www.paypal-status.com Open in urlscan Pro
20.69.68.249  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request production Show response www.paypal-status.com/incident/	842 B 2 KB	299ms 124ms	Document text/html	20.69.68.249 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.paypal-status.com/incident/production Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.68.249 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 52f661a25a5c6ba5d186f31a78f999d24200d741f9907c6fd10e167275e5cb98 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com Strict-Transport-Security max-age=31536000 Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 10 Jan 2024 18:21:45 GMT ETag W/"34a-jM7T56hjhZ3J3i6iWM3lyD0t0vs" Server nginx/1.10.3 (Ubuntu) Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked content-security-policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H/1.1	200 OK	app.css www.paypal-status.com/css/	122 KB 123 KB	78ms 77ms	Stylesheet text/css	20.69.68.249 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.paypal-status.com/css/app.css Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/incident/production Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.68.249 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 6448b277dd2faa344ae7ae5b0de43d248019e02e5f5a30dbfd6c5925c9b54aef Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:21:45 GMT Strict-Transport-Security max-age=31536000 Last-Modified Wed, 13 Dec 2023 10:05:42 GMT Server nginx/1.10.3 (Ubuntu) ETag W/"1e938-18c62a3aca3" Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 125240
GET H2	200	pa.js Show response www.paypalobjects.com/pa/js/min/	69 KB 26 KB	149ms 37ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/js/min/pa.js Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/incident/production Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/78CA) / Resource Hash 6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:45 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 24866f52664ab dc ccg11-origin-www-1.paypal.com content-length 25950 last-modified Tue, 09 Jan 2024 00:35:14 GMT server ECAcc (nya/78CA) traceparent 00-000000000000000000024866f52664ab-7868cbe59a48b344-01 etag "659c94c2-1148a+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:45 GMT
GET H/1.1	200 OK	bundle.js Show response www.paypal-status.com/	1 MB 300 KB	227ms 76ms	Script text/javascript	20.69.68.249 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.paypal-status.com/bundle.js Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/incident/production Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.68.249 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash aca9811bc9fe2189931ecbde10d032e4bc36ab42c37d88c6c6e8cb3787f4ae54 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:21:45 GMT Content-Encoding gzip Strict-Transport-Security max-age=31536000 Last-Modified Wed, 13 Dec 2023 10:05:38 GMT Server nginx/1.10.3 (Ubuntu) ETag W/"4adff-18c62a39a8f" Content-Type text/javascript Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 306687
GET H2	200	latmconf.js Show response www.paypalobjects.com/pa/mi/paypal/	339 KB 38 KB	115ms 30ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/mi/paypal/latmconf.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/78E6) / Resource Hash 3e18ef3d47cc69a8aecdba37fa9d10123d5b710db33431bc267e1c76a0201a62 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ Origin https://www.paypal-status.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:45 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 327c9692f6b74 dc ccg11-origin-www-1.paypal.com content-length 38242 last-modified Tue, 09 Jan 2024 00:35:14 GMT server ECAcc (nya/78E6) traceparent 00-0000000000000000000327c9692f6b74-f9a7bae9e29730a4-01 etag "659c94c2-54d35+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:45 GMT
GET H2	200	OrchestratorMain.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	7 KB 3 KB	34ms 34ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/7919) / Resource Hash 8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ Origin https://www.paypal-status.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:45 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id fe3cc6b9ca237 dc ccg11-origin-www-1.paypal.com content-length 3326 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/7919) traceparent 00-0000000000000000000fe3cc6b9ca237-69f34220ed243a95-01 etag W/"659c94c3-1d47" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:45 GMT
GET H2	200	12.2e4d3453d92fa382c1f6.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	56 KB 16 KB	35ms 35ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/79E5) / Resource Hash 9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id c97d141f38727 dc ccg11-origin-www-1.paypal.com content-length 16141 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/79E5) traceparent 00-0000000000000000000c97d141f38727-06030882664c5e4f-01 etag W/"659c94c3-e017" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:46 GMT
GET H/1.1	200 OK	components Show response www.paypal-status.com/api/v1/	21 KB 22 KB	110ms 110ms	Fetch application/json	20.69.68.249 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.paypal-status.com/api/v1/components Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.68.249 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 8527c74b50749fdb9c69b27adda275157a55fa83c983d668ab9922a49a6ba316 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000 x-content-type-options nosniff content-security-policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com Server nginx/1.10.3 (Ubuntu) ETag W/"5412-8rcx+WoE0jinvzxG8ZRYKWwN6Gs" x-frame-options SAMEORIGIN Content-Type application/json; charset=utf-8 Connection keep-alive Content-Length 21522 x-xss-protection 1; mode=block
GET H/1.1	200 OK	events Show response www.paypal-status.com/api/v1/	755 KB 756 KB	108ms 108ms	Fetch application/json	20.69.68.249 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.paypal-status.com/api/v1/events?s=true Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.69.68.249 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 34233b1083053799aaa8f716e8bf4024ce602505f61f29cafbbd8289b67dfa3a Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000 x-content-type-options nosniff content-security-policy default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com Server nginx/1.10.3 (Ubuntu) ETag W/"bcc37-T3lo3Ofi/OIZNm69MjQaubpNMIA" x-frame-options SAMEORIGIN Content-Type application/json; charset=utf-8 Connection keep-alive Content-Length 773175 x-xss-protection 1; mode=block
GET H2	200	ppcom.svg www.paypalobjects.com/webstatic/i/logo/rebrand/	5 KB 2 KB	40ms 40ms	Image image/svg+xml	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom.svg Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/css/app.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/79ED) / Resource Hash bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id aaa73975d3b4 dc ccg11-origin-www-1.paypal.com content-length 2369 last-modified Mon, 21 Apr 2014 21:29:42 GMT server ECAcc (nya/79ED) traceparent 00-00000000000000000000aaa73975d3b4-d7eeedd3212bd421-01 etag W/"53558dc6-15d4" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	PayPalSansBig-Regular.woff www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/	49 KB 49 KB	34ms 34ms	Font font/woff	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Regular.woff Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/css/app.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/78CC) / Resource Hash 4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ Origin https://www.paypal-status.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id 69672734b7348 dc ccg11-origin-www-1.paypal.com content-length 50031 last-modified Wed, 30 Sep 2015 05:09:04 GMT server ECAcc (nya/78CC) traceparent 00-000000000000000000069672734b7348-26f2f3853f19d6c5-01 etag "560b6e70-c36f" content-type font/woff access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Wed, 10 Jan 2024 19:21:46 GMT
POST H2	200	Targeting.php Show response zn6x1kz7ll5vk5v5q-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/	3 KB 2 KB	333ms 149ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn6x1kz7ll5vk5v5q-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6X1kz7ll5Vk5V5Q&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec1bba0b2486fc361b965beb3b5e088a9f4766366a46fc8d8a6518e9417adae5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://www.paypal-status.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 2e470171f4fcf8d2 cf-ray 8436f10d391439e9-YYZ timing-allow-origin *
GET H2	200	ts t.paypal.com/	42 B 791 B	256ms 117ms	Image image/gif	151.101.1.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.8.12&t=1704910906523&g=600&comp=ppstatusnodeweb&e=im&imsrc=setup&view=%7B%22t10%22%3A176%2C%22t11%22%3A1138%2C%22tcp%22%3A1047%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=PayPal%20Status%20Page&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=176&t1c=176&t1d=0&t1s=79&t2=123&t3=1&t4d=0&t4=0&t4e=2&tt=1086&rdc=0&protocol=http%2F1.1&res=%7B%7D&3p_vid=2e73bb336b543187&3p_fpti=3ffa02426f3c098c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-cache-hits 0, 0 date Wed, 10 Jan 2024 18:21:46 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id ed8d584d872ab server-timing content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-bur-kbur8200139-BUR, cache-yyz4542-YYZ pragma no-cache correlation-id ed8d584d872ab traceparent 00-0000000000000000000ed8d584d872ab-36f9b562bd169a41-01 x-timer S1704910907.671860,VS0,VE91 vary Accept-Encoding content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 10 Jan 2024 18:21:46 GMT
GET H2	200	PayPalSansBig-Light.woff www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/	48 KB 48 KB	37ms 36ms	Font font/woff	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/css/app.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/794D) / Resource Hash c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ Origin https://www.paypal-status.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id b558ea7d24249 dc ccg11-origin-www-1.paypal.com content-length 49115 last-modified Wed, 30 Sep 2015 05:09:04 GMT server ECAcc (nya/794D) traceparent 00-0000000000000000000b558ea7d24249-74c1f8414872883f-01 etag "560b6e70-bfdb" content-type font/woff access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	PayPalSansSmall-Regular.woff www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/	46 KB 46 KB	38ms 37ms	Font font/woff	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff Requested by Host: www.paypal-status.com URL: https://www.paypal-status.com/css/app.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/1C65) / Resource Hash ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal-status.com/ Origin https://www.paypal-status.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id e2f84c25489e2 dc ccg11-origin-www-1.paypal.com content-length 47339 last-modified Wed, 30 Sep 2015 05:09:04 GMT server ECAcc (nya/1C65) traceparent 00-0000000000000000000e2f84c25489e2-04633c8a5e2ee7f8-01 etag "560b6e70-b8eb" content-type font/woff access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	CoreModule.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	100 KB 29 KB	34ms 33ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/78CE) / Resource Hash ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 23fe3d8f82e19 dc ccg11-origin-www-1.paypal.com content-length 29913 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/78CE) traceparent 00-000000000000000000023fe3d8f82e19-a44d077f9b26f5ad-01 etag "659c94c3-190b6+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	4.bee7caf079144a7b9980.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	2 KB 1 KB	35ms 34ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/1C1E) / Resource Hash ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id f3769ebb5d69d dc ccg11-origin-www-1.paypal.com content-length 1231 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/1C1E) traceparent 00-0000000000000000000f3769ebb5d69d-4e10008d2038961d-01 etag "659c94c3-9ed+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	1.1303dc17a61da0f506d3.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	29 KB 7 KB	36ms 35ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/79E7) / Resource Hash e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id de274de42da91 dc ccg11-origin-www-1.paypal.com content-length 6548 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/79E7) traceparent 00-0000000000000000000de274de42da91-355d71f47d2af1b8-01 etag "659c94c3-7257+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	17.0e47ac923c1fa85e46cf.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	19 KB 8 KB	37ms 37ms	Script application/javascript	192.229.210.155 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.210.155 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nya/7947) / Resource Hash b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:21:46 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 92278ed5317bc dc ccg11-origin-www-1.paypal.com content-length 7754 last-modified Tue, 09 Jan 2024 00:35:15 GMT server ECAcc (nya/7947) traceparent 00-000000000000000000092278ed5317bc-f61b7901a61294c0-01 etag "659c94c3-4a99+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token expires Wed, 10 Jan 2024 19:21:46 GMT
GET H2	200	ts t.paypal.com/	42 B 494 B	118ms 118ms	Image image/gif	151.101.1.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.8.12&t=1704910907525&g=600&comp=ppstatusnodeweb&event_name=t_paypal_cpl&t1=139&t1c=139&t1d=0&t1s=104&t2=118&t3=1&tt=258&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A139%2C%22t11%22%3A258%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=2e73bb336b543187&3p_fpti=3ffa02426f3c098c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://www.paypal-status.com/incident/production User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-cache-hits 0, 0 date Wed, 10 Jan 2024 18:21:47 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 040b65e2b8587 server-timing content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-bur-kbur8200024-BUR, cache-yyz4542-YYZ pragma no-cache correlation-id 040b65e2b8587 traceparent 00-0000000000000000000040b65e2b8587-139672e2664aaa4a-01 x-timer S1704910908.538755,VS0,VE100 vary Accept-Encoding content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 10 Jan 2024 18:21:47 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| PAYPAL object| fpti string| fptiserverurl object| options object| _ifpti object| latmconf object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.64.1 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| OOo function| launchOpinionLabFeedback object| _qsie

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.paypal-status.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A2Aak0ANIZMREX5g0Evd99cu9LjsMxsDY.%2Fzhzwb38jU1AYipuEFos2Q%2BrLdEVmmTqOG5J5Dh9Cpg
			.paypal.com/	1970-01-21 03:11:10	Name: ts_c Value: vr%3D3ffa02426f3c098c%26vt%3D2e73bb336b543187
			.paypal.com/	1970-01-21 03:11:10	Name: ts Value: vreXpYrS%3D1799518907%26vteXpYrS%3D1704912707%26vr%3D3ffa02426f3c098c%26vt%3D2e73bb336b543187

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://*.paypal.com https://*.paypalcorp.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https://*.paypalobjects.com https://*.paypal.com https://*.doubleclick.net https://*.google-analytics.com https://*.qualtrics.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypalobjects.com; media-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com https://*.qualtrics.com
Strict-Transport-Security	max-age=31536000
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.paypal-status.com
www.paypalobjects.com
zn6x1kz7ll5vk5v5q-paypalxm.siteintercept.qualtrics.com
104.17.209.240
151.101.1.35
192.229.210.155
20.69.68.249
34233b1083053799aaa8f716e8bf4024ce602505f61f29cafbbd8289b67dfa3a
3e18ef3d47cc69a8aecdba37fa9d10123d5b710db33431bc267e1c76a0201a62
4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47
52f661a25a5c6ba5d186f31a78f999d24200d741f9907c6fd10e167275e5cb98
6448b277dd2faa344ae7ae5b0de43d248019e02e5f5a30dbfd6c5925c9b54aef
6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8527c74b50749fdb9c69b27adda275157a55fa83c983d668ab9922a49a6ba316
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
aca9811bc9fe2189931ecbde10d032e4bc36ab42c37d88c6c6e8cb3787f4ae54
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
ec1bba0b2486fc361b965beb3b5e088a9f4766366a46fc8d8a6518e9417adae5