:54 GMT
content-type: image/svg+xml
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 1246
server: ECAcc (mdr/6751)

GET
H2 200 card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 94FA 1 KB
762 B 404ms
66ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg

Requested by

Host: www.paypal.ebzor.com
URL: https://www.paypal.ebzor.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mdr/675D) /

Resource Hash

1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

paypal-debug-id: 5976a99a83c65
content-encoding: br
etag: W/"642c9aab-54e"
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 14:55:54 GMT
traceparent: 00-00000000000000000005976a99a83c65-4f3dc1583854614f-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sat, 21 Dec 2024 13:55:54 GMT
content-type: image/svg+xml
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 638
server: ECAcc (mdr/675D)

GET
H3 404 favicon.ico
www.paypal.ebzor.com/ 796 B
1 KB 85ms
85ms Other
text/html 45.138.51.149
ITP-SOLUTIONS Dom...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.ebzor.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.138.51.149 Frankfurt am Main, Germany, ASN213250 (ITP-SOLUTIONS Dominic Scholz trading as ITP-Solutions GmbH & Co. KG, DE),
Reverse DNS: ns1.skull-hosting.com
Software: /
Resource Hash: c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.ebzor.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 796
pragma: no-cache
date: Sat, 21 Dec 2024 13:55:55 GMT
content-type: text/html

OPTIONS
H2 204 logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame 0
0 330ms
237ms Preflight 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypal.ebzor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypal.ebzor.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 21 Dec 2024 13:55:55 GMT
http_x_pp_az_locator: ccg18.slc
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f9920721cea9d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9920721cea9d-5e3c72f44f3cc51c-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr-egll1980092-LHR, cache-lhr-egll1980092-LHR, cache-lis1490050-LIS
x-timer: S1734789356.630390,VS0,VE191

POST
H2 200 logger Show response
www.sandbox.paypal.com/xoplatform/logger/api/ 971 B
917 B 274ms
271ms XHR
application/json 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afebbefbb1241fdd5cb7cfe84971f2627d93f4024d257291c17c1ea3602d674a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.ebzor.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
content-type: application/json

Response headers

paypal-debug-id: f9920727f446d
content-encoding: br
etag: W/"3cb-xEqfQe6UW0M8DJiHZN8lsXa+vIY"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f9920727f446d-d25039d83d814b77-01
server-timing: content-encoding;desc=br
x-cache: MISS, MISS, MISS
date: Sat, 21 Dec 2024 13:55:56 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-lhr-egll1980035-LHR, cache-lhr-egll1980024-LHR, cache-lis1490050-LIS
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
http_x_pp_az_locator: ccg18.slc
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734789356.870348,VS0,VE224
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.ebzor.com

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.paypal.ebzor.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.paypal.com
www.paypal.ebzor.com
www.paypalobjects.com
www.sandbox.paypal.com
151.101.129.21
151.101.67.1
192.229.221.25
45.138.51.149
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2940fe8b1583cbb15efc299edd16c54989079f3905896c67c2f604f86e826dab
3eb0f831ac7d620ac2d35f5164a88eb823d65749c4834f38a23d38561238ec03
98f8aaaf1b683099c2d2d44c44bece311c2e91b1733ebf2d68868f90ec528de0
afebbefbb1241fdd5cb7cfe84971f2627d93f4024d257291c17c1ea3602d674a
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

www.paypal.ebzor.com Open in urlscan Pro 45.138.51.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

90 kBTransfer

316 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.paypal.ebzor.com Open in urlscan Pro
45.138.51.149 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

90 kB
Transfer

316 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions