Submitted URL: https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj
Effective URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Submission Tags: phishing malicious Search All
Submission: On February 18 via api from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 72.246.168.118, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 13th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 207.174.215.4 394695 (PUBLIC-DO...)
1 2a00:1450:400... 15169 (GOOGLE)
17 72.246.168.118 16625 (AKAMAI-AS)
5 23.37.43.154 16625 (AKAMAI-AS)
24 4
Domain Requested by
15 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
5 t.paypal.com www.paypal.com
2 www.paypal.com www.google.lu
www.paypalobjects.com
1 www.google.lu qutoneceramic.com
1 qutoneceramic.com
24 5

This site contains links to these domains. Also see Links.

Domain
www.paypalobjects.com
www.izettle.com
Subject Issuer Validity Valid
www.qutoneceramic.com
R3
2020-12-26 -
2021-03-26
3 months crt.sh
*.google.lu
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-01-13 -
2022-01-11
a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-11-18 -
2021-11-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Frame ID: 8115E11C4109ED419F27C060977777DA
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj Page URL
  2. https://www.google.lu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=2ahUKEwjX5uP0_e_dAhXGhKYKHWzMBZ... Page URL
  3. https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

285 kB
Transfer

940 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj Page URL
  2. https://www.google.lu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=2ahUKEwjX5uP0_e_dAhXGhKYKHWzMBZMQFjABegQICRAB&url=https%3A%2F%2Fwww.paypal.com%2Fuk%2Fwebapps%2Fmpp%2Fua%2Flegalhub-full&usg=AOvVaw32BtLazhZJg8bA_laZ3rOz Page URL
  3. https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sign-in.php
qutoneceramic.com/a/
263 B
463 B
Document
General
Full URL
https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.215.4 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
eec0755583897afeb7c94a5eed0f785afda824438d6497e4513e5e5edae4bf6e

Request headers

:method
GET
:authority
qutoneceramic.com
:scheme
https
:path
/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
server
nginx/1.19.5
content-type
text/html; charset=UTF-8
content-length
240
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-server-cache
false
set-cookie
PHPSESSID=f3849a6ca434f2632f9fed1f1ccfd5b7; path=/
url
www.google.lu/
963 B
1 KB
Document
General
Full URL
https://www.google.lu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=2ahUKEwjX5uP0_e_dAhXGhKYKHWzMBZMQFjABegQICRAB&url=https%3A%2F%2Fwww.paypal.com%2Fuk%2Fwebapps%2Fmpp%2Fua%2Flegalhub-full&usg=AOvVaw32BtLazhZJg8bA_laZ3rOz
Requested by
Host: qutoneceramic.com
URL: https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.lu
:scheme
https
:path
/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=2ahUKEwjX5uP0_e_dAhXGhKYKHWzMBZMQFjABegQICRAB&url=https%3A%2F%2Fwww.paypal.com%2Fuk%2Fwebapps%2Fmpp%2Fua%2Flegalhub-full&usg=AOvVaw32BtLazhZJg8bA_laZ3rOz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://qutoneceramic.com/a/sign-in.php?cuntry.x=G&locele.x=en_GB&returnURL=OXDNUZSYeaSPGGBmnZlZDitTj

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
482
x-xss-protection
0
set-cookie
NID=209=pKbYzj7PQsao8to5cG-xtw9Av3xpKRcv8qqnwIjuvQ9PU4EEZSwU3y_w59JskobGNHMhQL_F30y5-i9tjiU_UGwiehDoNJiw-c8fG9V1CZzegcAHbVvOu-GL7shEAQUJRfUYDKQdpsM3llxiNVxYzZN9-IciPjycP_-lj8mlaZU; expires=Fri, 20-Aug-2021 16:12:02 GMT; path=/; domain=.google.lu; Secure; HttpOnly; SameSite=none CONSENT=PENDING+343; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.lu
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Primary Request legalhub-full
www.paypal.com/uk/webapps/mpp/ua/
39 KB
12 KB
Document
General
Full URL
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Requested by
Host: www.google.lu
URL: https://www.google.lu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=2ahUKEwjX5uP0_e_dAhXGhKYKHWzMBZMQFjABegQICRAB&url=https%3A%2F%2Fwww.paypal.com%2Fuk%2Fwebapps%2Fmpp%2Fua%2Flegalhub-full&usg=AOvVaw32BtLazhZJg8bA_laZ3rOz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99d4252b0fe4c6c472fa5d5a9905fa7e7bfb8021a0bce1f5cd7dde4d439c59e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://*.qualtrics.com; script-src 'nonce-/XWDVbgs8ICDyWqykXW3BfduuhJy1iinHPoLRHViFQUMVz+U' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.dialogtech.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/uk/webapps/mpp/ua/legalhub-full
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.google.lu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.google.lu/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://*.qualtrics.com; script-src 'nonce-/XWDVbgs8ICDyWqykXW3BfduuhJy1iinHPoLRHViFQUMVz+U' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.dialogtech.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"9a7d-g4xbYBPAocPPgi5JhM27HQJnI/4"
paypal-debug-id
e7efc3573d217
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt
48 145
x-edgeconnect-origin-mex-latency
131 131
vary
Accept-Encoding
content-encoding
gzip
date
Thu, 18 Feb 2021 16:12:02 GMT
content-length
9507
set-cookie
enforce_policy=gdpr_v2.1; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 18 Feb 2022 16:12:02 GMT; Secure; SameSite=None cookie_check=yes; Max-Age=315532799; Domain=.paypal.com; Path=/; Expires=Tue, 18 Feb 2031 16:12:01 GMT; HttpOnly; Secure; SameSite=None LANG=en_GB%3BGB; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 19 Feb 2021 00:57:58 GMT; HttpOnly; Secure; SameSite=None tsrce=mppnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sun, 21 Feb 2021 16:12:01 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxMzY2NDcyMjYxNiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3ANqFqNBfqWBXbuAnzGGc-GT5dAA_iEeCA.FxPpBurBE979Bb%2BPxbUoWqKU0bEdbKeKDdDr0pfLPso; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Thu, 18 Feb 2021 16:42:02 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1708272722%26vteXpYrS%3D1613666522%26vr%3Db5e99e541770a78060b46ea3fad49669%26vt%3Db5e99e541770a78060b46ea3fad49668%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 18 Feb 2024 16:12:02 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Db5e99e541770a78060b46ea3fad49669%26vt%3Db5e99e541770a78060b46ea3fad49668; Path=/; Domain=paypal.com; Expires=Sun, 18 Feb 2024 16:12:02 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1613665322~id=0e40e19580d91a752cb6455d28e77f89; Domain=www.paypal.com; Path=/; Secure; SameSite=None
strict-transport-security
max-age=63072000
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18348
expires
Thu, 18 Feb 2021 17:12:02 GMT
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2018 02:50:53 GMT
cache-control
max-age=3600
etag
"5a66a30d-47b8"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
d7aa5114ab04a
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
ccg11-origin-www-2.paypal.com
content-length
18360
expires
Thu, 18 Feb 2021 17:12:02 GMT
fe658026f075729c708c4a7ccf92eb7a0f6afe.css
www.paypalobjects.com/marketing-resources/css/66/
192 KB
35 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/marketing-resources/css/66/fe658026f075729c708c4a7ccf92eb7a0f6afe.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b02a7853060c4bdcc7c5bfe77bb28f6531fa2d1fe5a04c7d2ef24da5a924e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Feb 2021 14:00:00 GMT
etag
W/"6023e6e0-2ff7b"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
text/css
paypal-debug-id
b73788cc7280e
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
slc-b-origin-www-1.paypal.com
content-length
35452
expires
Thu, 18 Feb 2021 17:12:02 GMT
fa89f17d37eb3f97e39b926835ba73c0a3fd63.css
www.paypalobjects.com/marketing-resources/css/1b/
2 KB
883 B
Stylesheet
General
Full URL
https://www.paypalobjects.com/marketing-resources/css/1b/fa89f17d37eb3f97e39b926835ba73c0a3fd63.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e08798b4612ce1d4700d2fe3c953f5b56be571619153da80e6012ccd9e8eb9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:14:13 GMT
etag
W/"5f7654b5-641"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
text/css
paypal-debug-id
adf1ef8c9196c
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
600
expires
Thu, 18 Feb 2021 17:12:02 GMT
6b61ced6e282d2ba4fc9b4db66882760b0978e.css
www.paypalobjects.com/marketing-resources/css/4b/
2 KB
979 B
Stylesheet
General
Full URL
https://www.paypalobjects.com/marketing-resources/css/4b/6b61ced6e282d2ba4fc9b4db66882760b0978e.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
312b68d66d3058b54df3e38c314482db0bc4d92ddc0f36e29eb7da10605c7c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 07:45:16 GMT
etag
W/"5f87fe0c-90f"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
text/css
paypal-debug-id
39a008bb8b95d
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-2.paypal.com
content-length
695
expires
Thu, 18 Feb 2021 17:12:02 GMT
4c889762ab729bb7919a3362b4232e9fc29419.js
www.paypalobjects.com/marketing-resources/js/ca/
398 KB
116 KB
Script
General
Full URL
https://www.paypalobjects.com/marketing-resources/js/ca/4c889762ab729bb7919a3362b4232e9fc29419.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f69ffadf019667d61d4d4903b4bccd5a3a9eddb026d39395ad7fd504bf706446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:14:30 GMT
etag
W/"5f7654c6-63901"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
85652e4eb8fa2
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
slc-b-origin-www-2.paypal.com
content-length
118014
expires
Thu, 18 Feb 2021 17:12:02 GMT
opinionLab-2.0.0.js
www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/
41 KB
12 KB
Script
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.0.0.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8aeb7d31ca8e643689b11e5881247eea8015a4f7df45905f0971b7a21aa25c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 26 Jul 2018 16:45:50 GMT
etag
W/"5b59fabe-a552"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
23009aebe6a14
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-1.paypal.com
content-length
12214
expires
Thu, 18 Feb 2021 17:12:02 GMT
1ac251a15237f931ead8a1334f7b560275bc17.js
www.paypalobjects.com/marketing-resources/js/ab/
3 KB
1 KB
Script
General
Full URL
https://www.paypalobjects.com/marketing-resources/js/ab/1ac251a15237f931ead8a1334f7b560275bc17.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
596a4e5e823469795e044eab3c17f127720bf07db5a13b4aa7e61fb0e567cf2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:14:27 GMT
etag
W/"5f7654c3-df4"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
4b6708fd9cbf5
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
1043
expires
Thu, 18 Feb 2021 17:12:02 GMT
bs-chunk.js
www.paypalobjects.com/tagmgmt/
19 B
292 B
Script
General
Full URL
https://www.paypalobjects.com/tagmgmt/bs-chunk.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 Nov 2019 01:44:09 GMT
server
Apache
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
content-length
19
expires
Thu, 18 Feb 2021 17:12:02 GMT
pa.js
www.paypalobjects.com/pa/js/min/
52 KB
20 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
30aa0b28babbe
dc
slc-b-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20130
last-modified
Thu, 18 Feb 2021 06:57:36 GMT
etag
W/"602e0fe0-cfcb"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Thu, 18 Feb 2021 17:12:02 GMT
open-chat.js
www.paypalobjects.com/helpcenter/smartchat/sales/v1/
1 KB
1 KB
Script
General
Full URL
https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:14:08 GMT
cache-control
max-age=3600
etag
W/"5f7654b0-5bf"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
paypal-debug-id
c8b4abbe6d22e
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-2.paypal.com
content-length
779
expires
Thu, 18 Feb 2021 17:12:02 GMT
marketingIntentsV2.js
www.paypalobjects.com/activation/js/
554 B
666 B
Script
General
Full URL
https://www.paypalobjects.com/activation/js/marketingIntentsV2.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Feb 2021 23:55:13 GMT
etag
W/"60271561-22a"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
5f5032c313b6b
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
dc
phx-origin-www-3.paypal.com
content-length
365
expires
Fri, 19 Feb 2021 16:12:02 GMT
ppcom-white.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/
5 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom-white.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/66/fe658026f075729c708c4a7ccf92eb7a0f6afe.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/marketing-resources/css/66/fe658026f075729c708c4a7ccf92eb7a0f6afe.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 21 Mar 2015 01:00:01 GMT
cache-control
max-age=3600
etag
W/"550cc291-1445"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
paypal-debug-id
5c17ce6909d77
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-3.paypal.com
content-length
1988
expires
Thu, 18 Feb 2021 17:12:02 GMT
miconfig.js
www.paypalobjects.com/pa/mi/
110 KB
21 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
59e3e6c5f9837
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
20779
last-modified
Fri, 12 Feb 2021 22:44:08 GMT
etag
W/"602704b8-1b9c2"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Thu, 18 Feb 2021 17:12:02 GMT
eligibility
www.paypal.com/smartchat/open/
1 KB
3 KB
XHR
General
Full URL
https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/uk/webapps/mpp/ua/legalhub-full
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b01ff203ba3e3b3abdeb1c71266ab9eb01b4a4fb90c48a812f077b0cfb0bd860
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-c7wYC2c7R1RADX1SwY6JOaphSHnVgmmn0dYcXcm8DGX4X0OQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
80, 80
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-c7wYC2c7R1RADX1SwY6JOaphSHnVgmmn0dYcXcm8DGX4X0OQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
48, 145
etag
W/"594-ARNWwm+JfpX8nB1xJrFPu0M7emw"
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
paypal-debug-id
ad840c038fc6f
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 18 Feb 2021 16:12:03 GMT
dc
ccg11-origin-www-1.paypal.com
content-length
1428
x-xss-protection
1; mode=block
ts
t.paypal.com/
42 B
814 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1613664722982&g=-60&e=err&page=main%3Amktg%3A%3A%3Alegalhub-full%3A%3A%3A&pgrp=main%3Amktg%3A%3A%3Alegalhub-full&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Feb 2021 16:12:03 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 18 Feb 2021 16:12:03 GMT
ts
t.paypal.com/
42 B
846 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1613664722985&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=e7efc3573d217&nsid=NqFqNBfqWBXbuAnzGGc-GT5dAA_iEeCA&rsta=en_GB&pgtf=Nodejs&env=live&s=ci&ccpg=GB&csci=15c4ad0040994ab9bfb792152d3a51c2&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=legalhub-full.dust&lgin=out&shir=main_mktg__&pros=3&lgcook=0&displayPage=main%3Amktg%3A%3A%3Alegalhub-full&ppage=privacy_banner&bannerType=cookiebanner&flag=gdpr_v2.1&bannerVersion=v2&bannerSource=ConsentNodeServ&e=ac
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Feb 2021 16:12:03 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 18 Feb 2021 16:12:03 GMT
ts
t.paypal.com/
42 B
814 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1613664722998&g=-60&e=err&page=main%3Amktg%3A%3A%3Alegalhub-full%3A%3A%3A&pgrp=main%3Amktg%3A%3A%3Alegalhub-full&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Feb 2021 16:12:03 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 18 Feb 2021 16:12:03 GMT
OrchestratorMain.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/
55 KB
16 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/OrchestratorMain.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 16:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-check-cacheable
YES
surrogate-control
max-age=31536000
paypal-debug-id
cad5bed6bdbc3
dc
slc-b-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
16301
last-modified
Thu, 19 Nov 2020 00:00:22 GMT
x-serial
1713
etag
W/"5fb5b596-dc08"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-headers
x-csrf-token
expires
Thu, 18 Feb 2021 17:12:03 GMT
ts
t.paypal.com/
42 B
846 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1613664723575&g=-60&pgrp=main%3Amktg%3A%3A%3Alegalhub-full&page=main%3Amktg%3A%3A%3Alegalhub-full%3A%3A%3A&pgst=Unknown&calc=e7efc3573d217&nsid=NqFqNBfqWBXbuAnzGGc-GT5dAA_iEeCA&rsta=en_GB&pgtf=Nodejs&env=live&s=ci&ccpg=gb&csci=15c4ad0040994ab9bfb792152d3a51c2&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=legalhub-full.dust&lgin=out&shir=main_mktg__&pros=3&lgcook=0&e=im&cdn=akamai&imsrc=setup&view=%7B%22t10%22%3A78%2C%22t11%22%3A1015%2C%22tcp%22%3A580%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=PayPal%20Legal%20Agreements%20%7C%20PayPal%20UK&ru=https%3A%2F%2Fwww.google.lu%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=78&t1c=78&t1d=3&t1s=60&t2=344&t3=4&t4d=535&t4=538&t4e=3&tt=964&rdc=0&res=%7B%7D&rtt=293
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Feb 2021 16:12:03 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 18 Feb 2021 16:12:03 GMT
ts
t.paypal.com/
42 B
814 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1613664723982&g=-60&e=err&page=main%3Amktg%3A%3A%3Alegalhub-full%3A%3A%3A&pgrp=main%3Amktg%3A%3A%3Alegalhub-full&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Feb 2021 16:12:04 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 18 Feb 2021 16:12:04 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack function| bindGdprEvents object| PP_GLOBAL_JS_STRINGS string| HOLIDAYS string| BROWSER_TYPE object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| PAYPAL object| feedbackLink object| dataLayer object| fpti string| fptiserverurl object| _ifpti object| OOo function| t function| hideGdprBanner function| showGdprBanner object| miconfig object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.37.0 function| openSalesChat

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: x-cdn
Value: akamai
.paypal.com/ Name: ts_c
Value: vr%3Db5e9a0fd1770a3118db279efffffffff%26vt%3Db5e9a0fd1770a3118db279effffffffe
.www.paypal.com/ Name: akavpau_ppsd
Value: 1613665323~id=98d610c97d3fc952038038bb0a6bcbe6
.paypal.com/ Name: l7_az
Value: dcg02.phx
www.paypal.com/ Name: nsid
Value: s%3AJ1NSXK6aVkk9kZuhSoWqS6KQ89N6T8FC.YvRz3b3LQ9hlYQiP%2BtMPfQA8sYlcrjjF5uCSCRN%2BZxg
.paypal.com/ Name: ts
Value: vreXpYrS%3D1708272723%26vteXpYrS%3D1613666523%26vr%3Db5e9a0fd1770a3118db279efffffffff%26vt%3Db5e9a0fd1770a3118db279effffffffe
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYxMzY2NDcyMzEyNiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: smartchatnodeweb
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: enforce_policy
Value: ccpa

4 Console Messages

Source Level URL
Text
console-api warning URL: https://www.paypalobjects.com/marketing-resources/js/ca/4c889762ab729bb7919a3362b4232e9fc29419.js(Line 1)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.paypalobjects.com/marketing-resources/js/ca/4c889762ab729bb7919a3362b4232e9fc29419.js:1:405291) at t (https://www.paypalobjects.com/marketing-resources/js/ca/4c889762ab729bb7919a3362b4232e9fc29419.js:1:43668) at e (https://www.paypalobjects.com/marketing-resources/js/ca/4c889762ab729bb7919a3362b4232e9fc29419.js:1:43970) undefined
console-api log URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full(Line 322)
Message:
%c WARNING!!! color:#FF8F1C; font-size:40px;
console-api log URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full(Line 323)
Message:
%c This browser feature is for developers only. Please do not copy-paste any code or run any scripts here. It may cause your PayPal account to be compromised. color:#003087; font-size:12px;
console-api log URL: https://www.paypal.com/uk/webapps/mpp/ua/legalhub-full(Line 324)
Message:
%c For more information, http://en.wikipedia.org/wiki/Self-XSS color:#003087; font-size:12px;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qutoneceramic.com
t.paypal.com
www.google.lu
www.paypal.com
www.paypalobjects.com
207.174.215.4
23.37.43.154
2a00:1450:4001:809::2003
72.246.168.118
0b02a7853060c4bdcc7c5bfe77bb28f6531fa2d1fe5a04c7d2ef24da5a924e1a
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
312b68d66d3058b54df3e38c314482db0bc4d92ddc0f36e29eb7da10605c7c08
3e08798b4612ce1d4700d2fe3c953f5b56be571619153da80e6012ccd9e8eb9b
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
596a4e5e823469795e044eab3c17f127720bf07db5a13b4aa7e61fb0e567cf2d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8aeb7d31ca8e643689b11e5881247eea8015a4f7df45905f0971b7a21aa25c58
99d4252b0fe4c6c472fa5d5a9905fa7e7bfb8021a0bce1f5cd7dde4d439c59e1
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b01ff203ba3e3b3abdeb1c71266ab9eb01b4a4fb90c48a812f077b0cfb0bd860
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
eec0755583897afeb7c94a5eed0f785afda824438d6497e4513e5e5edae4bf6e
f69ffadf019667d61d4d4903b4bccd5a3a9eddb026d39395ad7fd504bf706446
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d