urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
72.246.168.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paypal.goqr.me/
Effective URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Submission: On June 30 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 72.246.168.118, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 9th 2020. Valid for: 2 years.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.198.63.94 24940 (HETZNER-AS)
1 19 72.246.168.118 16625 (AKAMAI-AS)
1 23.37.43.154 16625 (AKAMAI-AS)
19 2
Apex Domain
Subdomains		 Transfer
12 paypalobjects.com
www.paypalobjects.com
727 KB
8 paypal.com
www.paypal.com
t.paypal.com
25 KB
1 goqr.me
paypal.goqr.me
506 B
19 3
Domain Requested by
12 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
7 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
1 t.paypal.com
1 paypal.goqr.me 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-12		 2 years crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-12		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Frame ID: CC8B89A5E0B06F9539BF685E824DCE86
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paypal.goqr.me/ HTTP 307
    https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal@service.afgbr.de&item_name=goQR.m... HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa22... Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

750 kB
Transfer

3678 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paypal.goqr.me/ HTTP 307
    https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal@service.afgbr.de&item_name=goQR.me&currency_code=EUR&no_shipping=1&no_note=1&quantity=1 HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shoppingcart
www.paypal.com/webapps/
Redirect Chain
  • http://paypal.goqr.me/
  • https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal@service.afgbr.de&item_name=goQR.me&currency_code=EUR&no_shipping=1&no_note=1&quantity=1
  • https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c33a586f944fbbd739d642befdcf66cfcb0efdbdbb78bdc0b3434b33aa75f249
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ZaNnPpI2EahP9V+Kdfpufi2OXb6Loap2dfI4BNE9i7PMcUTs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTU5MzU1OTAwNDgxMSIsImwiOiIwIiwibSI6IjAifQ; tsrce=xorouternodeweb; ts=vreXpYrS%3D1688167003%26vteXpYrS%3D1593560803%26vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00%26vtyp%3Dnew; nsid=s%3AE4zwXYOwxh2a78pkrffxtraS-a6En9g3.tCerGnE4MId%2BdJsAleLxFQQa96s8RxVVj8OXZvw8CYk; X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dxorouternodeweb%26TIME%3D1593559004%26HTTP_X_PP_AZ_LOCATOR%3Ddcg02.phx; ts_c=vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00; X-PP-L7=1; x-cdn=akamai; akavpau_ppsd=1593559604~id=cbc469dbf8df542aa89e84b6af669a57
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ZaNnPpI2EahP9V+Kdfpufi2OXb6Loap2dfI4BNE9i7PMcUTs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
paypal-debug-id
7e21f89237faf
x-content-type-options
nosniff
x-cookies
{"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"7cN2ehKgLUVMkIVFoMgFv4z2Y0XXKyYqpcaDkrR2IwzBZn6-s-5GJjuGww0_eEjFbWqc9iCJwH8Xi-EV","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"mMeKN9d0nS7Au99ThIxKKPKA5PHM0d9pRRDBebKO1nGeD2G51VoeoPgtXr0v9WKtxc6hpf9WUClxy5Ft_Bnjdl41l8Bcyg1XJ1a0ORmWRcKlLFS1c7OOvbHo9jBA9Hwn1tSp1RgE9Ps2HiaJi58OnC6hJQfiP_rFQYRqG0ytHIywW52pu5zS-wP78478EX-r5BHF6dpQXNknGBNPRYwxkooYKLmT-PPzF0n3o58ABkQYZTQF85mIp0h_xwqtcAy9yuukHbvsA7d1PdtPNIOHDd-we-30B9lQ8AAOeBpngNiiImA53M2R8mGt7UxAPYfI6BrGFMCLUS3aK6uKs7XOx9Wes2ayxz9Vr5f9TiSlsC1m-MwKPAA7PH8z8Mei8MvOgh4BydrwuDSXzaEA9K71QNs_tBtm6dGpqia8Wi7B3CcYyBW8h7KqW1GQx-nih-QOz6I00BYo02DzA2ocUwoL83SJhwth6fB5jVUog1D7HCNv6TH-D7xthYDgyQwCloNeqaBIClIi6vhzrqury_ScqLd_f5tRV6I6NUfdE4SwySzVCZMR35PvlZ1UWWWdoi2i1b1wcT-1os79qs46","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"4nONpwqk9U-In6iHWvuftmieWFk5YJB2qUyH4fF3qDYlYImNA0ZR5fkfM0lO_zxAjC9s-1OtpykbRPjqngI1Gacgway"}
x-cookies-hash
4d8e223eba951f52f2b572e05012fc0b638136d433be03eb364c5d73eec16ca1
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlllU1QySFEwUk1idTRxR2U0bGVCejBLWktIalFKdHpEUkJWWXVLS0tmWHlPRHZyN2w0MU82RlpZcFEtMkVtUjFKVG51SW1nRjhRZG1EOFRDU3UzTkw2YjNhaEJUajFOWGJIWnZScWRjaFhKaFQ2eUExTHlkWGlnR1N4RnB3V29xQk5mbEFfaktwWllMbHpuYWp2Nms1ZENXUklQZ09SMU5xcHFYTVN1ZXplSTBNS2VjUzROM3RTNEphVDAiLCJpYXQiOjE1OTM1NTkwMDUsImV4cCI6MTU5MzU2MjYwNX0.V9q6NWiBeNNOQmQTOmUgSRD9z333J-SvDFFB5Z4XlyI
x-csrf-jwt-hash
c2c6c79ac8e8e280468b61d6939f5b8db4b5952b56cffb14727e953adcae73dc
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-2.paypal.com
x-edgeconnect-midmile-rtt
147
x-edgeconnect-origin-mex-latency
123
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 30 Jun 2020 23:16:45 GMT
content-length
4640
set-cookie
LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Wed, 01 Jul 2020 08:02:41 GMT; Max-Age=31556; HttpOnly; Secure LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Wed, 01 Jul 2020 08:02:41 GMT; Max-Age=31556; HttpOnly; Secure; SameSite=None x-csrf-jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im5KYUxuQ3JIX2RvR1FFWERqbjFKTlR0dTRqY1JhTGVJTXl1YkhoWHRxeng1a0E0VldqbHpPczBKZ01RTXAzVjVwNFR1em1abUhCa3lNekN6b1ZtakYzSnNfNmVGZ2VpaHRlMG1hV0RwMHdYaE5vY2ZBTVhOZHhnWEt5b1RpUGp0Y1AzQUNSZW1kUE83dXI5aWp6VnJlXy1ROFlUQ08wYzh1TEViN05sQXFLYzZUQmVIbS16cmEzcVVEZEsiLCJpYXQiOjE1OTM1NTkwMDUsImV4cCI6MTU5MzU2MjYwNX0.8N7Cn5H4GQj2FFg2XmCjp8inQ3UOZJLnING_oqWAi1E; Path=/; Domain=paypal.com; Expires=Tue, 07 Jul 2020 23:16:45 GMT; HttpOnly; Secure; SameSite=None tsrce=shoppingcartnodeweb; Path=/; Domain=paypal.com; Expires=Fri, 03 Jul 2020 23:16:45 GMT; HttpOnly; Secure; SameSite=None tsrce=shoppingcartnodeweb; Path=/; Domain=paypal.com; Expires=Fri, 03 Jul 2020 23:16:45 GMT; HttpOnly; Secure; SameSite=None X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dshoppingcartnodeweb%26TIME%3D1593559005%26HTTP_X_PP_AZ_LOCATOR%3Ddcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 30 Jun 2020 23:46:45 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1688167005%26vteXpYrS%3D1593560805%26vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00%26vtyp%3Dreturn; Path=/; Domain=paypal.com; Expires=Fri, 30 Jun 2023 23:16:45 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00; Path=/; Domain=paypal.com; Expires=Fri, 30 Jun 2023 23:16:45 GMT; Secure; SameSite=None X-PP-L7=1; Path=/; Domain=paypal.com; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1593559605~id=738ebbb695a4cb75f9906b001820cfe5; Domain=www.paypal.com; Path=/; Secure; SameSite=None
strict-transport-security
max-age=63072000

Redirect headers

status
302
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
262
content-security-policy
default-src 'self' https://*.paypal.com; script-src 'nonce-G8WsUOs0m7A/C+aNSHzUnY+EFzyGECbFw8kUSLXf8X2SRbvs' 'self' https://*.paypal.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
location
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
paypal-debug-id
1aaaa2289b466
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-2.paypal.com
x-edgeconnect-midmile-rtt
141
x-edgeconnect-origin-mex-latency
911
date
Tue, 30 Jun 2020 23:16:44 GMT
set-cookie
LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Wed, 01 Jul 2020 08:02:40 GMT; Max-Age=31556; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Path=/; Domain=paypal.com; Expires=Wed, 30 Jun 2021 23:16:44 GMT; Max-Age=31536000; Secure; SameSite=None x-pp-s=eyJ0IjoiMTU5MzU1OTAwNDgxMSIsImwiOiIwIiwibSI6IjAifQ; Path=/; Domain=paypal.com; HttpOnly; Secure; SameSite=None tsrce=xorouternodeweb; Path=/; Domain=paypal.com; Expires=Fri, 03 Jul 2020 23:16:44 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1688167003%26vteXpYrS%3D1593560803%26vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 30 Jun 2023 23:16:44 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AE4zwXYOwxh2a78pkrffxtraS-a6En9g3.tCerGnE4MId%2BdJsAleLxFQQa96s8RxVVj8OXZvw8CYk; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dxorouternodeweb%26TIME%3D1593559004%26HTTP_X_PP_AZ_LOCATOR%3Ddcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 30 Jun 2020 23:46:44 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00; Path=/; Domain=paypal.com; Expires=Fri, 30 Jun 2023 23:16:44 GMT; Secure; SameSite=None X-PP-L7=1; Path=/; Domain=paypal.com; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1593559604~id=cbc469dbf8df542aa89e84b6af669a57; Domain=www.paypal.com; Path=/; Secure; SameSite=None
server-timing
cdn-cache; desc=MISS edge; dur=143 origin; dur=911
strict-transport-security
max-age=63072000
styles.css
www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/css/styles.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
framework.js
www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/ 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/framework.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e4905263d652cc043a7688119266721f664464c87a97939b75be7ea98bf8ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
content-encoding
gzip
vary
Accept-Encoding
content-length
138441
last-modified
Tue, 19 May 2020 02:23:50 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 30 Jun 2021 23:16:45 GMT
config.js
www.paypal.com/webapps/shoppingcart/static/js/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/static/js/config.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e08fe43accc997aabe42fc17f2ebede308c0a455b70ab4102d3b06b3eab13bf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
95
date
Tue, 30 Jun 2020 23:16:45 GMT
content-encoding
gzip
x-edgeconnect-midmile-rtt
143
etag
W/"8a9f-+EsmwtsPDvXSOdJvbulqEuEOpTs"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
status
200
x-cookies-hash
5178cca94b478e6d44abf875e76c94549d24946ddc14cc205ee8d26da705dcf4
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
caa5f822d02c1
strict-transport-security
max-age=63072000
dc
ccg11-origin-www-2.paypal.com
x-cookies
{}
content-length
4133
main.js
www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/ 		2 MB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/main.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d3fa67a1d9693c0ed08e2d52d328cb5644ee42656b2f73288aa8fccfbacafa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
365362
last-modified
Tue, 19 May 2020 02:23:51 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 30 Jun 2021 23:16:45 GMT
pa.js
www.paypalobjects.com/pa/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfc4edd44398026b0231673cf9e5d60d8d6038fee6e85fae50bc53a8608a9187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
content-encoding
gzip
vary
Accept-Encoding
content-length
17465
last-modified
Tue, 23 Jun 2020 23:51:09 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 01 Jul 2020 00:16:45 GMT
en.js
www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/locales/US/ 		298 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/locales/US/en.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f2558d22abb2f404cc721103bc05097dcc0eeb7c4ecf255908e8d92f9c790d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
69570
last-modified
Tue, 19 May 2020 02:24:01 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 30 Jun 2021 23:16:45 GMT
metadata.js
www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/metadata/US/en/ 		290 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/metadata/US/en/metadata.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
98e81be0a0484f0617cfefc8774408d8d6382f3b9985fbde8ec88f37a4581c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
content-encoding
gzip
vary
Accept-Encoding
content-length
35969
last-modified
Tue, 19 May 2020 02:24:13 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 30 Jun 2021 23:16:45 GMT
csp
www.paypal.com/csplog/api/log/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-qLy/8NlVLu01ZEDdnTlNTyfMTjLfO9qpbeIhiBwJO/p4lNMK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

x-edgeconnect-origin-mex-latency
94
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-qLy/8NlVLu01ZEDdnTlNTyfMTjLfO9qpbeIhiBwJO/p4lNMK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
143
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 30 Jun 2020 23:16:45 GMT
paypal-debug-id
84f9072e9b8a9
strict-transport-security
max-age=63072000
dc
ccg11-origin-www-2.paypal.com
content-length
2
icon_ot_spin_lock_skinny.png
www.paypalobjects.com/images/checkout/hermes/ 		376 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/icon_ot_spin_lock_skinny.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
152ce8da809de0ea4c8a566b9d15f37017d028abfa7352149e7bd8c86af59f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:45 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1324
strict-transport-security
max-age=31536000
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 08 May 2020 01:21:27 GMT
content-length
376
server
Akamai Image Manager
expires
Wed, 01 Jul 2020 11:16:45 GMT
miconfig.js
www.paypalobjects.com/pa/mi/ 		82 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
262b0b8894ab3eac55451328e95c8f15f911d16b2a5b361c78c9ccd820af6f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
Origin
https://www.paypal.com

Response headers

date
Tue, 30 Jun 2020 23:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
13987
last-modified
Fri, 19 Jun 2020 00:30:58 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 01 Jul 2020 00:16:46 GMT
locale
www.paypal.com/webapps/shoppingcart/api/ 		479 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/locale?ipCountry=BE&meta=%7B%22flowlogging_id%22%3A%221aaaa2289b466%22%2C%22calc%22%3A%22c4516a10be060%22%2C%22csci%22%3A%22b5e51520330546fc9fa74271c1d4a8dc%22%2C%22locale%22%3A%7B%7D%2C%22state%22%3A%22ui_checkout_init%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a45bcd6b6fe293ebc678fe397646d8afe93f808f1505ac0a47ef7adac520036
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-+St2LyuHzaBn8sPrjkHU2HFu4YGRXZu49PwcrepdypwMtrCz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
X-Requested-With
XMLHttpRequest
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlllU1QySFEwUk1idTRxR2U0bGVCejBLWktIalFKdHpEUkJWWXVLS0tmWHlPRHZyN2w0MU82RlpZcFEtMkVtUjFKVG51SW1nRjhRZG1EOFRDU3UzTkw2YjNhaEJUajFOWGJIWnZScWRjaFhKaFQ2eUExTHlkWGlnR1N4RnB3V29xQk5mbEFfaktwWllMbHpuYWp2Nms1ZENXUklQZ09SMU5xcHFYTVN1ZXplSTBNS2VjUzROM3RTNEphVDAiLCJpYXQiOjE1OTM1NTkwMDUsImV4cCI6MTU5MzU2MjYwNX0.V9q6NWiBeNNOQmQTOmUgSRD9z333J-SvDFFB5Z4XlyI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
146
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-+St2LyuHzaBn8sPrjkHU2HFu4YGRXZu49PwcrepdypwMtrCz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
141
status
200
paypal-debug-id
297f44dea9acb
dc
ccg11-origin-www-2.paypal.com
x-csrf-jwt-hash
b03b4110d752c8c44d375fb736e9d91c65b432ee28ef2e946d079d82d884c90a
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
SAMEORIGIN
date
Tue, 30 Jun 2020 23:16:46 GMT
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlFWblNwSDZ4OU43WVE0Sk5pNU8tczY1VmdWT1I4ZlhhaC1lX0I5M3ktQ3dSSFE0WWhmREJFY1FDalp3OTYyN0NYallrRE5raWYyaUk5R2RKRm1ESkZSSFgydjB4VjJ5OVY5YlNxZGswU2lBR1JFZmxzSEYxT1FaTzFfdC1GalR1STRCWlB1bEhXcW1DVTA1VnFndFZCYWZmaE9zTDR5YV91WkVzUUhNQkxaSk9YRld5dFBWcm5CN0YtMHEiLCJpYXQiOjE1OTM1NTkwMDYsImV4cCI6MTU5MzU2MjYwNn0.jtkBUip4csTCejbsR2i235jV-IvDGnGFmG-wtwq_tuk
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"1df-hTfo1fkczpWb3y6F7t3fvsIIeyM"
content-length
479
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.js
www.paypalobjects.com/api/ 		582 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/button.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
60d564068c8f17ec2e2680d846e0e7acad1debcc63ac3972fc234892fed56bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:46 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Fri, 16 Sep 2016 16:02:16 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
69149
expires
Wed, 01 Jul 2020 23:16:46 GMT
getData
www.paypal.com/webapps/shoppingcart/api/openbutton/ 		629 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/openbutton/getData
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
408ddcad2796860e51ac75a5cfb68624c5c08c6f2591d478a9a37c0969d393fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-udcglrRpDMwuS95HWWihqMDGWxyaHcEkuxnGv6cE5Wvtojlq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
X-Requested-With
XMLHttpRequest
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlFWblNwSDZ4OU43WVE0Sk5pNU8tczY1VmdWT1I4ZlhhaC1lX0I5M3ktQ3dSSFE0WWhmREJFY1FDalp3OTYyN0NYallrRE5raWYyaUk5R2RKRm1ESkZSSFgydjB4VjJ5OVY5YlNxZGswU2lBR1JFZmxzSEYxT1FaTzFfdC1GalR1STRCWlB1bEhXcW1DVTA1VnFndFZCYWZmaE9zTDR5YV91WkVzUUhNQkxaSk9YRld5dFBWcm5CN0YtMHEiLCJpYXQiOjE1OTM1NTkwMDYsImV4cCI6MTU5MzU2MjYwNn0.jtkBUip4csTCejbsR2i235jV-IvDGnGFmG-wtwq_tuk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-edgeconnect-origin-mex-latency
279
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-udcglrRpDMwuS95HWWihqMDGWxyaHcEkuxnGv6cE5Wvtojlq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
145
etag
W/"275-j0E4eh+lmd1nNzaDlJLFLC9DJuQ"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 30 Jun 2020 23:16:46 GMT
paypal-debug-id
8ed510952290d
strict-transport-security
max-age=63072000
dc
ccg11-origin-www-2.paypal.com
content-length
629
x-xss-protection
1; mode=block
hermes_window_sprite_v15.png
www.paypalobjects.com/images/checkout/hermes/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v15.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b56c19260c64441f5a543fb5980f2bd1313f21cbaa80fe2d2f8c6386f8e227fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:46 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
951
strict-transport-security
max-age=31536000
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 08 May 2020 01:21:40 GMT
content-length
14140
server
Akamai Image Manager
expires
Wed, 01 Jul 2020 11:16:46 GMT
hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
70eef1ed9452841efc7d4431e939d1bddb703d6b0ac4a9d64c097a0f68d65414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 May 2020 01:20:28 GMT
server
Akamai Image Manager
strict-transport-security
max-age=31536000
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=43200
content-length
15830
expires
Wed, 01 Jul 2020 11:16:46 GMT
btn_tracking_pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/btn_tracking_pixel.gif?teal=null&Id=null&ru=null&fltk=undefined&calc=8ed510952290d&page=main:ec:hermes::fullpage-openButton:wps:openbutton:&xe=null&xt=null&fpti=0784b33f1730a495a2823e83ffd82e01&WWW_AKA_MVT_BUTTONS=null&WWW_AKA_MVT_ID=null&ip=82.102.19.136&mrid=null&calf=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 23:16:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
Akamai Image Server
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
cache-control
private, no-transform, max-age=900
content-length
43
expires
Tue, 30 Jun 2020 23:31:48 GMT
log
www.paypal.com/webapps/shoppingcart/api/ 		214 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/585/0e9ed25cea180d56c2e50d184a6eb/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8705734fa06f809ca4cd480ff8286500cb65a8a15f6ee60542b3117acc8e1a75
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Fag7B/VpIwthCfaePlYffxFOH6XRsxv7TEM7wnItdjwaPGQK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
141
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Fag7B/VpIwthCfaePlYffxFOH6XRsxv7TEM7wnItdjwaPGQK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
143
etag
W/"d6-9Tues8xCgouD0tg+UqiVaIfmM+Q"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 30 Jun 2020 23:16:47 GMT
paypal-debug-id
3d6b12854e67b
strict-transport-security
max-age=63072000
dc
ccg11-origin-www-2.paypal.com
content-length
214
x-xss-protection
1; mode=block
ts
t.paypal.com/ 		42 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.14&t=1593559007247&g=-120&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aec%3Ahermes%3A%3Afullpage-openButton&page=main%3Aec%3Ahermes%3A%3Afullpage-openButton%3Awps%3Aopenbutton%3A&vers=member%3Ahermes%3A&qual=fullpage&tmpl=openButton.dust%3Afullpage&goal=openButton%20page&fltk=undefined&calc=8ed510952290d&csci=63f8cacf131040a4bd04ae57b67b7589&pgst=1593559006963&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&e=im&cdn=akamai&ef_policy=ccpa&imsrc=setup&view=%7B%22t10%22%3A1339%2C%22t11%22%3A3418%2C%22tcp%22%3A1978%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=PayPal%20Checkout&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=365&t3=1&t4d=849&t4=849&t4e=0&tt=2556&rdc=0&res=%7B%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=1aaaa2289b466&mfid=1593559004825_1aaaa2289b466
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jun 2020 23:16:47 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Tue, 30 Jun 2020 23:16:47 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| meta object| cookies object| beaconQueue function| beacon function| scripterror function| webpackJsonp object| angular object| config object| __core-js_shared__ object| core boolean| main object| jQuery112407544798516048687 function| $Class function| $Error function| $Contingency function| $Forbidden function| $ApiError function| $FallbackError function| $ShortCircuit object| pre function| preload function| preloadComplete function| $Api function| $Model function| $pxp function| $elmo function| addContent function| addMetadata function| $ContentModel function| $MetadataModel function| $LocaleModel function| $Component function| $ComponentRoute function| $TeslaFlowIdModel function| $PXPModel function| $LocaleConfigModel function| $AppDataModel function| $MessengerIntegrationDataModel function| $TokenizedWalletEligibilityModel function| $TokenizedWalletInfoModel function| $TokenizedFundingCapabilitiesModel function| $TokenizedWalletPinModel function| $TokenizedWalletMsbOfferModel function| $AuthApi function| $AuthModel function| $ULoginModel function| $VenmoOnboardModel function| $VenmoUserModel function| $VenmoSupplementaryInfo function| $VenmoTransactionEligibility function| $CheckoutCartModel function| $CheckoutAppDataModel function| $FundingSourceModel function| $FundingOptionsModel function| $InstallmentOptionsModel function| $FlowEligibilityModel function| $CheckoutShippingAddressModel function| $ShippingAddressModel function| $CheckoutPayeeModel function| $CheckoutShippingAddressesModel function| $CheckoutPlanModel function| $CardBackupModel function| $CheckoutSessionModel function| $FptiDataModel function| $FptiBuilder function| $ShoppingCartModel function| $LandingRoute function| $xoInvalidAddressComponent function| $InvalidAddressRoute function| $CheckoutClientDataModel function| $CheckoutInputDataModel function| $UserInfoModel function| $ValidatePhoneModel function| $AddKYCModel function| $PatchPhoneModel function| $WaxUserModel function| $EConsentModel function| $UserPhotoModel function| $AuthConsentModel function| $UserProductSubscriptionModel function| $xoBanner function| $xoGenericErrorComponent function| $xoGenericErrorPageComponent function| $GenericErrorRoute function| $xoErrorDirective function| $ErrorRoute function| $xoGenericMessagePageComponent function| $GenericMessageRoute function| $OpenButtonModel function| $xoOpenButton function| $xoOpenButtonRoute function| $ShippingMethodModel function| $ShippingRuleSummaryModel function| $xoShoppingCart function| $ShoppingCartRoute function| $xoEmptyCartPageComponent function| $EmptyCartRoute function| $xoSoldoutPageDirective function| $xoSoldOutPageRoute function| $GDPRCookieBannerModel function| $xoMerchantHeaderDirective function| $CreateBAModel function| $SubscriptionModel function| $SubscriptionsV1Model function| $subscription function| _ function| $installmentplan function| $SubscriptionsV1 function| $xoShoppingCartFooter function| $gdprCookieBanner function| $xoCheckoutComponent function| $xoCheckoutRoute boolean| bootstrap object| PAYPAL object| fpti string| fptiserverurl object| root object| injector object| miconfig object| paypal object| _ifpti object| laDataLayer

12 Cookies

Domain/Path Name / Value
.paypal.com/ Name: X-PP-SILOVER
Value: name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dshoppingcartnodeweb%26TIME%3D1593559005%26HTTP_X_PP_AZ_LOCATOR%3Ddcg02.phx
www.paypal.com/ Name: nsid
Value: s%3AE4zwXYOwxh2a78pkrffxtraS-a6En9g3.tCerGnE4MId%2BdJsAleLxFQQa96s8RxVVj8OXZvw8CYk
.paypal.com/ Name: tsrce
Value: cspreportnodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTU5MzU1OTAwNTQ2NSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1688167005%26vteXpYrS%3D1593560805%26vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00%26vtyp%3Dreturn
.paypal.com/ Name: x-cdn
Value: akamai
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: X-PP-L7
Value: 1
.www.paypal.com/ Name: akavpau_ppsd
Value: 1593559605~id=738ebbb695a4cb75f9906b001820cfe5
.paypal.com/ Name: ts_c
Value: vr%3D0784b33f1730a495a2823e83ffd82e01%26vt%3D0784b33f1730a495a2823e83ffd82e00
.paypal.com/ Name: x-csrf-jwt
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im5KYUxuQ3JIX2RvR1FFWERqbjFKTlR0dTRqY1JhTGVJTXl1YkhoWHRxeng1a0E0VldqbHpPczBKZ01RTXAzVjVwNFR1em1abUhCa3lNekN6b1ZtakYzSnNfNmVGZ2VpaHRlMG1hV0RwMHdYaE5vY2ZBTVhOZHhnWEt5b1RpUGp0Y1AzQUNSZW1kUE83dXI5aWp6VnJlXy1ROFlUQ08wYzh1TEViN05sQXFLYzZUQmVIbS16cmEzcVVEZEsiLCJpYXQiOjE1OTM1NTkwMDUsImV4cCI6MTU5MzU2MjYwNX0.8N7Cn5H4GQj2FFg2XmCjp8inQ3UOZJLnING_oqWAi1E
.paypal.com/ Name: LANG
Value: en_US%3BUS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ZaNnPpI2EahP9V+Kdfpufi2OXb6Loap2dfI4BNE9i7PMcUTs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block