urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
2.18.232.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cl.ly/e8e7280fca0a/tulangkering.html=MEZNYTVQVK
Effective URL: https://www.paypal.com/de/home
Submission Tags: phishing malicious Search All
Submission: On July 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 6 HTTP transactions. The main IP is 2.18.232.222, located in Ascension Island and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 14th 2018. Valid for: 2 years.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.165.109.27 14618 (AMAZON-AES)
1 1 3.223.87.48 14618 (AMAZON-AES)
1 13.32.222.114 16509 (AMAZON-02)
1 1 87.240.190.67 47541 (VKONTAKTE...)
1 93.186.225.193 47541 (VKONTAKTE...)
2 2 45.40.140.1 26496 (AS-26496-...)
1 1 162.241.65.240 46606 (UNIFIEDLA...)
2 3 2.18.232.222 16625 (AKAMAI-AS)
6 4
1    54.165.109.27 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-109-27.compute-1.amazonaws.com
cl.ly
1    3.223.87.48 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-223-87-48.compute-1.amazonaws.com
my.cl.ly
1    13.32.222.114 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-114.fra56.r.cloudfront.net
dzwonsemrish7.cloudfront.net
1    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
1    93.186.225.193 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
away.vk.com
2    45.40.140.1 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net
x.co
1    162.241.65.240 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-65-240.unifiedlayer.com
server02.idwebhome.webloginpaypal.idwebserviced-migrations.com
3    2.18.232.222 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-222.deploy.static.akamaitechnologies.com
www.paypal.com
Apex Domain
Subdomains		 Transfer
3 paypal.com
www.paypal.com
27 KB
2 x.co
x.co
322 B
2 vk.com
vk.com
away.vk.com
1 KB
2 cl.ly
cl.ly
my.cl.ly
899 B
1 idwebserviced-migrations.com
server02.idwebhome.webloginpaypal.idwebserviced-migrations.com
239 B
1 cloudfront.net
dzwonsemrish7.cloudfront.net
482 B
0 paypalobjects.com Failed
www.paypalobjects.com Failed
6 7
Domain Requested by
3 www.paypal.com 2 redirects away.vk.com
2 x.co 2 redirects
1 server02.idwebhome.webloginpaypal.idwebserviced-migrations.com 1 redirects
1 away.vk.com
1 vk.com 1 redirects
1 dzwonsemrish7.cloudfront.net
1 my.cl.ly 1 redirects
1 cl.ly 1 redirects
0 www.paypalobjects.com Failed www.paypal.com
6 9

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-14 -
2020-08-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/de/home
Frame ID: E456A3E1F5B6FEEA4F20218B79B415D0
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cl.ly/e8e7280fca0a/tulangkering.html=MEZNYTVQVK HTTP 301
    https://my.cl.ly/content/e8e7280fca0a HTTP 302
    https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html Page URL
  2. https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FsD3Fwsd&post=554911599_4&cc_key=YmVya2FoZ2Fucw HTTP 302
    http://away.vk.com/away.php Page URL
  3. http://x.co/sD3Fwsd HTTP 301
    https://x.co/sD3Fwsd HTTP 302
    https://server02.idwebhome.webloginpaypal.idwebserviced-migrations.com/?tracve HTTP 302
    https://www.paypal.com/?tracve HTTP 302
    https://www.paypal.com/home HTTP 302
    https://www.paypal.com/de/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

6
Requests

33 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

4
IPs

3
Countries

24 kB
Transfer

102 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.ly/e8e7280fca0a/tulangkering.html=MEZNYTVQVK HTTP 301
    https://my.cl.ly/content/e8e7280fca0a HTTP 302
    https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html Page URL
  2. https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FsD3Fwsd&post=554911599_4&cc_key=YmVya2FoZ2Fucw HTTP 302
    http://away.vk.com/away.php Page URL
  3. http://x.co/sD3Fwsd HTTP 301
    https://x.co/sD3Fwsd HTTP 302
    https://server02.idwebhome.webloginpaypal.idwebserviced-migrations.com/?tracve HTTP 302
    https://www.paypal.com/?tracve HTTP 302
    https://www.paypal.com/home HTTP 302
    https://www.paypal.com/de/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cl.ly/e8e7280fca0a/tulangkering.html=MEZNYTVQVK HTTP 301
  • https://my.cl.ly/content/e8e7280fca0a HTTP 302
  • https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html
Request Chain 1
  • https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FsD3Fwsd&post=554911599_4&cc_key=YmVya2FoZ2Fucw HTTP 302
  • http://away.vk.com/away.php

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tulangkering.html
dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/
Redirect Chain
  • https://cl.ly/e8e7280fca0a/tulangkering.html=MEZNYTVQVK
  • https://my.cl.ly/content/e8e7280fca0a
  • https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html
140 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.114 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ce8a122d3c1b1df9b3607c15f1cb05e8870400bfbb44dc3fdfd57e825b9c63d

Request headers

:method
GET
:authority
dzwonsemrish7.cloudfront.net
:scheme
https
:path
/items/033U003V2J2X0m3Z1P06/tulangkering.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
content-type
text/html
content-length
140
date
Sat, 27 Jul 2019 17:28:04 GMT
last-modified
Sat, 27 Jul 2019 16:59:14 GMT
etag
"3fa8447709ab235cd1fa8c43c0fe94cb"
x-amz-meta-slug
e8e7280fca0a
accept-ranges
bytes
server
AmazonS3
age
5293
x-cache
Hit from cloudfront
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56
x-amz-cf-id
eaJs-h6gmJKB0Qk7MGpWXhe9I0SNGy2kliF0jAn_ngKdWUbmrTA_4g==

Redirect headers

Cache-Control
must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Date
Sat, 27 Jul 2019 18:56:16 GMT
Expires
Wed, 13 Jun 1990 00:00:00 UTC +00:00
Location
https://dzwonsemrish7.cloudfront.net/items/033U003V2J2X0m3Z1P06/tulangkering.html
Pragma
no-cache
Server
nginx
Set-Cookie
_engine_session=6a342948291c7ce344d1fd275752577c; domain=.my.cl.ly; path=/; HttpOnly
Status
302 Found
X-Frame-Options
DENY
X-Request-Id
bd557b7affdfd637772dd316f4dca37a
X-Runtime
0.119046
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
147
Connection
keep-alive
Cookie set away.php
away.vk.com/
Redirect Chain
  • https://vk.com/away.php?to=http%3A%2F%2Fx.co%2FsD3Fwsd&post=554911599_4&cc_key=YmVya2FoZ2Fucw
  • http://away.vk.com/away.php
344 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
http://away.vk.com/away.php
Protocol
HTTP/1.1
Server
93.186.225.193 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK / PHP/3.20243
Resource Hash
ac1a181819d52b6016432abcb27311ff793504e87a3a7cddbb80cf58058dbac1

Request headers

Host
away.vk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
remixlang=6; remixsec_redir=http%3A%2F%2Fx.co%2FsD3Fwsd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Server
VK
Date
Sat, 27 Jul 2019 18:56:18 GMT
Content-Type
text/html; charset=windows-1251
Content-Length
241
Connection
keep-alive
X-Powered-By
PHP/3.20243
Cache-control
no-store
Set-Cookie
remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; domain=.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=away.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/
Content-Encoding
gzip

Redirect headers

status
302
server
VK
date
Sat, 27 Jul 2019 18:56:17 GMT
content-type
text/html; charset=windows-1251
content-length
20
location
http://away.vk.com/away.php
x-powered-by
PHP/3.20243
set-cookie
remixlang=6; expires=Mon, 03 Aug 2020 21:26:35 GMT; path=/; domain=.vk.com remixsec_redir=http%3A%2F%2Fx.co%2FsD3Fwsd; path=/; domain=.vk.com
cache-control
no-store
content-encoding
gzip
strict-transport-security
max-age=15768000
x-frontend
front204301
access-control-expose-headers
X-Frontend
Primary Request home
www.paypal.com/de/
Redirect Chain
  • http://x.co/sD3Fwsd
  • https://x.co/sD3Fwsd
  • https://server02.idwebhome.webloginpaypal.idwebserviced-migrations.com/?tracve
  • https://www.paypal.com/?tracve
  • https://www.paypal.com/home
  • https://www.paypal.com/de/home
101 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/de/home
Requested by
Host: away.vk.com
URL: http://away.vk.com/away.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-PGwuiAk5yTZoWow2Qmgabu0SkssRJtZ2b9qLCH3JU1Tr1DLJ' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/de/home
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://away.vk.com/away.php
accept-encoding
gzip, deflate, br
cookie
cwrClyrK4LoCV1fydGbAxiNL6iG=kJi4nNNlAF6r6VFHbS4JcFjZFqx58ipJPUqied2kYPVlaIw0ScFdLp75ap43_ofhggsDeISkBW2cQk8Fzs_2XdrIlMN9-mYpAc2cx8teIAsg2yFaPejCsvw8XskDBhby2i98llK3PMv-AHOrWncoFlE9JWL3_Eew-jWCckxb2oMHDI1q26Mrqox5hYanFMzc4wTuvRci6r9SzNk37S_RkO00DHTH2mHkxMQKwc53fabEYhHplcRNLShptSS; cookie_check=yes; consumer_display=USER_HOMEPAGE%3d0%26USER_TARGETPAGE%3d0%26USER_FILTER_CHOICE%3d0%26BALANCE_MODULE_STATE%3d1%26GIFT_BALANCE_MODULE_STATE%3d1%26LAST_SELECTED_ALIAS_ID%3d0%26SELLING_GROUP%3d1%26PAYMENT_AND_RISK_GROUP%3d1%26SHIPPING_GROUP%3d1%26HOME_VERSION%3d1%26MCE2_ELIGIBILITY%3d4294967295; AKDC=ccg11-origin-www-1.paypal.com; akavpau_ppsd=1564254389~id=92056d1e8a3df23fc1c015d76efc6b8a; LANG=de_DE%3BDE; enforce_policy=gdpr_eu; x-pp-s=eyJ0IjoiMTU2NDI1Mzc4OTUwMiIsImwiOiIwIiwibSI6IjAifQ; tsrce=mppnodeweb; ts=vr%3D34ca9d0516cac12000172375fff6ed91%26vreXpYrS%3D1658924566%26vteXpYrS%3D1564255589%26vt%3D34ca9d1616cac12000172375fff6ed90; nsid=s%3AWyc_eNLRc1_wgvQg5HL3D71hpRNYwLpj.Kv%2BXswOHiXTQQa6G%2FDdwo9e77nDuBFLsh6vEl%2Fmfgoo; X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D1570651229%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
http://away.vk.com/away.php

Response headers

status
200
server
Apache
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
paypal-debug-id
189af6a8a84f4 189af6a8a84f4
cache-control
no-cache max-age=0, no-cache, no-store, must-revalidate
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-PGwuiAk5yTZoWow2Qmgabu0SkssRJtZ2b9qLCH3JU1Tr1DLJ' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
etag
W/"195e7-n0KSAMH9WKWBhb67mxz+pDTuUgE"
http_x_pp_az_locator
dcg13.slc
content-encoding
gzip
pragma
no-cache
content-type
text/html; charset=utf-8
dc
ccg11-origin-www-1.paypal.com
content-length
21082
x-edgeconnect-midmile-rtt
146
x-edgeconnect-origin-mex-latency
238
date
Sat, 27 Jul 2019 18:56:30 GMT
vary
Accept-Encoding
set-cookie
enforce_policy=gdpr_eu; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 26 Jul 2020 18:56:29 GMT; Secure consumer_display=USER_HOMEPAGE%3D0%26USER_TARGETPAGE%3D0%26USER_FILTER_CHOICE%3D0%26BALANCE_MODULE_STATE%3D1%26GIFT_BALANCE_MODULE_STATE%3D1%26LAST_SELECTED_ALIAS_ID%3D0%26SELLING_GROUP%3D1%26PAYMENT_AND_RISK_GROUP%3D1%26SHIPPING_GROUP%3D1%26MCE2_ELIGIBILITY%3D4294967295; Max-Age=63158399; Domain=.paypal.com; Path=/; Expires=Tue, 27 Jul 2021 18:56:28 GMT; HttpOnly; Secure LANG=de_DE%3BDE; Max-Age=31555; Domain=.paypal.com; Path=/; Expires=Sun, 28 Jul 2019 03:42:24 GMT; HttpOnly; Secure x-pp-s=eyJ0IjoiMTU2NDI1Mzc4OTg5NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D1570651229%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc; Expires=Sat, 27 Jul 2019 19:26:29 GMT; domain=.paypal.com; path=/; Secure; HttpOnly X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT akavpau_ppsd=1564254390~id=b2860539def6944a482c9c1e97957f12; Domain=www.paypal.com; Path=/; Secure; HttpOnly
strict-transport-security
max-age=63072000

Redirect headers

status
302
server
Apache
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
paypal-debug-id
d9a913e466e76 d9a913e466e76
cache-control
no-cache max-age=0, no-cache, no-store, must-revalidate
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.pub.247-inc.net https://www.wootag.com; script-src 'nonce-pPWqAF22OP6K6nicbv1j7jZbzXx4dcRWN+Bxb8hNY3NeWm+l' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.sperse.io https://*.dialogtech.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
http_x_pp_az_locator
dcg13.slc
location
/de/home
content-encoding
gzip
pragma
no-cache
content-type
text/html; charset=utf-8
dc
ccg11-origin-www-1.paypal.com
content-length
80
x-edgeconnect-midmile-rtt
147
x-edgeconnect-origin-mex-latency
109
date
Sat, 27 Jul 2019 18:56:29 GMT
vary
Accept-Encoding
set-cookie
LANG=de_DE%3BDE; Max-Age=31555; Domain=.paypal.com; Path=/; Expires=Sun, 28 Jul 2019 03:42:24 GMT; HttpOnly; Secure enforce_policy=gdpr_eu; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 26 Jul 2020 18:56:29 GMT; Secure x-pp-s=eyJ0IjoiMTU2NDI1Mzc4OTUwMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=mppnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jul 2019 18:56:29 GMT; HttpOnly; Secure ts=vr%3D34ca9d0516cac12000172375fff6ed91%26vreXpYrS%3D1658924566%26vteXpYrS%3D1564255589%26vt%3D34ca9d1616cac12000172375fff6ed90; Domain=.paypal.com; Path=/; Expires=Wed, 27 Jul 2022 12:22:46 GMT; HttpOnly; Secure nsid=s%3AWyc_eNLRc1_wgvQg5HL3D71hpRNYwLpj.Kv%2BXswOHiXTQQa6G%2FDdwo9e77nDuBFLsh6vEl%2Fmfgoo; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dmppnodeweb%26TIME%3D1570651229%26HTTP_X_PP_AZ_LOCATOR%3Ddcg13.slc; Expires=Sat, 27 Jul 2019 19:26:29 GMT; domain=.paypal.com; path=/; Secure; HttpOnly X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT akavpau_ppsd=1564254389~id=92056d1e8a3df23fc1c015d76efc6b8a; Domain=www.paypal.com; Path=/; Secure; HttpOnly
strict-transport-security
max-age=63072000
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		0
0
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		0
0
6460cdd6f6cc8c50e343560004f0882fcee345.css
www.paypalobjects.com/eboxapps/css/d1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Domain
www.paypalobjects.com
URL
https://www.paypalobjects.com/eboxapps/css/d1/6460cdd6f6cc8c50e343560004f0882fcee345.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies