Submitted URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Effective URL: https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Submission Tags: phishing malicious Search All
Submission: On January 26 via api from US

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 29 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a02:4780:dea... 204915 (AWEX)
10 151.101.14.133 54113 (FASTLY)
1 2 64.4.245.84 17012 (PAYPAL)
1 104.108.36.64 16625 (AKAMAI-AS)
1 151.101.65.21 54113 (FASTLY)
1 151.101.129.35 54113 (FASTLY)
29 7
Domain Requested by
13 cedarn-coordinate.000webhostapp.com cedarn-coordinate.000webhostapp.com
10 www.paypalobjects.com cedarn-coordinate.000webhostapp.com
www.paypal.com
www.paypalobjects.com
1 t.paypal.com www.paypal.com
1 www.paypal.com www.paypal.com
1 c.paypal.com www.paypalobjects.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
0 zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com Failed www.paypalobjects.com
29 8

This site contains no links.

Subject Issuer Validity Valid
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2019-12-09 -
2021-12-13
2 years crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA
2020-03-13 -
2022-06-03
2 years crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-01-09 -
2022-01-13
2 years crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-01-12 -
2022-02-12
a year crt.sh
t.paypal.com
DigiCert SHA2 High Assurance Server CA
2020-07-15 -
2022-07-20
2 years crt.sh

This page contains 4 frames:

Frame: https://www.paypal.com/webapps/mpp/mobile-apps/paypal-app
Frame ID: 42A30A511881C97BCAFA3F71301C3154
Requests: 26 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: 569289B8110D8D231B12E024747C5353
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s
Frame ID: 24496F6FBA8E796ED402A2D52E653DDC
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: 7BE558F92DD56F676054A1EA79F46199
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php Page URL
  2. https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

29
Requests

48 %
HTTPS

17 %
IPv6

4
Domains

8
Subdomains

7
IPs

3
Countries

452 kB
Transfer

940 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php Page URL
  2. https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://b.stats.paypal.com/v2/counter.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set index.php
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/
10 KB
8 KB
Document
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
d2ee3f6a9cd3cfc947913d39876e9a339f93f93b233c0fcc823aecefd2d75083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cedarn-coordinate.000webhostapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=6arr3im6spgemo26nvopjndjv6; path=/
Server
awex
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Request-ID
9ead376328debbf19cee17d75543ce2a
Content-Encoding
gzip
hok.js
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/
20 KB
7 KB
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/hok.js
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
bf5e50c79dd0fc20accfaf13ee2021ad
jquery.js
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
84 KB
34 KB
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery.js
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
ef5c4fe9230325ab76f8952e8eebd065
jquery.mask
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
0
0
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery.mask
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
awex
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
1b46be6fa7a941b0d8200aa534e7bc72
jquery.validate
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
0
0
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery.validate
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
awex
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
456aedd5998a4db83fed01667600a983
jquery.v-form
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
0
0
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery.v-form
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
awex
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
6f5b4c32aa1cb9e46853f6831839869c
jquery-3.1.0.min.js
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
84 KB
34 KB
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery-3.1.0.min.js
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
1fccbbd8fce4986429e07b01e3298a27
appSuperBowl.css
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/
221 KB
41 KB
Stylesheet
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
570e6de88f1a0c8532b07488e5f4a88ad71145fbc3a2cb421aabbad019848434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
cfd498a423bbbc87b1973b7f70da0d7c
validated.png
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/
6 KB
6 KB
Image
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/validated.png
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
e572d20095421e23f8d3909000b93506755e1c3962705b6db81a71bb9010c39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6032
X-Xss-Protection
1; mode=block
X-Request-ID
df84df5b7b1a5a879c3b2ae085b4db8f
pp.png
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/cono/
1 KB
2 KB
Image
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/cono/pp.png
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
4705db0cd56e025a7e9a2f9032bd835d59e0f95b4caf8da12a2ab3ea04792a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1448
X-Xss-Protection
1; mode=block
X-Request-ID
ba90587f2d8f089cb7982289cb77d3fe
loading-dots.gif
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/
7 KB
7 KB
Image
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/loading-dots.gif
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
091aeff30fb50241afe150763c81b3dafbfb18f869db9716be3dfbacba9b2682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7349
X-Xss-Protection
1; mode=block
X-Request-ID
ae530699dac2acc005f42ab5d3ba9893
jquery.v-form
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/
0
0
Script
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/js/jquery.v-form
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
awex
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
1eb0b9772ce89b7de6c7fc4c1a0bc6e3
pplm.svg
cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/
5 KB
3 KB
Image
General
Full URL
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/img/pplm.svg
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Protocol
HTTP/1.1
Server
2a02:4780:dead:cc07::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Jul 2020 12:50:40 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
849d55c58a324d95d31770060fcff148
PayPalSansBig-Medium.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
50 KB
50 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.woff
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ba20c92df54a4333cc16983eb8c0043e0ea8781319e03edcf6d5093cd109cf43
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
http://cedarn-coordinate.000webhostapp.com
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:31 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
11343338
x-cache
HIT, HIT
content-length
51051
x-served-by
cache-sjc10076-SJC, cache-fra19134-FRA
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
Apache
x-timer
S1611645272.721575,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
9414, 10
fb-all-prod.pp2.min.js
www.paypalobjects.com/webstatic/r/fb/ Frame 5692
58 KB
18 KB
Script
General
Full URL
https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
849638
x-cache
HIT, MISS
paypal-debug-id
24d570926603
dc
ccg11-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
18440
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10026-SJC, cache-fra19123-FRA
last-modified
Thu, 01 Oct 2020 22:15:32 GMT
x-timer
S1611645272.720674,VS0,VE152
etag
W/"5f765504-e7e3"
strict-transport-security
max-age=31557600
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1, 0
PayPalSansBig-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
48 KB
48 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
http://cedarn-coordinate.000webhostapp.com
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:31 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
26912460
x-cache
HIT, HIT
surrorage-key
/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff /webstatic/mktg/2014design/font/PP-Sans /webstatic/mktg/2014design/font /webstatic/mktg/2014design /webstatic/mktg /webstatic
content-length
49115
x-served-by
cache-lax8636-LAX, cache-fra19134-FRA
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
Apache
x-timer
S1611645272.722409,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
20171, 81883
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
46 KB
47 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
http://cedarn-coordinate.000webhostapp.com
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:31 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
26912458
x-cache
HIT, HIT
surrorage-key
/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff /webstatic/mktg/2014design/font/PP-Sans /webstatic/mktg/2014design/font /webstatic/mktg/2014design /webstatic/mktg /webstatic
content-length
47339
x-served-by
cache-sjc10023-SJC, cache-fra19134-FRA
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
Apache
x-timer
S1611645272.721539,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
103410, 83894
PayPalSansSmall-Medium.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
47 KB
48 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff
Requested by
Host: cedarn-coordinate.000webhostapp.com
URL: http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
1fc978067430d2bf5d50d4adebd57ec8cb847f63cb8925fddb76fb5825071e85
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
http://cedarn-coordinate.000webhostapp.com
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/css/appSuperBowl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:31 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
26912450
x-cache
HIT, HIT
surrorage-key
/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff /webstatic/mktg/2014design/font/PP-Sans /webstatic/mktg/2014design/font /webstatic/mktg/2014design /webstatic/mktg /webstatic
content-length
48487
x-served-by
cache-lax8627-LAX, cache-fra19134-FRA
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
Apache
x-timer
S1611645272.721558,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
83054, 63388
counter2.cgi
dub.stats.paypal.com/v2/ Frame 2449
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s
42 B
299 B
Image
General
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:14:32 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=8ca82980d2c511e689ae0d187383423f&s=t_s
Date
Tue, 26 Jan 2021 07:14:32 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
i
c.paypal.com/v1/r/d/ Frame 7BE5
0
0
Document
General
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.36.64 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-36-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
c.paypal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php

Response headers

CORRELATION-ID
ed7962737903e
Content-Security-Policy-Report-Only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type
text/html;charset=UTF-8
Paypal-Debug-Id
ed7962737903e
X-Content-Type-Options
nosniff
X-Xss-Protection
1; mode=block
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
160
Cache-Control
no-cache, no-store, must-revalidate
Date
Tue, 26 Jan 2021 07:14:32 GMT
Connection
keep-alive
Primary Request app-redirect
www.paypal.com/webapps/mpp/
8 KB
5 KB
Document
General
Full URL
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6883f2049a479c155f94080e808b055b6e3a89b1cdd686fc0863b4819f40b01
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://*.qualtrics.com; script-src 'nonce-H72Xqc/BqCAuqo6/6faLXReMYhycK6rjy0rb1T2t5nS+j9MF' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.dialogtech.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/webapps/mpp/app-redirect?src=pre_login_banner
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KHcl0EuY7AKSMgfvHl7J5E7hPtK=pr0C5ae5eFKZAwsNi5LW5tP-CILJPt1vVAIzUz_QlcBWo-GMgDxUGbOK8y7dI1_OogFdMG1IyVRarHoN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://cedarn-coordinate.000webhostapp.com/paypal.com/cgi-bin/issues/resolution/websc_success/index.php

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://*.qualtrics.com; script-src 'nonce-H72Xqc/BqCAuqo6/6faLXReMYhycK6rjy0rb1T2t5nS+j9MF' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.dialogtech.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"1ef7-2O1OfRxzkbW1Q/JZ1qzrEWLbO3k"
paypal-debug-id
d80ca0054c68d
set-cookie
enforce_policy=gdpr_v2; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 26 Jan 2022 07:14:38 GMT; Secure; SameSite=None cookie_check=yes; Max-Age=315532799; Domain=.paypal.com; Path=/; Expires=Sun, 26 Jan 2031 07:14:37 GMT; HttpOnly; Secure; SameSite=None LANG=nl_NL%3BNL; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 26 Jan 2021 16:00:34 GMT; HttpOnly; Secure; SameSite=None tsrce=mppnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 29 Jan 2021 07:14:37 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxMTY0NTI3ODA3NiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3AY8BjNKHyj9aB8tBXBUUa9IGB-8_dzmEz.Sf2wVr97c8Xu%2FcZtW54i2u3S2KG%2Fh0d0kRaQTT3a844; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 26 Jan 2021 07:44:38 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1706253277%26vteXpYrS%3D1611647077%26vr%3D3d8b570c1770ad0458d9f5a6ff1fe6fb%26vt%3D3d8b570c1770ad0458d9f5a6ff1fe6fa%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 26 Jan 2024 07:14:38 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D3d8b570c1770ad0458d9f5a6ff1fe6fb%26vt%3D3d8b570c1770ad0458d9f5a6ff1fe6fa; Path=/; Domain=paypal.com; Expires=Fri, 26 Jan 2024 07:14:38 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Tue, 26 Jan 2021 07:14:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7367-LHR, cache-ams21027-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1611645278.884231,VS0,VE292
vary
Accept-Encoding
content-encoding
br
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:41 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
10704600
x-cache
HIT, HIT
paypal-debug-id
4430072ed4be7
dc
slc-b-origin-www-2.paypal.com
content-length
18320
x-served-by
cache-sjc10045-SJC, cache-fra19134-FRA
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
x-timer
S1611645282.577540,VS0,VE0
etag
"5a66ae4b-4790"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
247635, 212973
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/
18 KB
19 KB
Font
General
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:41 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
26912471
x-cache
HIT, HIT, HIT, HIT
surrorage-key
/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 /digitalassets/c/paypal-ui/fonts /digitalassets/c/paypal-ui /digitalassets/c /digitalassets
content-encoding
gzip
vary
Accept-Encoding
content-length
18388
x-served-by
cache-sjc10035-SJC, cache-lax8643-LAX, cache-sjc10075-SJC, cache-fra19134-FRA
last-modified
Tue, 23 Jan 2018 02:50:53 GMT
server
Apache
x-timer
S1611645282.577635,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
2, 73787, 47951, 108120
pa.js
www.paypalobjects.com/pa/js/min/
50 KB
19 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6d353cac5b8fe07885f19a8309648c3efb79d635257cd67c57f6d73acbe8b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459989
x-cache
HIT, HIT
paypal-debug-id
1e80ca4ccdd43
dc
ccg11-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
19496
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10057-SJC, cache-fra19123-FRA
last-modified
Wed, 20 Jan 2021 23:16:04 GMT
x-timer
S1611645282.578252,VS0,VE0
etag
W/"6008b9b4-c956"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
83699, 71
miconfig.js
www.paypalobjects.com/pa/mi/
106 KB
20 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
445ae04ceab788f5c5d7dcf032634401857f524a531d506bbc0bcf11bdfa9327
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28740
x-cache
HIT, HIT
paypal-debug-id
e8b56d6269cce
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
20007
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10044-SJC, cache-fra19134-FRA
last-modified
Mon, 25 Jan 2021 22:53:50 GMT
x-timer
S1611645282.612907,VS0,VE0
etag
W/"600f4bfe-1a94c"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
6326, 118
ts
t.paypal.com/
42 B
694 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.27&t=1611645281613&g=-60&pgrp=main%3Aconsappdownload%3Axsell%3A%3A&page=main%3Aconsappdownload%3Axsell%3A%3A%3A%3AAPP_REDIRECT%3A&pgst=Unknown&calc=d80ca0054c68d&nsid=Y8BjNKHyj9aB8tBXBUUa9IGB-8_dzmEz&rsta=en_NL&pgtf=Nodejs&env=live&s=ci&ccpg=nl&csci=7d89960275f045c68978198cc196de57&comp=mppnodeweb&cu=0&ef_policy=gdpr_v2&pgld=Unknown&bzsr=main&bchn=consappdownload&tmpl=app-redirect.dust&pgsf=xsell&vers=APP_REDIRECT%3A%3A&lgin=out&shir=main_consappdownload_xsell_&pros=2&lgcook=0&ref_vid=3d8b570c1770ad0458d9f5a6ff1fe6fb&ref_tsrce=pre_login_banner&app_download_action=pre_login_banner&devc_type=dedicated&client_os=mac&e=im&cdn=fastly&pt=PayPal&ru=http%3A%2F%2Fcedarn-coordinate.000webhostapp.com%2Fpaypal.com%2Fcgi-bin%2Fissues%2Fresolution%2Fwebsc_success%2Findex.php&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Jan 2021 07:14:41 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1611645282.656677,VS0,VE148
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires
Tue, 26 Jan 2021 07:14:41 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-lhr7383-LHR, cache-ams21038-AMS
OrchestratorMain.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.30.0/
51 KB
15 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.30.0/OrchestratorMain.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
bd92dcf05700299ca9cbefaff8f4cf098364613dbad872fc059ac8c749bd97f0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/webapps/mpp/app-redirect?src=pre_login_banner
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:14:41 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
15132469
x-cache
HIT, HIT
content-encoding
gzip
vary
Accept-Encoding
content-length
15213
x-served-by
cache-lax8625-LAX, cache-fra19134-FRA
last-modified
Mon, 27 Jul 2020 16:45:51 GMT
server
Apache
x-timer
S1611645282.760765,VS0,VE0
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
827, 107609
Targeting.php
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/
0
0

paypal-app
www.paypal.com/webapps/mpp/mobile-apps/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
URL
https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.30.0&Q_CLIENTTYPE=hostedjs
Domain
www.paypal.com
URL
https://www.paypal.com/webapps/mpp/mobile-apps/paypal-app

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack object| dataLayer object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| getParameterByName string| custId string| guid string| ppRef string| src string| tsrce string| redirectUrl string| deviceOS string| deviceType string| deeplinkUrl string| dynamicParams string| encodedUrl string| adjustUrl object| miconfig object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.30.0

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: x-cdn
Value: fastly:AMS
.paypal.com/ Name: ts_c
Value: vr%3D3d8b570c1770ad0458d9f5a6ff1fe6fb%26vt%3D3d8b570c1770ad0458d9f5a6ff1fe6fa
.paypal.com/ Name: l7_az
Value: dcg01.phx
www.paypal.com/ Name: nsid
Value: s%3AY8BjNKHyj9aB8tBXBUUa9IGB-8_dzmEz.Sf2wVr97c8Xu%2FcZtW54i2u3S2KG%2Fh0d0kRaQTT3a844
.paypal.com/ Name: ts
Value: vreXpYrS%3D1706253281%26vteXpYrS%3D1611647081%26vr%3D3d8b570c1770ad0458d9f5a6ff1fe6fb%26vt%3D3d8b570c1770ad0458d9f5a6ff1fe6fa%26vtyp%3Dnew
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYxMTY0NTI3ODA3NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: mppnodeweb
.paypal.com/ Name: LANG
Value: nl_NL%3BNL
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: enforce_policy
Value: gdpr_v2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
cedarn-coordinate.000webhostapp.com
dub.stats.paypal.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
www.paypal.com
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.108.36.64
151.101.129.35
151.101.14.133
151.101.65.21
2a02:4780:dead:cc07::1
64.4.245.84
091aeff30fb50241afe150763c81b3dafbfb18f869db9716be3dfbacba9b2682
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
1fc978067430d2bf5d50d4adebd57ec8cb847f63cb8925fddb76fb5825071e85
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
445ae04ceab788f5c5d7dcf032634401857f524a531d506bbc0bcf11bdfa9327
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4705db0cd56e025a7e9a2f9032bd835d59e0f95b4caf8da12a2ab3ea04792a2a
570e6de88f1a0c8532b07488e5f4a88ad71145fbc3a2cb421aabbad019848434
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
ba20c92df54a4333cc16983eb8c0043e0ea8781319e03edcf6d5093cd109cf43
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
bd92dcf05700299ca9cbefaff8f4cf098364613dbad872fc059ac8c749bd97f0
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
d2ee3f6a9cd3cfc947913d39876e9a339f93f93b233c0fcc823aecefd2d75083
e572d20095421e23f8d3909000b93506755e1c3962705b6db81a71bb9010c39d
e6883f2049a479c155f94080e808b055b6e3a89b1cdd686fc0863b4819f40b01
f6d353cac5b8fe07885f19a8309648c3efb79d635257cd67c57f6d73acbe8b5f