urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
23.210.248.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cl.ly/7ea2267d05c3/tulangpunggung.html=ULWRBNBEPQ
Effective URL: https://www.paypal.com/de/home
Submission Tags: phishing malicious Search All
Submission: On July 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 6 HTTP transactions. The main IP is 23.210.248.226, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 14th 2018. Valid for: 2 years.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.165.109.27 14618 (AMAZON-AES)
1 1 3.223.87.48 14618 (AMAZON-AES)
1 13.32.222.209 16509 (AMAZON-02)
1 2 87.240.129.133 47541 (VKONTAKTE...)
2 2 45.40.140.1 26496 (AS-26496-...)
1 1 162.241.65.240 46606 (UNIFIEDLA...)
2 3 23.210.248.226 16625 (AKAMAI-AS)
6 4
1    54.165.109.27 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-109-27.compute-1.amazonaws.com
cl.ly
1    3.223.87.48 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-223-87-48.compute-1.amazonaws.com
my.cl.ly
1    13.32.222.209 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-209.fra56.r.cloudfront.net
d1wuojemv4s7aw.cloudfront.net
2    87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv133-129-240-87.vk.com
vk.com
away.vk.com
2    45.40.140.1 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net
x.co
1    162.241.65.240 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-65-240.unifiedlayer.com
manage.order.unauthorized-webserviced.com
3    23.210.248.226 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com
www.paypal.com
Apex Domain
Subdomains		 Transfer
3 paypal.com
www.paypal.com
4 KB
2 x.co
x.co
309 B
2 vk.com
vk.com
away.vk.com
1 KB
2 cl.ly
cl.ly
my.cl.ly
902 B
1 unauthorized-webserviced.com
manage.order.unauthorized-webserviced.com
242 B
1 cloudfront.net
d1wuojemv4s7aw.cloudfront.net
481 B
0 paypalobjects.com Failed
www.paypalobjects.com Failed
6 7
Domain Requested by
3 www.paypal.com 2 redirects away.vk.com
2 x.co 2 redirects
1 manage.order.unauthorized-webserviced.com 1 redirects
1 away.vk.com
1 vk.com 1 redirects
1 d1wuojemv4s7aw.cloudfront.net
1 my.cl.ly 1 redirects
1 cl.ly 1 redirects
0 www.paypalobjects.com Failed www.paypal.com
6 9

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-14 -
2020-08-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/de/home
Frame ID: DD3EB23D878DC06F9D23DB495EEEF02C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cl.ly/7ea2267d05c3/tulangpunggung.html=ULWRBNBEPQ HTTP 301
    https://my.cl.ly/content/7ea2267d05c3 HTTP 302
    https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html Page URL
  2. https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FtXsaY&post=554911599_5&cc_key=DSFU98234532 HTTP 302
    http://away.vk.com/away.php Page URL
  3. http://x.co/sD3Fwsd HTTP 301
    https://x.co/sD3Fwsd HTTP 302
    https://manage.order.unauthorized-webserviced.com/?redteross HTTP 302
    https://www.paypal.com/?redteross HTTP 302
    https://www.paypal.com/home HTTP 302
    https://www.paypal.com/de/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

6
Requests

33 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

4
IPs

3
Countries

1 kB
Transfer

70 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.ly/7ea2267d05c3/tulangpunggung.html=ULWRBNBEPQ HTTP 301
    https://my.cl.ly/content/7ea2267d05c3 HTTP 302
    https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html Page URL
  2. https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FtXsaY&post=554911599_5&cc_key=DSFU98234532 HTTP 302
    http://away.vk.com/away.php Page URL
  3. http://x.co/sD3Fwsd HTTP 301
    https://x.co/sD3Fwsd HTTP 302
    https://manage.order.unauthorized-webserviced.com/?redteross HTTP 302
    https://www.paypal.com/?redteross HTTP 302
    https://www.paypal.com/home HTTP 302
    https://www.paypal.com/de/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cl.ly/7ea2267d05c3/tulangpunggung.html=ULWRBNBEPQ HTTP 301
  • https://my.cl.ly/content/7ea2267d05c3 HTTP 302
  • https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html
Request Chain 1
  • https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FtXsaY&post=554911599_5&cc_key=DSFU98234532 HTTP 302
  • http://away.vk.com/away.php

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tulangpunggung.html
d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/
Redirect Chain
  • https://cl.ly/7ea2267d05c3/tulangpunggung.html=ULWRBNBEPQ
  • https://my.cl.ly/content/7ea2267d05c3
  • https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html
136 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.209 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-209.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
190adc58d89e6a6500b8e8cea8515329b1c74142256ee0c0e97a507599aacffd

Request headers

:method
GET
:authority
d1wuojemv4s7aw.cloudfront.net
:scheme
https
:path
/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
content-type
text/html
content-length
136
date
Sat, 27 Jul 2019 21:08:16 GMT
last-modified
Sat, 27 Jul 2019 18:44:47 GMT
etag
"ec409c4e854502ad4b9cf8e98662a8a8"
x-amz-meta-slug
7ea2267d05c3
accept-ranges
bytes
server
AmazonS3
age
3041
x-cache
Hit from cloudfront
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
EqoqzdtTU2SI8aVFFZyMvquQifV9bDowKbLypRmRnRAW4YIPOz57XA==

Redirect headers

Cache-Control
must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Date
Sat, 27 Jul 2019 21:58:53 GMT
Expires
Wed, 13 Jun 1990 00:00:00 UTC +00:00
Location
https://d1wuojemv4s7aw.cloudfront.net/items/2z1R2H2Q1N0R2n3o2f2t/tulangpunggung.html
Pragma
no-cache
Server
nginx
Set-Cookie
_engine_session=ed3fac8db2685c5e0c67e2e1a1af4d47; domain=.my.cl.ly; path=/; HttpOnly
Status
302 Found
X-Frame-Options
DENY
X-Request-Id
d1942bd6968beeb2c5e71b75ccd33cc8
X-Runtime
0.038228
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
150
Connection
keep-alive
Cookie set away.php
away.vk.com/
Redirect Chain
  • https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FtXsaY&post=554911599_5&cc_key=DSFU98234532
  • http://away.vk.com/away.php
344 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
http://away.vk.com/away.php
Protocol
HTTP/1.1
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
VK / PHP/3.20244
Resource Hash
ac1a181819d52b6016432abcb27311ff793504e87a3a7cddbb80cf58058dbac1

Request headers

Host
away.vk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
remixlang=6; remixsec_redir=http%3A%2F%2Fx.co%2FsD3Fwsd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Server
VK
Date
Sat, 27 Jul 2019 21:58:59 GMT
Content-Type
text/html; charset=windows-1251
Content-Length
241
Connection
keep-alive
X-Powered-By
PHP/3.20244
Cache-control
no-store
Set-Cookie
remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; domain=.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=away.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/
Content-Encoding
gzip

Redirect headers

status
302
server
VK
date
Sat, 27 Jul 2019 21:58:58 GMT
content-type
text/html; charset=windows-1251
content-length
20
location
http://away.vk.com/away.php
x-powered-by
PHP/3.20244
set-cookie
remixlang=6; expires=Fri, 31 Jul 2020 02:38:40 GMT; path=/; domain=.vk.com remixsec_redir=http%3A%2F%2Fx.co%2FtXsaY; path=/; domain=.vk.com
cache-control
no-store
content-encoding
gzip
strict-transport-security
max-age=15768000
x-frontend
front623307
access-control-expose-headers
X-Frontend
Primary Request home
www.paypal.com/de/
Redirect Chain
  • http://x.co/sD3Fwsd
  • https://x.co/sD3Fwsd
  • https://manage.order.unauthorized-webserviced.com/?redteross
  • https://www.paypal.com/?redteross
  • https://www.paypal.com/home
  • https://www.paypal.com/de/home
69 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/de/home
Requested by
Host: away.vk.com
URL: http://away.vk.com/away.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-grwQ8cHxi6b2/U7mlfBQCPQS5sibAAh7GazRs9WHaijlqXmJ' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/de/home
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://away.vk.com/away.php
accept-encoding
gzip, deflate, br
cookie
cookie_check=yes; consumer_display=USER_HOMEPAGE%3d0%26USER_TARGETPAGE%3d0%26USER_FILTER_CHOICE%3d0%26BALANCE_MODULE_STATE%3d1%26GIFT_BALANCE_MODULE_STATE%3d1%26LAST_SELECTED_ALIAS_ID%3d0%26SELLING_GROUP%3d1%26PAYMENT_AND_RISK_GROUP%3d1%26SHIPPING_GROUP%3d1%26HOME_VERSION%3d1%26MCE2_ELIGIBILITY%3d4294967295; AKDC=phx-origin-www-2.paypal.com; cwrClyrK4LoCV1fydGbAxiNL6iG=PDeelLi8daQq1u3fVpNDmyeK2js7aRYA3Hl9W7Ri7eRaL29tN72hhPtXtqhZV7nYCkVcJz7n9uXhNzJY0dUFCWZSuuoRB572vk2IRueP8oKCwGVGZWlezEc89zMaINmoWiieiVmZlNPbcWMwW5CMlNEjt9DvSHfS0ugSeNfKVCYtBLk8IhHS0Gylqwz494pMFnqBCzRUqAyv8Y2K1FUXfAFyeKNlNwoh0v0NEwDfbAOubJufsGJUbC0zhgW; LANG=de_DE%3BDE; enforce_policy=gdpr_eu; tsrce=mppnodeweb; X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D868826205%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; akavpau_ppsd=1564265356~id=ec83d767360c8875254d2dc22b07b7da; x-pp-s=eyJ0IjoiMTU2NDI2NDc1NjA4MiIsImwiOiIwIiwibSI6IjAifQ; ts=vr%3D3571f32f16c0a1117e8ea7fdfff95540%26vreXpYrS%3D1658935533%26vteXpYrS%3D1564266556%26vt%3D3571f34516c0a1117e8ea7fdfff9553f; nsid=s%3AoTpKxxZeAOM0Gj-Yx1LjnOGNTXcwTBa6.wgjcbJvAB6fpPSGyhCvjYB4huRx%2Fg25dmLwzvk4oExk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
http://away.vk.com/away.php

Response headers

status
200
server
Apache
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
paypal-debug-id
a7c89f75d978 a7c89f75d978
cache-control
no-cache max-age=0, no-cache, no-store, must-revalidate
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-grwQ8cHxi6b2/U7mlfBQCPQS5sibAAh7GazRs9WHaijlqXmJ' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
etag
W/"195ec-q5MhkM2fbURTtm3LgCGA3mQotmY"
http_x_pp_az_locator
dcg12.slc
content-encoding
gzip
pragma
no-cache
content-type
text/html; charset=utf-8
dc
phx-origin-www-2.paypal.com
content-length
21092
x-edgeconnect-midmile-rtt
147
x-edgeconnect-origin-mex-latency
342
date
Sat, 27 Jul 2019 21:59:16 GMT
vary
Accept-Encoding
set-cookie
enforce_policy=gdpr_eu; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 26 Jul 2020 21:59:16 GMT; Secure consumer_display=USER_HOMEPAGE%3D0%26USER_TARGETPAGE%3D0%26USER_FILTER_CHOICE%3D0%26BALANCE_MODULE_STATE%3D1%26GIFT_BALANCE_MODULE_STATE%3D1%26LAST_SELECTED_ALIAS_ID%3D0%26SELLING_GROUP%3D1%26PAYMENT_AND_RISK_GROUP%3D1%26SHIPPING_GROUP%3D1%26MCE2_ELIGIBILITY%3D4294967295; Max-Age=63158399; Domain=.paypal.com; Path=/; Expires=Tue, 27 Jul 2021 21:59:15 GMT; HttpOnly; Secure LANG=de_DE%3BDE; Max-Age=31555; Domain=.paypal.com; Path=/; Expires=Sun, 28 Jul 2019 06:45:11 GMT; HttpOnly; Secure x-pp-s=eyJ0IjoiMTU2NDI2NDc1NjY1OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D885603421%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; Expires=Sat, 27 Jul 2019 22:29:16 GMT; domain=.paypal.com; path=/; Secure; HttpOnly X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT akavpau_ppsd=1564265356~id=ec83d767360c8875254d2dc22b07b7da; Domain=www.paypal.com; Path=/; Secure; HttpOnly
strict-transport-security
max-age=63072000

Redirect headers

status
302
server
Apache
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
paypal-debug-id
65ac6c05e47ef 65ac6c05e47ef
cache-control
no-cache max-age=0, no-cache, no-store, must-revalidate
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-4jgatJX8TjT6cQQHALp2jeGAO4sA2eeNbPyuI2FJW/FHxGkZ' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
http_x_pp_az_locator
dcg12.slc
location
/de/home
content-encoding
gzip
pragma
no-cache
content-type
text/html; charset=utf-8
dc
phx-origin-www-2.paypal.com
content-length
80
x-edgeconnect-midmile-rtt
155
x-edgeconnect-origin-mex-latency
176
date
Sat, 27 Jul 2019 21:59:16 GMT
vary
Accept-Encoding
set-cookie
LANG=de_DE%3BDE; Max-Age=31555; Domain=.paypal.com; Path=/; Expires=Sun, 28 Jul 2019 06:45:11 GMT; HttpOnly; Secure enforce_policy=gdpr_eu; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 26 Jul 2020 21:59:16 GMT; Secure x-pp-s=eyJ0IjoiMTU2NDI2NDc1NjA4MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=mppnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jul 2019 21:59:16 GMT; HttpOnly; Secure ts=vr%3D3571f32f16c0a1117e8ea7fdfff95540%26vreXpYrS%3D1658935533%26vteXpYrS%3D1564266556%26vt%3D3571f34516c0a1117e8ea7fdfff9553f; Domain=.paypal.com; Path=/; Expires=Wed, 27 Jul 2022 15:25:33 GMT; HttpOnly; Secure nsid=s%3AoTpKxxZeAOM0Gj-Yx1LjnOGNTXcwTBa6.wgjcbJvAB6fpPSGyhCvjYB4huRx%2Fg25dmLwzvk4oExk; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D868826205%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; Expires=Sat, 27 Jul 2019 22:29:16 GMT; domain=.paypal.com; path=/; Secure; HttpOnly X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT akavpau_ppsd=1564265356~id=ec83d767360c8875254d2dc22b07b7da; Domain=www.paypal.com; Path=/; Secure; HttpOnly
strict-transport-security
max-age=63072000
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		0
0
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		0
0
6460cdd6f6cc8c50e343560004f0882fcee345.css
www.paypalobjects.com/eboxapps/css/d1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/eboxapps/css/d1/6460cdd6f6cc8c50e343560004f0882fcee345.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies