rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
Submission Tags: phishing malicious Search All
Submission: On March 03 via api (March 3rd 2021, 8:12:48 pm UTC) from US

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 41 HTTP transactions. The main IP is 2a00:1450:4001:809::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog.
TLS certificate: Issued by GTS CA 1O1 on January 26th 2021. Valid for: 3 months.

This is the only time rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
9	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
6	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
5	23.79.145.158 23.79.145.158	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
41	11

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.79.145.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-145-158.deploy.static.akamaitechnologies.com

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	paypal.com 1 redirects www.paypal.com t.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com c6.paypal.com	53 KB
9	paypalobjects.com www.paypalobjects.com	88 KB
4	googleapis.com translate.googleapis.com	96 KB
4	google.com translate.google.com	3 KB
2	gstatic.com www.gstatic.com	3 KB
1	translate.goog rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog	8 KB
41	6

	Domain	Requested by
9	www.paypalobjects.com	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog www.paypalobjects.com
6	www.paypal.com	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog www.paypalobjects.com
5	c.paypal.com	www.paypalobjects.com c.paypal.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com www.paypalobjects.com
4	translate.google.com	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
2	t.paypal.com	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
2	www.gstatic.com	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog translate.googleapis.com
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
41	11

This site contains no links.

Subject Issuer	Validity	Valid
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-12` - `2022-02-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-13`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
Frame ID: 1A4E00B957FC8773517D7DF08F99B747
Requests: 28 HTTP requests in this frame

Frame: https://translate.google.com/translate_un?sl=auto&tl=fr&lang=en&u=https://www.paypal.com/signin&usg=ALkJrhg09UfI4aHbBgski38gcAlPKLWa6Q
Frame ID: B307BF4CE995B7A0CB324EEB5E382DB3
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 22906DD806F2ED716B4A82E81A5B42A1
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7
Frame ID: 3D3C373C24F57A24C254F06EA438EFD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

41
Requests

85 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

250 kB
Transfer

768 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://b.stats.paypal.com/v1/counter.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7 HTTP 302
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7

41 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request signin Show response
rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/ 30 KB
8 KB 412ms
378ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0b00fd89f103bf6d2ee36891f280161f4f0eb46944169e8a95d9aa977303655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
:scheme: https
:path: /signin
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-robots-tag: none
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Wed, 03 Mar 2021 20:12:27 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
6 KB 33ms
32ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 25498175
x-cache: HIT, HIT, HIT
content-encoding: gzip
vary: Accept-Encoding
content-length: 6222
x-served-by: cache-dfw18650-DFW, cache-sjc10028-SJC, cache-fra19153-FRA
last-modified: Mon, 11 May 2020 09:43:19 GMT
server: Apache
x-timer: S1614802348.568682,VS0,VE0
strict-transport-security: max-age=31557600
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 418, 120335, 45705

GET
H2 200 contextualLogin.css
www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/css/ 99 KB
17 KB 31ms
31ms Stylesheet
text/css 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/css/contextualLogin.css

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c40a0f5e4d1225fabc2a34cea9173c189b582f9536f2afc0b4d37bba2e409aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503776
x-cache: HIT, HIT
paypal-debug-id: 14f524db92e46
x-cache-hits: 2, 13483
dc: ccg11-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 17345
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10029-SJC, cache-fra19153-FRA
last-modified: Thu, 25 Feb 2021 22:34:57 GMT
x-timer: S1614802348.568096,VS0,VE0
etag: W/"60382611-18d13"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Sat, 26 Feb 2022 00:06:51 GMT

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/lib/ 4 KB
2 KB 31ms
31ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/lib/modernizr-2.6.1.js

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503777
x-cache: HIT, HIT
paypal-debug-id: 47c7a4df1633d
x-cache-hits: 1, 13681
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 1788
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10068-SJC, cache-fra19153-FRA
last-modified: Thu, 25 Feb 2021 22:34:58 GMT
x-timer: S1614802348.567886,VS0,VE0
etag: W/"60382612-edf"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Sat, 26 Feb 2022 00:06:52 GMT

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 1 KB
2 KB 151ms
150ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 417941
x-cache: HIT, HIT
fastly-io-info: ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
paypal-debug-id: eb2940943da3b
fastly-stats: io=1
dc: phx-origin-www-1.paypal.com
content-length: 1238
x-served-by: cache-sjc10038-SJC, cache-fra19153-FRA
x-timer: S1614802348.613350,VS0,VE0
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 29603, 128

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 171ms
170ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 1761833
x-cache: HIT, HIT
fastly-io-info: ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
paypal-debug-id: aa43b11f79db6
fastly-stats: io=1
dc: ccg11-origin-www-2.paypal.com
content-length: 1709
x-served-by: cache-sjc10061-SJC, cache-fra19153-FRA
x-timer: S1614802348.613341,VS0,VE1
etag: "e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 29914, 73

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/lib/ 5 KB
3 KB 26ms
26ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/lib/fn-sync-telemetry-min.js

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503776
x-cache: HIT, HIT
paypal-debug-id: b419e3877bba2
x-cache-hits: 2, 13768
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 2303
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10055-SJC, cache-fra19153-FRA
last-modified: Thu, 25 Feb 2021 22:34:58 GMT
x-timer: S1614802348.598668,VS0,VE0
etag: W/"60382612-159e"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Sat, 26 Feb 2022 00:06:52 GMT

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/ 135 KB
34 KB 68ms
68ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/signin-split.js

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d74c754522167bff563daf66fb2880e7cd906f98924e3367bc6dc3e8d3fa509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503698
x-cache: HIT, HIT
paypal-debug-id: 9ddee820308d3
x-cache-hits: 1, 3177
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 34470
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10042-SJC, cache-fra19153-FRA
last-modified: Thu, 25 Feb 2021 22:34:58 GMT
x-timer: S1614802348.603977,VS0,VE0
etag: W/"60382612-21bf1"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Sat, 26 Feb 2022 00:07:22 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 52 KB
20 KB 152ms
151ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1170315
x-cache: HIT, HIT
paypal-debug-id: 2d5956ef1bd8d
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 20130
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10029-SJC, cache-fra19153-FRA
last-modified: Thu, 18 Feb 2021 06:57:36 GMT
x-timer: S1614802348.613374,VS0,VE0
etag: W/"602e0fe0-cfcb"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 107230, 127

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/a365f7b8378965c6/ 11 KB
6 KB 405ms
404ms Script
text/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/a365f7b8378965c6/recaptchav3.js?_sessionID=EX8yDYQpN3eYIh0t24Ir6lxlfOYSDgm0

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2a05d5d8da3b1439112394ee0607474a9c28a4a7f1be1599371e6e3b490172d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-szYc8DOPQ+fLNwd7L8dniK7ROVwpOAfqaXgK2UB2cokpf82u' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-szYc8DOPQ+fLNwd7L8dniK7ROVwpOAfqaXgK2UB2cokpf82u' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: abba183942fd6
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7365-LHR, cache-ams21054-AMS
x-timer: S1614802348.607904,VS0,VE384
date: Wed, 03 Mar 2021 20:12:27 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"2b51-fokUexgPefSSPat5i5wQdGb/OrQ"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0ce18b178a1baa3c0e03e9b22b65c2361f457925b02beb157d6246ed34bf4f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_un Show response
translate.google.com/ Frame B307 266 B
338 B 15ms
15ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_un?sl=auto&tl=fr&lang=en&u=https://www.paypal.com/signin&usg=ALkJrhg09UfI4aHbBgski38gcAlPKLWa6Q

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

876050fb89f3b77c04342ff6250ea1a5629d2265dd15bc2cff420850d797406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: translate.google.com
:scheme: https
:path: /translate_un?sl=auto&tl=fr&lang=en&u=https://www.paypal.com/signin&usg=ALkJrhg09UfI4aHbBgski38gcAlPKLWa6Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-language: en
x-content-type-options: nosniff
content-encoding: gzip
server: HTTP server (unknown)
content-length: 201
x-xss-protection: 0
set-cookie: CONSENT=PENDING+071; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 5 KB
2 KB 174ms
173ms Image
image/svg+xml 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/css/contextualLogin.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/css/contextualLogin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 30069529
x-cache: HIT, HIT, HIT
surrorage-key: /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared /images
content-encoding: gzip
vary: Accept-Encoding
content-length: 1929
x-served-by: cache-lax8641-LAX, cache-sjc10056-SJC, cache-fra19153-FRA
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
server: Apache
x-timer: S1614802348.615139,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 118840, 1, 28275

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:54:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Mar 2021 20:54:48 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1196
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 03 Mar 2021 20:52:31 GMT

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
90 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 19:54:48 GMT

GET
H3-Q050 204 gen204
translate.google.com/ 0
426 B 42ms
28ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20210224_00

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:12:27 GMT
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
887 B 7ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:35:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 45411
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Thu, 03 Mar 2022 07:35:36 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 45509
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 03 Mar 2022 07:33:58 GMT

POST
H3-Q050 200 t Show response
translate.googleapis.com/translate_a/ 1 KB
1 KB 47ms
20ms XHR
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20210224_00&sl=en&tl=fr&tc=1&sr=1&tk=359917.239041&mode=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

d1c3dbc8216af4cff041ba398565b08c026331df77864e36e95cde09209b88c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Mar 2021 20:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: fr
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 734
x-xss-protection: 0
expires: Wed, 03 Mar 2021 20:12:27 GMT

GET
H3-Q050 204 gen204
translate.google.com/ 0
89 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?sl=en&tl=fr&textlen=51&ttt=96&ttl=69&sr=1&nca=te_time&client=wt_lib&logld=vTE_20210224_00

Requested by

Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:12:27 GMT
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
487 B 191ms
190ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1614802348011&g=-60&e=err&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&comp=unifiedloginnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by: Host: rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
URL: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:12:28 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1614802348.022343,VS0,VE170
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Wed, 03 Mar 2021 20:12:28 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11582-HHN, cache-ams21080-AMS

OPTIONS
H2 200 client-log
www.paypal.com/signin/ Frame 0
0 218ms
218ms Other
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/signin/client-log
Protocol: H2
Server: 151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

OPTIONS
H2 200 challenge.js
www.paypal.com/auth/createchallenge/452cd51427350422/ Frame 0
0 334ms
333ms Other
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/auth/createchallenge/452cd51427350422/challenge.js
Protocol: H2
Server: 151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

OPTIONS
H2 200 client-log
www.paypal.com/signin/ Frame 0
0 257ms
257ms Other
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/signin/client-log
Protocol: H2
Server: 151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

OPTIONS
H2 200 cookie-banner
www.paypal.com/signin/ Frame 0
0 208ms
208ms Other
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/signin/cookie-banner
Protocol: H2
Server: 151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

OPTIONS
H2 200 load-resource
www.paypal.com/signin/ Frame 0
0 234ms
233ms Other
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paypal.com/signin/load-resource
Protocol: H2
Server: 151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

POST client-log
www.paypal.com/signin/ 0
0

GET
H/1.1 200
OK fb.js Show response
c.paypal.com/da/r/ 61 KB
21 KB 27ms
26ms Script
application/x-javascript 23.79.145.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/618/967ba2021aac02deb14b92e0202f8/js/signin-split.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.145.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-145-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:12:28 GMT
X-Pad: avoid browser bug
Vary: Accept-Encoding
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 21347
Last-Modified: Tue, 26 Jan 2021 03:41:11 GMT
Server: Apache
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Expires: Thu, 04 Mar 2021 20:12:28 GMT

GET challenge.js
www.paypal.com/auth/createchallenge/452cd51427350422/ 0
0

POST client-log
www.paypal.com/signin/ 0
0

GET cookie-banner
www.paypal.com/signin/ 0
0

POST load-resource
www.paypal.com/signin/ 0
0

GET
H/1.1 200
OK i Show response
c.paypal.com/v1/r/d/ Frame 2290 160 B
1 KB 198ms
197ms Document
text/html 23.79.145.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.79.145.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-145-158.deploy.static.akamaitechnologies.com

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: c.paypal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=authchallengenodeweb; x-pp-s=eyJ0IjoiMTYxNDgwMjM0NzkwNSIsImwiOiIwIiwibSI6IjAifQ; l7_az=dcg01.phx; ts_c=vr%3Df9b866ae1770a760c50fbd76fe33caeb%26vt%3Df9b866ae1770a760c50fbd76fe33caea; ts=vreXpYrS%3D1709496748%26vteXpYrS%3D1614804148%26vr%3Df9b866ae1770a760c50fbd76fe33caeb%26vt%3Df9b866ae1770a760c50fbd76fe33caea%26vtyp%3Dnew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

CORRELATION-ID: e7bf7d69be0ad
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Content-Length: 160
Content-Security-Policy-Report-Only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type: text/html;charset=UTF-8
Paypal-Debug-Id: e7bf7d69be0ad
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Wed, 03 Mar 2021 20:12:28 GMT
Connection: keep-alive

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v1/ Frame 3D3C
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7

42 B
299 B

147ms
53ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:12:28 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD02ZmU2YTk3ZWVhZDA0NTBjOGYzOWU1MDUxMWE2ZGY4MyZpPTc0LjEyNS4yMDguMTMmdD0xNjE0ODAyMzQ3LjQxMiZhPTIxJnM9VU5JRklFRF9MT0dJTiJJG7KUqlnrAG3sUE2MfhArtmW7
Date: Wed, 03 Mar 2021 20:12:28 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200
OK fb.js Show response
c.paypal.com/da/r/ Frame 2290 61 KB
21 KB 28ms
28ms Script
application/x-javascript 23.79.145.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.145.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-145-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:12:28 GMT
X-Pad: avoid browser bug
Vary: Accept-Encoding
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 21347
Last-Modified: Tue, 26 Jan 2021 03:41:11 GMT
Server: Apache
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Expires: Thu, 04 Mar 2021 20:12:28 GMT

POST
H/1.1 200
OK p1 Show response
c.paypal.com/v1/r/d/b/ Frame 2290 125 B
941 B 252ms
252ms XHR
application/json 23.79.145.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p1
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.145.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-145-158.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5ff4f4f731218dcc692df558d2c0dd71b86af85177cd9983309f9d1a718d6af8

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Mar 2021 20:12:28 GMT
CORRELATION-ID: 7ce65dc27fc81
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
Paypal-Debug-Id: 7ce65dc27fc81
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/json
Content-Length: 125

POST
H/1.1 200
OK p2 Show response
c.paypal.com/v1/r/d/b/ Frame 2290 125 B
695 B 212ms
212ms XHR
application/json 23.79.145.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p2
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.145.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-145-158.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eaf42b9e9a544c7b40c16c625a3f9e451dc2c268392ebbdf84f335473254b23a

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Mar 2021 20:12:28 GMT
CORRELATION-ID: 858bee7fce80c
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
Paypal-Debug-Id: 858bee7fce80c
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/json
Content-Length: 125

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 2290 0
103 B 182ms
182ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c6.paypal.com/v1/r/d/b/p3?f=6fe6a97eead0450c8f39e50511a6df83&s=UNIFIED_LOGIN_INPUT_EMAIL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:12:28 GMT
via: 1.1 varnish
correlation-id: dd7a49cc388c3
x-timer: S1614802349.523502,VS0,VE167
x-served-by: cache-hhn4042-HHN
x-cache: MISS
paypal-debug-id: dd7a49cc388c3
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
135 B 187ms
187ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1614802348700&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1614802347382&calc=fa4238a090e64&nsid=EX8yDYQpN3eYIh0t24Ir6lxlfOYSDgm0&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=6fe6a97eead0450c8f39e50511a6df83&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=103228%2C102557%2C101408%2C102390&xt=112802%2C109630%2C104576%2C108797&transition_name=ss_prepare_email&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&imsrc=setup&view=%7B%22t10%22%3A35%2C%22t11%22%3A1339%2C%22tcp%22%3A517%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A261%7D&pt=Connectez-vous%20%C3%A0%20votre%20compte%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=35&t1c=34&t1d=15&t1s=13&t2=378&t3=1&t4d=654&t4=663&t4e=2&tt=1078&rdc=0&res=%7B%7D&rtt=192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog/signin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:12:28 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1614802349.713102,VS0,VE164
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Wed, 03 Mar 2021 20:12:28 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11569-HHN, cache-ams21080-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/signin/client-log

Domain: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/452cd51427350422/challenge.js

Domain: www.paypal.com
URL: https://www.paypal.com/signin/client-log

Domain: www.paypal.com
URL: https://www.paypal.com/signin/cookie-banner

Domain: www.paypal.com
URL: https://www.paypal.com/signin/load-resource

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog
t.paypal.com
translate.google.com
translate.googleapis.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
151.101.1.21
151.101.14.133
151.101.65.35
23.79.145.158
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a04:4e42:600::291
64.4.245.84
0ce18b178a1baa3c0e03e9b22b65c2361f457925b02beb157d6246ed34bf4f64
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
5ff4f4f731218dcc692df558d2c0dd71b86af85177cd9983309f9d1a718d6af8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
876050fb89f3b77c04342ff6250ea1a5629d2265dd15bc2cff420850d797406b
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8d74c754522167bff563daf66fb2880e7cd906f98924e3367bc6dc3e8d3fa509
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b2a05d5d8da3b1439112394ee0607474a9c28a4a7f1be1599371e6e3b490172d
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
c40a0f5e4d1225fabc2a34cea9173c189b582f9536f2afc0b4d37bba2e409aaa
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
d1c3dbc8216af4cff041ba398565b08c026331df77864e36e95cde09209b88c1
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
e0b00fd89f103bf6d2ee36891f280161f4f0eb46944169e8a95d9aa977303655
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf42b9e9a544c7b40c16c625a3f9e451dc2c268392ebbdf84f335473254b23a

rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog Open in urlscan Pro 2a00:1450:4001:809::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

85 %HTTPS

50 %IPv6

6 Domains

11 Subdomains

11 IPs

2 Countries

250 kBTransfer

768 kBSize

0 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rlqtaoot2dtwjzcclgmwftt4um--www-paypal-com.translate.goog Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

85 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

250 kB
Transfer

768 kB
Size

0
Cookies

41 HTTP transactions
-1 data transactions