tools.stalinks.com Open in urlscan Pro
206.189.92.112  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request registration Show response tools.stalinks.com/	1 KB 2 KB	608ms 225ms	Document text/html	206.189.92.112 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://tools.stalinks.com/registration Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 206.189.92.112 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash d4c1d6f8bac47d9b349a43fbc1a745f7402219e26f45c31daa06565acbb968ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 02 Feb 2022 13:53:11 GMT Server Apache/2.4.41 (Ubuntu) Cache-Control no-cache, private Vary Accept-Encoding Content-Encoding gzip Content-Length 699 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/	58 KB 11 KB	99ms 56ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://tools.stalinks.com/ Origin https://tools.stalinks.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 13:53:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 804893 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10480 timing-allow-origin * last-modified Tue, 16 Mar 2021 19:29:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60510736-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfO%2BuPH6ctu9Hsbp%2Fboi51vOe%2Fyhgsp47obs6fo%2FLxFqMN%2FGsNKqCBL0DUw5c67TDogCPLgTemD6d9YL4tVGEwL65F3GUvRrG8USanjrcLpcLhK7rFBz4eETVQyg9UAqQ3TyjgESymOnn9HctsJxCmqZ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d73e780af57692e-FRA expires Mon, 23 Jan 2023 13:53:11 GMT
GET H/1.1	200 OK	app.css tools.stalinks.com/css/	2 MB 159 KB	189ms 189ms	Stylesheet text/css	206.189.92.112 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://tools.stalinks.com/css/app.css Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 206.189.92.112 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 4d0b2a2cf3ac3a813a42758247b38317c993eb5984975c31b24e18a6a57d0b1d Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/registration User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 13:53:11 GMT Content-Encoding gzip Last-Modified Tue, 01 Feb 2022 04:17:29 GMT Server Apache/2.4.41 (Ubuntu) ETag "1811f0-5d6ed2df24259-gzip" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99
GET H2	200	js Show response www.paypal.com/sdk/	342 KB 107 KB	599ms 490ms	Script application/javascript	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AZLgsyGy25hU7i6mRjf46jI_IpTgM9fRadQix1cbVqml4-ydrFH2Naakyx4aJxJIOURcFt9pA9-bGEIT&currency=USD Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b8b6bbc051d3fa6066f4f38a3f15564560251d31752d53d2e6bacbe1b6cf724f Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-v0ZF6YxVQndw2AnmgcztFlwFvhSEUBd3jE1XMW4whnJtpsH4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-v0ZF6YxVQndw2AnmgcztFlwFvhSEUBd3jE1XMW4whnJtpsH4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-v0ZF6YxVQndw2AnmgcztFlwFvhSEUBd3jE1XMW4whnJtpsH4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-v0ZF6YxVQndw2AnmgcztFlwFvhSEUBd3jE1XMW4whnJtpsH4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff age 0 via 1.1 varnish x-cache MISS p3p true paypal-debug-id f79485811b4af server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 108260 x-xss-protection 1; mode=block x-served-by cache-hhn4055-HHN x-timer S1643809992.858379,VS0,VE471 x-frame-options SAMEORIGIN date Wed, 02 Feb 2022 13:53:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=10800 etag W/"1a6e4-HJEBhNaCrT1J55dR9mDOcY9rxBI" accept-ranges bytes x-cache-hits 0
GET H/1.1	200 OK	app.js Show response tools.stalinks.com/js/	5 MB 1 MB	537ms 192ms	Script application/javascript	206.189.92.112 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://tools.stalinks.com/js/app.js Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 206.189.92.112 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash f0019a1336504096d7f6bd7aa8260ae3b18d52f3e60a02c7beccfcb8d2317937 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/registration User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 13:53:12 GMT Content-Encoding gzip Last-Modified Tue, 01 Feb 2022 04:19:24 GMT Server Apache/2.4.41 (Ubuntu) ETag "51de48-5d6ed34c72ccd-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	13 KB 5 KB	22ms 22ms	Script application/x-javascript	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=tools.stalinks.com&t=xo&v=5.0.279&source=payments_sdk&client_id=AZLgsyGy25hU7i6mRjf46jI_IpTgM9fRadQix1cbVqml4-ydrFH2Naakyx4aJxJIOURcFt9pA9-bGEIT&vault=false Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AZLgsyGy25hU7i6mRjf46jI_IpTgM9fRadQix1cbVqml4-ydrFH2Naakyx4aJxJIOURcFt9pA9-bGEIT&currency=USD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash da64187667249cd5a540154ddc299ea149df1bdfe6a176bd759bf3f611a257bb Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xiKfw1DcEwwJjEjxqgcDfxPsorDZtj/QS4H1akUYU6R/aAAA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xiKfw1DcEwwJjEjxqgcDfxPsorDZtj/QS4H1akUYU6R/aAAA' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff age 10419 x-cache HIT paypal-debug-id f311091ca0814 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4753 x-xss-protection 1; mode=block x-served-by cache-hhn4055-HHN x-timer S1643809993.511271,VS0,VE2 x-frame-options SAMEORIGIN date Wed, 02 Feb 2022 13:53:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/x-javascript; charset=utf-8 via 1.1 varnish cache-control public, max-age=3600 etag W/"3548-8p5gJ3lFPH+sOb1zCylHKq60mio" accept-ranges bytes x-cache-hits 1
GET H2	200	muse.js Show response www.paypalobjects.com/muse/	55 KB 16 KB	65ms 17ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/muse.js Requested by Host: www.paypal.com URL: https://www.paypal.com/tagmanager/pptm.js?id=tools.stalinks.com&t=xo&v=5.0.279&source=payments_sdk&client_id=AZLgsyGy25hU7i6mRjf46jI_IpTgM9fRadQix1cbVqml4-ydrFH2Naakyx4aJxJIOURcFt9pA9-bGEIT&vault=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c99732bf8ac7c7d998b435629314511b94de740265771f270f45b08e5e85ab4f Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 13:53:12 GMT content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT paypal-debug-id 405e5a9542c06 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 16464 x-served-by cache-sjc10070-SJC, cache-hhn4039-HHN last-modified Tue, 21 Dec 2021 17:39:14 GMT x-timer S1643809993.583438,VS0,VE0 etag W/"61c21142-da7e" strict-transport-security max-age=31557600 content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control public,max-age=3600 accept-ranges bytes x-cache-hits 328734, 117
GET H2	200	ts t.paypal.com/	42 B 764 B	231ms 183ms	Image image/gif	151.101.1.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AFZALTRKAWUGQW-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AFZALTRKAWUGQW-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=592e7e49-4190-4be8-b9c3-a5ab35456fc1&fltp=analytics&mrid=FZALTRKAWUGQW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Stalinks&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1643809992528&g=0&completeurl=https%3A%2F%2Ftools.stalinks.com%2Fregistration Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 13:53:12 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id d8efd6401783a x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4050-HHN pragma no-cache x-timer S1643809993.586217,VS0,VE165 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 02 Feb 2022 13:53:12 GMT
GET H2	200	index.html Show response www.paypalobjects.com/muse/analytics/ Frame 2F96	54 KB 17 KB	19ms 18ms	Document text/html	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/analytics/index.html Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/muse.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ecf06dedf2cd2406947af6daf66bc6ab53224366f9a31da716d4416a0c58e020 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ Response headers content-encoding gzip content-type text/html etag W/"61c21142-d9ea" last-modified Tue, 21 Dec 2021 17:39:14 GMT paypal-debug-id be807a3ecfd2b dc ccg11-origin-www-1.paypal.com via 1.1 varnish, 1.1 varnish accept-ranges bytes date Wed, 02 Feb 2022 13:53:12 GMT x-served-by cache-sjc10074-SJC, cache-hhn4039-HHN x-cache HIT, HIT x-cache-hits 348524, 264 x-timer S1643809993.618493,VS0,VE0 vary Accept-Encoding cache-control public,max-age=3600 x-content-type-options nosniff strict-transport-security max-age=31557600 content-length 16790
GET H2	200	noop.js Show response www.paypalobjects.com/muse/ Frame 2F96	18 B 202 B	17ms 17ms	Fetch application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/noop.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.paypalobjects.com/muse/analytics/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 13:53:12 GMT content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT paypal-debug-id ef9c765e4af1c x-cache-hits 314302, 112 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 38 x-served-by cache-sjc10026-SJC, cache-hhn4039-HHN last-modified Sat, 13 Feb 2021 00:26:56 GMT x-timer S1643809993.661397,VS0,VE0 etag "60271cd0-12" strict-transport-security max-age=31557600 content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control public,max-age=3600 accept-ranges bytes x-client-location DE
GET H2	200	ts t.paypal.com/	42 B 417 B	177ms 177ms	Image image/gif	151.101.1.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AFZALTRKAWUGQW-1&page=muse%3Aoffer%3A%3A%3AFZALTRKAWUGQW-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=592e7e49-4190-4be8-b9c3-a5ab35456fc1&es=visitorInfoFlowStarted&mrid=FZALTRKAWUGQW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Stalinks&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1643809992654&g=0&completeurl=https%3A%2F%2Ftools.stalinks.com%2Fregistration Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/registration Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 13:53:12 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id e7dd4df340cb4 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4050-HHN pragma no-cache x-timer S1643809993.662997,VS0,VE160 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 02 Feb 2022 13:53:12 GMT
POST H2	200	graphql Show response www.paypal.com/targeting/ Frame 2F96	434 B 2 KB	292ms 291ms	Fetch application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ce37e406c3cad332d960339cf803e505804d03c372eddcdff72e7d5b5b0b588d Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-A8WPMYCI+mtAYn+ZJFGRjpjP608Ase8b8NQqfjc6LeqyQxVg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.paypalobjects.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-A8WPMYCI+mtAYn+ZJFGRjpjP608Ase8b8NQqfjc6LeqyQxVg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; via 1.1 varnish vary Accept-Encoding x-cache MISS paypal-debug-id f312554a03338 date Wed, 02 Feb 2022 13:53:13 GMT server-timing content-encoding;desc="",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-hhn4055-HHN x-timer S1643809993.936793,VS0,VE263 x-frame-options SAMEORIGIN etag W/"1b2-2IOfITZfWoaL9nGSMB9Lg2bfYlg" strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypalobjects.com content-encoding br access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true accept-ranges none x-cache-hits 0
OPTIONS H2	204	graphql www.paypal.com/targeting/ Frame	0 0	249ms 213ms	Preflight	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.paypalobjects.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://www.paypalobjects.com access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate paypal-debug-id f312554f780ce dc ccg11-origin-www-1.paypal.com accept-ranges bytes date Wed, 02 Feb 2022 13:53:12 GMT via 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-served-by cache-hhn4039-HHN x-cache MISS x-cache-hits 0 x-timer S1643809993.721932,VS0,VE196 server-timing content-encoding;desc="",x-cdn;desc="fastly"
GET H/1.1	200 OK	background-login2.jpg tools.stalinks.com/images/	4 MB 4 MB	173ms 173ms	Image image/jpeg	206.189.92.112 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://tools.stalinks.com/images/background-login2.jpg Requested by Host: tools.stalinks.com URL: https://tools.stalinks.com/css/app.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 206.189.92.112 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash c828d091335b4bba3c42632fe498d0ae1351ab5b3103c008dea97178f232f5f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tools.stalinks.com/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 13:53:13 GMT Last-Modified Tue, 01 Feb 2022 04:17:06 GMT Server Apache/2.4.41 (Ubuntu) ETag "3f4033-5d6ed2c897a37" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4145203
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	815 B 1 KB	184ms 184ms	XHR application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AZLgsyGy25hU7i6mRjf46jI_IpTgM9fRadQix1cbVqml4-ydrFH2Naakyx4aJxJIOURcFt9pA9-bGEIT&currency=USD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1612cde897c8efcdeba8ead5882f68e7ba70bdfd9d94e89424b39bea40853604 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://tools.stalinks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 content-type application/json Response headers date Wed, 02 Feb 2022 13:53:15 GMT via 1.1 varnish x-content-type-options nosniff x-cache MISS paypal-debug-id f377179b0fae8 server-timing content-encoding;desc="",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-hhn4039-HHN x-timer S1643809995.021600,VS0,VE167 etag W/"32f-myWLyxoTvBwDTDKH9zrFiR2r3+Y" vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json; charset=utf-8 access-control-allow-origin https://tools.stalinks.com content-encoding br cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true accept-ranges none x-cache-hits 0
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	581ms 580ms	Preflight	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://tools.stalinks.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://tools.stalinks.com cache-control max-age=0, no-cache, no-store, must-revalidate paypal-debug-id f210865334228 x-content-type-options nosniff dc ccg11-origin-www-1.paypal.com accept-ranges none date Wed, 02 Feb 2022 13:53:15 GMT via 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-served-by cache-hhn4039-HHN x-cache MISS x-cache-hits 0 x-timer S1643809994.440877,VS0,VE562 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-encoding br vary accept-encoding

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __post_robot_10_0_44___uid_mvhxthxhxeamwlrsaugkgjxdfrjjzs object| paypal object| __zoid_9_0_86___uid_mvhxthxhxeamwlrsaugkgjxdfrjjzs object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| Color function| Chart object| __core-js_shared__ function| Hammer number| mce-data-1fqtbbso0 object| tinymce object| tinyMCE object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| Pusher function| Popper function| jQuery function| $ function| FreezeTable function| axios object| Echo function| swal

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tools.stalinks.com/	1970-01-20 00:36:57	Name: XSRF-TOKEN Value: eyJpdiI6IkphamtWSkc3UlJJRGVzcHg3N1VMRVE9PSIsInZhbHVlIjoiczhJQ29CQjQwd0djXC94blZxZFd2QzQ5VzJNbGFiUU1PaTJPejIrQW5rcDdDZXFwMjZNVDFFZ2VjTXhWQlZ2N20iLCJtYWMiOiIxNTBiZWVkNzQ0YzRjMmMxM2U2Y2RkYzUwMzU3MzNiMjYzZmVhY2EzZDg4OTgyYTA2YmUxNzFiMDIxZjg1YzZiIn0%3D
			tools.stalinks.com/	1970-01-20 00:36:57	Name: stalinks_session Value: eyJpdiI6ImNcL1wvSXhqUTlyV0hzSEdBbVBrdnFwQT09IiwidmFsdWUiOiJHNFprSmpURU9maHJNU1wvSnhUN1pUczkyXC9YUHpzRWtlV2RseUpwaUR0Rzc5ZEt1KzlMaDZQcjBTekxMSVRyOG0iLCJtYWMiOiI3MzhmYjhhYTdkZTE1MTU1MmY0MmI3MGVhNjZhZjk0OTk0MmRlOTM0ZmIyZWI1MzczNTEyMTYyNTQ2ZjhlNTg4In0%3D
			.paypalobjects.com/	1970-01-20 00:41:09	Name: paypal-offers--country Value: DE
			.paypal.com/	1970-01-21 02:53:37	Name: ts_c Value: vr%3Dbab5f02c17e0a57060b0427bffffffff%26vt%3Dbab5f02c17e0a57060b0427bfffffffe
			.paypal.com/	1970-01-20 09:22:25	Name: enforce_policy Value: gdpr_v2.1
			.paypal.com/	1970-01-20 00:37:21	Name: LANG Value: de_DE%3BDE
			.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0MzgwOTk5MzEyNCIsImwiOiIwIiwibSI6IjAifQ
			.paypal.com/	1970-01-20 00:41:09	Name: tsrce Value: targetingnodeweb
			www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AUlcGrpbtwieca7tJb4KNg7jACTKv6qIC.nQ%2FUECfST1qHmkrN%2BUZy7d6UdBm%2F4mM45dlijbcLVFY
			.paypal.com/	1970-01-20 00:36:51	Name: l7_az Value: dcg15.slc
			.paypal.com/	1970-01-21 02:53:37	Name: ts Value: vreXpYrS%3D1738504393%26vteXpYrS%3D1643811793%26vr%3Dbab5f02c17e0a57060b0427bffffffff%26vt%3Dbab5f02c17e0a57060b0427bfffffffe%26vtyp%3D
			.paypalobjects.com/	1970-01-20 00:38:16	Name: paypal-offers--cust Value: null:null:null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
t.paypal.com
tools.stalinks.com
www.paypal.com
www.paypalobjects.com
151.101.1.21
151.101.1.35
151.101.194.133
206.189.92.112
2606:4700::6810:135e
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
1612cde897c8efcdeba8ead5882f68e7ba70bdfd9d94e89424b39bea40853604
4d0b2a2cf3ac3a813a42758247b38317c993eb5984975c31b24e18a6a57d0b1d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
b8b6bbc051d3fa6066f4f38a3f15564560251d31752d53d2e6bacbe1b6cf724f
c828d091335b4bba3c42632fe498d0ae1351ab5b3103c008dea97178f232f5f2
c99732bf8ac7c7d998b435629314511b94de740265771f270f45b08e5e85ab4f
ce37e406c3cad332d960339cf803e505804d03c372eddcdff72e7d5b5b0b588d
d4c1d6f8bac47d9b349a43fbc1a745f7402219e26f45c31daa06565acbb968ec
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da64187667249cd5a540154ddc299ea149df1bdfe6a176bd759bf3f611a257bb
ecf06dedf2cd2406947af6daf66bc6ab53224366f9a31da716d4416a0c58e020
f0019a1336504096d7f6bd7aa8260ae3b18d52f3e60a02c7beccfcb8d2317937