paypalredirect.com Open in urlscan Pro
2606:4700:3031::ac43:92f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paypalredirect.com/
Submission Tags: @phishunt_io
Submission: On January 27 via api (January 27th 2022, 5:20:34 am UTC) from DE — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3031::ac43:92f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is paypalredirect.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time paypalredirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3031::ac43:92f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	213.221.85.72 213.221.85.72	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	151.101.128.241 151.101.128.241	54113 (FASTLY) (FASTLY)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	45.142.179.53 45.142.179.53	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	46.245.182.46 46.245.182.46	41412 (MIVITEC-AS) (MIVITEC-AS)
1	2a00:1158:100... 2a00:1158:1000:300::589	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2606:4700:310... 2606:4700:3108::ac42:2ba6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.217.75 104.111.217.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	144.208.10.23 144.208.10.23	44453 (INTERNEX-AS) (INTERNEX-AS)
1	2606:4700:303... 2606:4700:3031::6815:208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
37	14

23 2606:4700:3031::ac43:92f9 (United States)

ASN13335 (CLOUDFLARENET, US)

paypalredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.221.85.72 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www0.f1online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.241 (United States)

ASN54113 (FASTLY, US)

rlv.zcache.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.142.179.53 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: nc07.myclipboard.net

www.oftersheim.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.245.182.46 (Kaufbeuren, Germany)

ASN41412 (MIVITEC-AS, DE)
PTR: 46-245-182-46.static.mivitec.net

www.swp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1158:1000:300::589 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)

www.neolyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2ba6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.testbericht.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-75.deploy.static.akamaitechnologies.com

www.bz-berlin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.208.10.23 (Austria)

ASN44453 (INTERNEX-AS, AT)
PTR: serv62544994.secure-node.at

www.tennisnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:208 (United States)

ASN13335 (CLOUDFLARENET, US)

ocarlla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	paypalredirect.com paypalredirect.com	236 KB
2	gstatic.com fonts.gstatic.com	54 KB
1	ocarlla.com ocarlla.com	25 KB
1	tennisnet.com www.tennisnet.com	116 KB
1	bz-berlin.de www.bz-berlin.de — Cisco Umbrella Rank: 181887	47 KB
1	testbericht.de img.testbericht.de — Cisco Umbrella Rank: 657443
1	neolyd.com www.neolyd.com	484 KB
1	swp.de www.swp.de — Cisco Umbrella Rank: 293854	683 KB
1	oftersheim.de www.oftersheim.de	578 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2447	354 KB
1	zcache.de rlv.zcache.de	87 KB
1	f1online.de www0.f1online.de	108 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
37	13

	Domain	Requested by
23	paypalredirect.com	paypalredirect.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ocarlla.com	paypalredirect.com
1	www.tennisnet.com	paypalredirect.com
1	www.bz-berlin.de	paypalredirect.com
1	img.testbericht.de	paypalredirect.com
1	www.neolyd.com	paypalredirect.com
1	www.swp.de	paypalredirect.com
1	www.oftersheim.de	paypalredirect.com
1	upload.wikimedia.org	paypalredirect.com
1	rlv.zcache.de	paypalredirect.com
1	www0.f1online.de	paypalredirect.com
1	fonts.googleapis.com	paypalredirect.com
37	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www0.f1online.de R3	`2021-11-21` - `2022-02-19`	3 months	crt.sh
rlv.zcache.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-19`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
www.oftersheim.de R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.swp.de RapidSSL TLS RSA CA G1	`2021-05-04` - `2022-05-24`	a year	crt.sh
www.neolyd.com Starfield Secure Certificate Authority - G2	`2021-04-15` - `2022-04-26`	a year	crt.sh
tortuga.cloud DigiCert SHA2 Secure Server CA	`2021-05-15` - `2022-05-20`	a year	crt.sh
www.tennisnet.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-24` - `2022-12-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paypalredirect.com/
Frame ID: 36DC7F88C50C610C11393593E0615DC3
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blutiger Geschmack Beim Husten - paypalredirect.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

14
IPs

4
Countries

2772 kB
Transfer

3265 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paypalredirect.com/ 39 KB
9 KB 136ms
85ms Document
text/html 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe4c5713f649d1111143d7e273db263476c69a1523c382ff33d4f819fa45798

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000
cache-control: public, no-cache
referrer-policy: unsafe-url
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSphFv3ylWxvPvHPorYQ8pjmWN4RDddkzscanDgNh4FegH4mDRtPR4EhD3zh4v1hqG6eDR26JBKvtSTeJNRvENk0qR3Nc3wjmOa%2BHwH0PIaL7yuksjjDLwr2%2BdQcS84AfqDBkrRtpqBRVrNk7KPlFeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3f883c8ef90f5e-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
paypalredirect.com/wp-includes/css/dist/block-library/ 40 KB
6 KB 87ms
84ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78c-a1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs8I2sY8WvquJZrROHP47hTXCpOIKUi3UUn0BajT2LIKVTqTuUGat9Mfy6XVJXqiTfBrevfaOWFI5PLfvkoNXpzAPWNwcy7hqCTfibZSI31BF9vRyMJHdg3pk12o1KWnzA%2B96v4mOFywD6VaIrna4QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f840f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
paypalredirect.com/wp-content/plugins/author-hreview/style/ 6 KB
2 KB 84ms
82ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/plugins/author-hreview/style/style.css?ver=5.3

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c4d1779e7d8e3c5299633426006e5e3ef3f71bd4905dca55e80587a912291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78a-171f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6NbyUjxNSNRUtOIFi2L3fDo2p%2BYcsOOOMm34DSUHv0raVsQ3Y%2Fzu6eE9SC%2BNmvIuFUZ9aEceWuB2Jy9HdY%2FOpBCI76SZJHePjlWpHUaBxTfxYRAeNgzVomG3ksA4a5TA%2BSY4A4QPui5Mh0DPrgyqhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f850f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css
paypalredirect.com/wp-content/themes/total/css/ 69 KB
5 KB 103ms
101ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/css/animate.css?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c065a79be7511e259631f7f99f4191ad98befcfcc2f739cb2c18e39f11c48272

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78a-11498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulJ%2BBjpGsjws1KtFkNTFmyiR40AiPLsKu%2B8DaM%2FUq5DyjjuQvKiSNS1UUe%2Bpbcu71rrbImDzmxmGMb82mUqrM56BVx%2B%2Fr3d8GiQLkvGppQJ0mG0pSdyknIFtVynOqfPqyH0vI2emEy0CxqDkA2VyJZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f860f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.css
paypalredirect.com/wp-content/themes/total/css/ 34 KB
7 KB 102ms
100ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/css/font-awesome.css?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d0973a54d1f231e17e71a062371e50ffff320a49835df032230329473c31155

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78a-8926"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KChNPiLbwEi1ptkzG06ifMpSmZXXpFD8I4zynAaWMtvYCGUfkt1eTGDY4FX2W%2B3weo2HD%2FJ4x4rq%2BLAf3WCDi%2BULdVokmoGCnL84HNJ5o79UK6wxgyMEboRpuys4DhBxUrhJPsaMhrYd2HtIxqZjoLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f870f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.css
paypalredirect.com/wp-content/themes/total/css/ 5 KB
2 KB 102ms
100ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/css/owl.carousel.css?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c00c027ed2eb47a30ba9e917bb5b8846a218dc89329b0fc7222b37cfb33c93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78a-12db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB%2BSCQZ3vYYeW2eULByWInnHvjlgXUVI4V8aur1eKiO4wLqS%2FqAme5VrgZDnRj6Y%2B1GKDKFxcawuYK3HzzzzDCDRHCt85zjMGcFSyLfNDGcl%2FBnOAMKd%2BVL%2FEvKTG5JN6SWkK%2B%2BMfedgzGX%2BwV1gNzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f880f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nivo-lightbox.css
paypalredirect.com/wp-content/themes/total/css/ 8 KB
2 KB 86ms
84ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/css/nivo-lightbox.css?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c149e16fe998a0fb5333caf33ea99f61114d637eb82fde7186c7d0ec8e15bcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78a-212d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LT4hyn%2FAv9VXqA2eVpleQpqBxfFRx9t5jEDy63m4iFqFz7E6AZbjgdbZXD7KcY8%2FE%2FYLB4EBiIRBaXDRVrgnOBVFFOGf1qjFtc9KUVhy2Kl%2FaFekQiqaf2UYutExTRkx2nVgG1J7uL7kNKxg4A7TrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f890f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
paypalredirect.com/wp-content/themes/total/ 72 KB
14 KB 105ms
103ms Stylesheet
text/css 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/style.css?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d750b731bb8d9bbd928afcddf851f0df242846a5293fac5622e15933c38b41e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be789-12179"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAIRLYxFpbX39LPlR7I6R7Lftw28UaneOFqjURo44Vgxr5nvHbabeNVIBg80jJFyDmDMcHYdCigucKrz%2FHznrcibYAu2YhE45w%2FqxIhcvCyb2J9SLI%2FC2oVIs%2BktVLcRlsJeIoeMAGb7SEuCw2S1sd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d3f8a0f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 51ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pontano+Sans%7COswald%3A400%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4041c180a9f43d016ed240ae4cce31cb2e5731d26591cd1e9815140121822492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 05:20:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 05:20:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 05:20:30 GMT

GET
H2 200 jquery.js Show response
paypalredirect.com/wp-includes/js/jquery/ 95 KB
34 KB 116ms
114ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be789-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhsNA5IiKFNTp64AH9uLeNDhHm%2BpdLfctks7sbOt1f34G1Dz%2Bm%2FzDGU6fvEzw5ir5DMxk%2BXGnaVYoSXLzceUSLC%2BD7JWblJUMgBBkb6F%2FRTWt1XO%2BcKN7Q88NG7%2F4RY5J50OiNDSoEpUOsP0MKlxypY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d4f8b0f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
paypalredirect.com/wp-includes/js/jquery/ 10 KB
4 KB 89ms
88ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be789-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT4eclckCgPudV7UkwBt8WmXaAPObsko3Gbv66YaNIxX94WPLn95zpLVYnQi5ZNdzIUbbXYrPaymU9C3ig0zKI4zIKPj9BaJzUjFkv51BtywGV%2F5vS75vHLVu0umZpBDSMIUQ1xhyebEKY8YUY0eGEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d4f8c0f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imagesloaded.min.js Show response
paypalredirect.com/wp-includes/js/ 8 KB
3 KB 91ms
90ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be787-1fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLXZRg89ZcYTUQE9WkLIOHn1858APqHLNGmI5KX7n5%2F3cdp0Y9Q7jf62uTbj5sg0yVcChcIE2YEW5RQh77y5eCZIHb3L%2BBrrXAvZnuQZfd4MMKSuk1R4KSWBZiixUO2P7goF%2FVluk3x9TV9TGAu3%2F7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d4f8d0f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.stellar.js Show response
paypalredirect.com/wp-content/themes/total/js/ 23 KB
5 KB 105ms
104ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/jquery.stellar.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cafdc75783c661554df0c541ff661181b5e09ed440acd98cbb03d5e0a78bdea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-5af2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnnvfjRd1soyEAj65MHhhsvOMGMxXeI2EOdeINKodYVZQZJ41CjETxHsvpVTzzWJ9BGqrwTk8IAxtjeHQqBnM0bUi3AyEM7szG%2BZwK%2B0F6L0qNSnaY0vzWvHZsXvj7F3op4nBJOB%2BcSgClMiCPfQRms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883d5faa0f5e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3091528.jpg
www0.f1online.de/preW/003091000/ 108 KB
108 KB 55ms
12ms Image
image/jpeg 213.221.85.72
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www0.f1online.de/preW/003091000/3091528.jpg
Requested by: Host: paypalredirect.com
URL: https://paypalredirect.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.221.85.72 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1e9e20732c6581df7d88155e09c4d4e6760fe73f834181b0b42c17fc8e04831e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
last-modified: Wed, 17 Jun 2020 15:24:17 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1aec4-5a84940d39b46"
content-length: 110276
content-type: image/jpeg

GET
H2 200 fake_nachrichten_poster-rc5af8e05bae04ba690fa485682014b6f_wve_8byvr_630.jpg
rlv.zcache.de/ 87 KB
87 KB 49ms
8ms Image
image/jpeg 151.101.128.241
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rlv.zcache.de/fake_nachrichten_poster-rc5af8e05bae04ba690fa485682014b6f_wve_8byvr_630.jpg?view_padding=[285%2C0%2C285%2C0]

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.241 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6db7c6402487f6c330548ecb04d25abe1e8ab0fba7fcc67628f41099655dd09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1691469
x-cache: HIT, HIT
x-image-height: 630
content-length: 88826
x-xss-protection: 1; mode=block
x-served-by: cache-pao17430-PAO, cache-hhn4055-HHN
x-image-width: 1200
last-modified: Fri, 07 Jan 2022 15:29:20 GMT
x-timer: S1643260830.452686,VS0,VE1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31557600
content-type: image/jpeg
cache-control: public, max-age=3196800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Feb 2022 15:29:20 GMT

GET
H2 200 ACDC_Ticket-2121360668.jpg
upload.wikimedia.org/wikipedia/commons/d/de/ 353 KB
354 KB 63ms
27ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/d/de/ACDC_Ticket-2121360668.jpg

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

819975150e17faa425993dbd9ebfcced0c5ef1ac1c4d7470c8401e7c1470fc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:34:08 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 20783
x-cache-status: hit-front
x-cache: cp3063 hit, cp3065 hit/1
server-timing: cache;desc="hit-front", host;desc="cp3065"
content-length: 361060
x-client-ip: 2001:ac8:20:3b00:1011:5973:470d:5090
x-object-meta-sha1base36: r13594gq81lxy4k639ek2neiik9c30g
last-modified: Mon, 07 Oct 2013 00:47:17 GMT
server: ATS/8.0.8
etag: bcc584b9fede0e8c4600ca6e3d6b5f3f
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dsc_0069.jpg
www.oftersheim.de/media-db/_attach/new/7615/ 578 KB
578 KB 90ms
19ms Image
image/jpeg 45.142.179.53
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oftersheim.de/media-db/_attach/new/7615/dsc_0069.jpg
Requested by: Host: paypalredirect.com
URL: https://paypalredirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.142.179.53 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: nc07.myclipboard.net
Software: Apache/2.4.25 (Debian) /
Resource Hash: 49e78bb4759f7046eecf7dd19435c3b405de9a5ddbf8d32c04f02fde37c51d01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
last-modified: Mon, 01 Apr 2019 09:02:12 GMT
server: Apache/2.4.25 (Debian)
accept-ranges: bytes
etag: "90701-5857446ad0d00"
content-length: 591617
content-type: image/jpeg

GET
H2 200 w1176_h662_x688_y387_ad064018d28b35d9.jpeg
www.swp.de/imgs/07/7/5/8/1/6/9/7/9/tok_b59f38d535bab57d97601bacf14cdd3f/ 682 KB
683 KB 53ms
13ms Image
image/jpeg 46.245.182.46
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.swp.de/imgs/07/7/5/8/1/6/9/7/9/tok_b59f38d535bab57d97601bacf14cdd3f/w1176_h662_x688_y387_ad064018d28b35d9.jpeg

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.245.182.46 Kaufbeuren, Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-46.static.mivitec.net

Software

Apache /

Resource Hash

c2579066100deb24c7a2c9bb8b9578dc4c78a773de51057ea5636fa8f0b95300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
ndi-cache: Caching IMGs
last-modified: Mon, 08 Nov 2021 17:28:05 GMT
server: Apache
etag: "aa637-5d04a50d2dbce"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/jpeg
vary: Origin
cache-control: max-age=604800, public, must-revalidate, private
strict-transport-security: max-age=63072000
accept-ranges: bytes
link: <https://www.swp.de/imgs/07/7/5/8/1/6/9/7/9/ad064018d28b35d9.jpeg>;rel="canonical"
content-length: 697911

GET
H2 200 the-war-on-drugs-thinking-of-a-place.jpg
www.neolyd.com/wp-content/uploads/ 481 KB
484 KB 105ms
28ms Image
image/jpeg 2a00:1158:1000:300::589
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.neolyd.com/wp-content/uploads/the-war-on-drugs-thinking-of-a-place.jpg

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1158:1000:300::589 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

Apache /

Resource Hash

7acea439ffb8bebb81ccf2e9aa33f7bf7440619b4ac63b25d9af079acaab47ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 28 Apr 2017 15:21:49 GMT
server: Apache
date: Thu, 27 Jan 2022 05:20:30 GMT
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 492164
expires: max-age=A10368000, public

GET
H2 404 37700010530316.jpg
img.testbericht.de/offerimages/ 0
0 129ms
75ms Image
text/plain 2606:4700:3108::ac42:2ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.testbericht.de/offerimages/37700010530316.jpg
Requested by: Host: paypalredirect.com
URL: https://paypalredirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 89755034_1495197043-768x432.jpg
www.bz-berlin.de/data/uploads/2017/05/ 47 KB
47 KB 183ms
116ms Image
image/jpeg 104.111.217.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bz-berlin.de/data/uploads/2017/05/89755034_1495197043-768x432.jpg
Requested by: Host: paypalredirect.com
URL: https://paypalredirect.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.217.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2093fa1c44d40bff7ca51d387a52fb0bf70880251ceacaa69f18c67f3efb88f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Ac4V7B7VveF7iuC951HH4tufaoJSqNrl
last-modified: Fri, 19 May 2017 12:30:50 GMT
server: nginx
etag: "0ddfd04bba8ca5db4422877ddce4fa16"
x-cache-status: MISS
content-type: image/jpeg
cache-control: max-age=2592000
date: Thu, 27 Jan 2022 05:20:30 GMT
accept-ranges: bytes
content-length: 47861
expires: Sat, 26 Feb 2022 05:20:30 GMT

GET
H2 200 csm_01moritz_thiem_Dominic_thiem_f5fe7a496f.jpg
www.tennisnet.com/fileadmin/_processed_/d/7/ 115 KB
116 KB 146ms
27ms Image
image/jpeg 144.208.10.23
INTERNEX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tennisnet.com/fileadmin/_processed_/d/7/csm_01moritz_thiem_Dominic_thiem_f5fe7a496f.jpg

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.208.10.23 , Austria, ASN44453 (INTERNEX-AS, AT),

Reverse DNS

serv62544994.secure-node.at

Software

Apache /

Resource Hash

bb98341e888db5c0234833daf72791190e2cf1782f803d623aa43f78b9934167

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Aug 2019 08:56:39 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-forwarded-proto: https
content-length: 117453
expires: Sat, 26 Feb 2022 05:20:30 GMT

GET
H2 200 10287-1.jpg
ocarlla.com/wp-content/uploads/2017/11/ 24 KB
25 KB 147ms
88ms Image
image/jpeg 2606:4700:3031::6815:208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ocarlla.com/wp-content/uploads/2017/11/10287-1.jpg
Requested by: Host: paypalredirect.com
URL: https://paypalredirect.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6a0d87be0ee279645502fcfa980259dbd346ba25a4127f86fca1e3a80f3e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2017 11:30:22 GMT
server: cloudflare
etag: "5ffd-55d770355cf80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUyVHh%2F0qtIYtK4FW5Gy3tNuJk9K93Gz%2FcaqNSh6LxChHE4wuSszV5osQ9bURWD9xBQvDL921NwCETrmPfskj9baxIiVPzgU5m0amAwzIJLHM7Mb6tduZgEAwsgS6aCQqhdFPYSNYO4bUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d3f883e7a2e83a0-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24573

GET
H3 200 jquery.nav.js Show response
paypalredirect.com/wp-content/themes/total/js/ 7 KB
3 KB 123ms
123ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/jquery.nav.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e26acb1e2121ed84ec8b4b9de40b9b4c016193998db0376f9fd97f4cc4ce772

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-1b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvQ04l5wuAgpTkL85evLGm8hpHSx5SK%2FFElml0T8jOtve0tWdKkOM75Py7zk9XjnXzTlR4O%2BrvtKEeo5B9PQVUMZRweb%2B009qLXr4XY1M2I7VqrtvCgEH%2BgJEGde6VHWHFrWku%2BLedEyQShChzwYa1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883ded1659a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 owl.carousel.js Show response
paypalredirect.com/wp-content/themes/total/js/ 88 KB
21 KB 152ms
152ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/owl.carousel.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-15f88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvQluFujUqSly6jP7h9t%2B4cH%2FccXau7WqJ%2FaqTfGSAmacFRI5nsVW996jovMjJA%2B3Jn2uD5O7lwdGIY7jvkH1j0%2FCzMZBHbJQAoXNAN%2BYlPtQ5JAJI2PdGfd%2FWtHEA8KN%2FJKPF%2BogY9c76dbU3Re89o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e0d3459a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 isotope.pkgd.js Show response
paypalredirect.com/wp-content/themes/total/js/ 89 KB
23 KB 155ms
153ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/isotope.pkgd.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d611357cf3db84130734a858f1322e0a17ec5b1761966266f691d2f4a21a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-16505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v8zkcUBEDKJgllHhrJESMBkn9Qf8w2Eyo07H9fjaFs%2F2Mhyqk5f8GhZV46aqUdTSVaBkwu2mY29FwZ34kYoGFOmERwELr6bYhcEWVxnQYjzUffbU%2F5c8giTdAqu7D9CaZAC4LVQLC%2FigamwNCk7pGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5359a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 nivo-lightbox.js Show response
paypalredirect.com/wp-content/themes/total/js/ 13 KB
4 KB 123ms
120ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/nivo-lightbox.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48a0dfcb35728a50647837412515149200110486d731dade126cbfbd8e24540d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-35e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQIyOkjVBkmh1SeLfvihxDf0nS5I3vK9py%2BdOtZUARSx17FP0MILrB5v4CsVR5YA02BunZL56lZilnCX9SnebKy3NoPjjxLJMUPmvgEKS7ymQ%2B1YHio33zHSkhVtFTzmxDyRqTFFz0rEnzW%2BSJufXwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5559a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 superfish.js Show response
paypalredirect.com/wp-content/themes/total/js/ 7 KB
3 KB 155ms
152ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/superfish.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78c-1b3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiqaKJM6GryXE4HQbvlptMO3idECCHqnUcFsegdiUQfRJZIaPQ3o7mqCE7BaF6xl0ugbbyrAojQUlqUcLfCMImyR8NTYyNuw2U1OCY3Ti%2FGEdv6tf9Qwn7Jjj1%2BrhD7yZfCFFW%2BX15H8IRw2GazaQVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5759a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 odometer.js Show response
paypalredirect.com/wp-content/themes/total/js/ 21 KB
6 KB 155ms
152ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/odometer.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c211ac14f0c94929445fe8f1759520592dc5c40c78b5e891f007bc1936c71038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78b-52d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FpdSBF6i49lLRmnojhAGKBNkPzeY9HD%2BEXB3fEHbeWZwA%2F%2FevZ0dHAs%2F8dzOUxtHIyz3tPFW%2BUlZOiYji%2FMfpnb27ZMELIAUnmOTEBXY0fVblcHoQF3N6u%2B7u9j%2FESDW4JgCTBNLuEYbFXdxlogteM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5859a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 waypoint.js Show response
paypalredirect.com/wp-content/themes/total/js/ 17 KB
4 KB 118ms
115ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/waypoint.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2709bfa17d9cacd051779b518056b6d3b3114fb0dfdd61cee3004f8ce9f959

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78c-448c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apNSi4BYdt%2FhZHjjN5otrLOVhVa6DvZYS4D6WXdtJrFnjU0TmtR8VIi9O7I%2FtyGDQkOjsNAJONCgGouFEf2lHGscOx4RPht3Vfp%2BhkDzCycGbnlwxXSk3kUcLX6kQSbf2ZtpgJJDU71F%2Bn%2BWdqhcmZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5a59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 total-custom.js Show response
paypalredirect.com/wp-content/themes/total/js/ 9 KB
3 KB 155ms
152ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/js/total-custom.js?ver=1.2.47

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924df9d54b92eb501266cca1d15ff340903d343af839135e6215c0dd0b221c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be78c-238a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWul7wfaTEm1%2F31K63Fp2GK8RDdGQNJ94qR6MUhx2W50VnZD9L6itzlpaaX6ecMYukq5F35VoIMgx3J6GIgJ8dsolCrbY6HY1jjKDhevgFpJuHnCbzNq3I5jjgAhKHBb%2FEIpwdEZ9437Kpuf6JZSRGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5b59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-embed.min.js Show response
paypalredirect.com/wp-includes/js/ 1 KB
1 KB 119ms
116ms Script
application/javascript 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-includes/js/wp-embed.min.js?ver=5.3

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"605be787-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rJhC%2F7MOHU2SZ5t%2F33DinH1hPfuRtTqjNo6u13MireWorct1HLkDQIJfhWWjQELT1iiFYSijnDG%2FguvNZ8pn1%2Bahbth0OqWEbjtiZ04XajANisJeF64qrfaTulh4WcOGC%2FqFI%2FGF9NdeEg%2FGNVuMQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6d3f883e1d5c59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET wp-emoji-release.min.js
paypalredirect.com/wp-includes/js/ 0
0

GET
H3 200 footer-bg.jpg
paypalredirect.com/wp-content/themes/total/images/ 3 KB
4 KB 114ms
114ms Image
image/jpeg 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paypalredirect.com/wp-content/themes/total/images/footer-bg.jpg

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/wp-content/themes/total/style.css?ver=1.2.47

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82944ef336cfedb2dabfc27aaa8efdbabd3495777295e473a8a4fa53a43fdeb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paypalredirect.com/wp-content/themes/total/style.css?ver=1.2.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 3172
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "605be78b-c64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj43bMUATvarJq6Pl191av4dihm%2FI9a6hQ9KRVUftVUcncTo2j9VkwwF9kFrAnTIoLvEpNw6XPBRtwA0NDXJYqhxgtfyzioU29zwRj4%2Fp%2Bms33kQfjmFEfKjORffQ99U4wKmP9YdNzTfFTa%2FvRUuzGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d3f883e1d5d59a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2
fonts.gstatic.com/s/pontanosans/v11/ 22 KB
23 KB 48ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pontanosans/v11/qFdD35GdgYR8EzR6oBLDHa3axT8N.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Pontano+Sans%7COswald%3A400%2C700%2C300&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e8a9c58f1a09aec761568ab9c851abb6b9d7e0348dd165dbeff49512d604b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paypalredirect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 22:43:42 GMT
x-content-type-options: nosniff
age: 196608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22620
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 19:49:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Jan 2023 22:43:42 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 31 KB
31 KB 54ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Pontano+Sans%7COswald%3A400%2C700%2C300&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paypalredirect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 03:21:26 GMT
x-content-type-options: nosniff
age: 93544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31624
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 03:21:26 GMT

GET
H3 200 fontawesome-webfont.woff2
paypalredirect.com/wp-content/themes/total/css/fonts/ 70 KB
71 KB 168ms
168ms Font
application/octet-stream 2606:4700:3031::ac43:92f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypalredirect.com/wp-content/themes/total/css/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: paypalredirect.com
URL: https://paypalredirect.com/wp-content/themes/total/css/font-awesome.css?ver=1.2.47

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paypalredirect.com/wp-content/themes/total/css/font-awesome.css?ver=1.2.47
Origin: https://paypalredirect.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:20:30 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 71896
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 01:29:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "605be78d-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8jtUc8iDFINsKYdJLjwcqOEzuIWQk%2Fb5n3Sv%2F7py04taBNMNvEyWinScMP4zyCtMQOTzy2Y1eyv7%2FpQkaFyogWIHIlXgPiKLBfvJ%2BYk8c3gSeQ4Ktds%2FBgzp%2FuZ5cThOLplk3Kk%2F%2BnccfSj1rYWW7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d3f883e2d6059a7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paypalredirect.com
URL: http://paypalredirect.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://paypalredirect.com/ Message: Mixed Content: The page at 'https://paypalredirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www0.f1online.de/preW/003091000/3091528.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://paypalredirect.com/ Message: Mixed Content: The page at 'https://paypalredirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.bz-berlin.de/data/uploads/2017/05/89755034_1495197043-768x432.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://paypalredirect.com/(Line 81) Message: Mixed Content: The page at 'https://paypalredirect.com/' was loaded over HTTPS, but requested an insecure script 'http://paypalredirect.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://paypalredirect.com/ Message: Mixed Content: The page at 'https://paypalredirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www0.f1online.de/preW/003091000/3091528.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://paypalredirect.com/ Message: Mixed Content: The page at 'https://paypalredirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.bz-berlin.de/data/uploads/2017/05/89755034_1495197043-768x432.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://img.testbericht.de/offerimages/37700010530316.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
img.testbericht.de
ocarlla.com
paypalredirect.com
rlv.zcache.de
upload.wikimedia.org
www.bz-berlin.de
www.neolyd.com
www.oftersheim.de
www.swp.de
www.tennisnet.com
www0.f1online.de
paypalredirect.com
104.111.217.75
144.208.10.23
151.101.128.241
213.221.85.72
2606:4700:3031::6815:208
2606:4700:3031::ac43:92f9
2606:4700:3108::ac42:2ba6
2620:0:862:ed1a::2:b
2a00:1158:1000:300::589
2a00:1450:4001:802::2003
2a00:1450:4001:82a::200a
45.142.179.53
46.245.182.46
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
16d611357cf3db84130734a858f1322e0a17ec5b1761966266f691d2f4a21a4c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e8a9c58f1a09aec761568ab9c851abb6b9d7e0348dd165dbeff49512d604b33
1e9e20732c6581df7d88155e09c4d4e6760fe73f834181b0b42c17fc8e04831e
2093fa1c44d40bff7ca51d387a52fb0bf70880251ceacaa69f18c67f3efb88f8
3b2709bfa17d9cacd051779b518056b6d3b3114fb0dfdd61cee3004f8ce9f959
3d0973a54d1f231e17e71a062371e50ffff320a49835df032230329473c31155
4041c180a9f43d016ed240ae4cce31cb2e5731d26591cd1e9815140121822492
48a0dfcb35728a50647837412515149200110486d731dade126cbfbd8e24540d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49e78bb4759f7046eecf7dd19435c3b405de9a5ddbf8d32c04f02fde37c51d01
6db7c6402487f6c330548ecb04d25abe1e8ab0fba7fcc67628f41099655dd09f
7acea439ffb8bebb81ccf2e9aa33f7bf7440619b4ac63b25d9af079acaab47ae
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
819975150e17faa425993dbd9ebfcced0c5ef1ac1c4d7470c8401e7c1470fc2d
82944ef336cfedb2dabfc27aaa8efdbabd3495777295e473a8a4fa53a43fdeb3
924df9d54b92eb501266cca1d15ff340903d343af839135e6215c0dd0b221c5c
9e26acb1e2121ed84ec8b4b9de40b9b4c016193998db0376f9fd97f4cc4ce772
bb98341e888db5c0234833daf72791190e2cf1782f803d623aa43f78b9934167
c00c027ed2eb47a30ba9e917bb5b8846a218dc89329b0fc7222b37cfb33c93ca
c065a79be7511e259631f7f99f4191ad98befcfcc2f739cb2c18e39f11c48272
c149e16fe998a0fb5333caf33ea99f61114d637eb82fde7186c7d0ec8e15bcf2
c211ac14f0c94929445fe8f1759520592dc5c40c78b5e891f007bc1936c71038
c2579066100deb24c7a2c9bb8b9578dc4c78a773de51057ea5636fa8f0b95300
cafdc75783c661554df0c541ff661181b5e09ed440acd98cbb03d5e0a78bdea7
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d750b731bb8d9bbd928afcddf851f0df242846a5293fac5622e15933c38b41e5
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
dd6a0d87be0ee279645502fcfa980259dbd346ba25a4127f86fca1e3a80f3e86
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620
dfe4c5713f649d1111143d7e273db263476c69a1523c382ff33d4f819fa45798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c4d1779e7d8e3c5299633426006e5e3ef3f71bd4905dca55e80587a912291e

paypalredirect.com Open in urlscan Pro 2606:4700:3031::ac43:92f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

54 %IPv6

13 Domains

13 Subdomains

14 IPs

4 Countries

2772 kBTransfer

3265 kBSize

0 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paypalredirect.com Open in urlscan Pro
2606:4700:3031::ac43:92f9 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

14
IPs

4
Countries

2772 kB
Transfer

3265 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions