urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal-experience.com Open in urlscan Pro
95.100.70.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Effective URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Submission: On July 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 45 HTTP transactions. The main IP is 95.100.70.90, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.paypal-experience.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 20th 2019. Valid for: 2 years.
This is the only time www.paypal-experience.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31 95.100.70.90 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2.17.189.61 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 92.122.106.46 16625 (AKAMAI-AS)
6 104.17.208.240 13335 (CLOUDFLAR...)
45 8
31    95.100.70.90 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-70-90.deploy.static.akamaitechnologies.com
www.paypal-experience.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2.17.189.61 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-189-61.deploy.static.akamaitechnologies.com
www.qualtrics.com
3    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    92.122.106.46 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-106-46.deploy.static.akamaitechnologies.com
s.qualtrics.com
6    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
siteintercept.qualtrics.com
Domain Requested by
31 www.paypal-experience.com 1 redirects www.paypal-experience.com
www.gstatic.com
5 siteintercept.qualtrics.com zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
3 www.google.com www.paypal-experience.com
www.gstatic.com
2 unpkg.com www.paypal-experience.com
1 zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com www.paypal-experience.com
1 s.qualtrics.com www.paypal-experience.com
1 www.gstatic.com www.google.com
1 www.qualtrics.com www.paypal-experience.com
1 code.jquery.com www.paypal-experience.com
45 9

This site contains links to these domains. Also see Links.

Domain
www.qualtrics.com
en.wikipedia.org
play.google.com
itunes.apple.com
Subject Issuer Validity Valid
www.paypal-experience.com
DigiCert SHA2 Extended Validation Server CA		 2019-11-20 -
2021-11-23		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Frame ID: C29848404422181F40668B99D917F97E
Requests: 42 HTTP requests in this frame

Frame: https://www.qualtrics.com/login-banners/
Frame ID: 91350ABB23722F7BDDB58A48E5B86D9F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&co=aHR0cHM6Ly93d3cucGF5cGFsLWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=zc6fjyjlj5al
Frame ID: 430D72C578B44DEA4FAEA537A5C42E96
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&cb=p0206er0t9vr
Frame ID: 8143D93F19B5CD2C2F9DE2C4DEDA81D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/ HTTP 307
    https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/ Page URL

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

749 kB
Transfer

1830 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/ HTTP 307
    https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.paypal-experience.com/
Redirect Chain
  • http://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
  • https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c8a4f964b948a6653e265c633d2068ca270782899ec9b0a3e2a1697104d56c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.paypal-experience.com
:scheme
https
:path
/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-transaction-id
50a43378-312a-41b5-bf7f-63c38442dd49
x-request-id
b83515fa-9754-478c-9142-dc419ca768a0
dc
co1
host
5
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
x-frame-options
SAMEORIGIN
content-type
text/html;charset=utf-8
content-length
10067
content-encoding
gzip
date
Sun, 26 Jul 2020 19:07:46 GMT
vary
Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Date
Sun, 26 Jul 2020 19:07:46 GMT
Connection
keep-alive
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
bundle.css
www.paypal-experience.com/login/static/css/ 		342 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/css/bundle.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3093fd1ce388a73218d30409c7e9b494b27a4e4b8f42546538f93810fa22afcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:36:08 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
text/css
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
106366
bundle.js
www.paypal-experience.com/login/static/js/ 		591 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1643bb1adb962533357a8220e8b268487dadfc37a8f240d4ef44c5f3fabe8d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
application/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
257014
utils.js
www.paypal-experience.com/login/static/js/ 		212 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/js/utils.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ceeffe3e09cac9c3da21489f01904e6dcecbdb5ea4f6525861170cb38afdb9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:35:53 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
application/javascript
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
86832
pep.js
code.jquery.com/pep/0.4.3/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/pep/0.4.3/pep.js
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c99a5950b8da3e594549115f4ba26c0efb9cc91777c8da3bc8a73f62c31002c9

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
last-modified
Tue, 09 May 2017 00:52:09 GMT
server
nginx
status
200
etag
W/"591112b9-a3b2"
vary
Accept-Encoding
x-hw
1595790466.dop209.fr8.t,1595790466.cds201.fr8.hn,1595790466.cds204.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10335
login.css
www.paypal-experience.com/login/static/brands/default/ 		33 B
302 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/brands/default/login.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
534c2c7e362dcf726c76132b04267468609f7f50c3f78836c8056b550ac9ae25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:36:08 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
text/css
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
53
/
www.qualtrics.com/login-banners/ Frame 9135 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.qualtrics.com/login-banners/
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.189.61 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-189-61.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.qualtrics.com
:scheme
https
:path
/login-banners/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/

Response headers

status
200
content-type
text/html; charset=UTF-8
content-length
6054
server
Apache
last-modified
Wed, 08 Jul 2020 14:05:42 GMT
etag
"4e69-5a9ee9a7e2f12-gzip"
accept-ranges
bytes
content-encoding
gzip
x-xss-protection
1; mode=block
date
Sun, 26 Jul 2020 19:07:47 GMT
vary
Accept-Encoding
report-to
{ "group": "csp-endpoint", "max-age": 10886400, "endpoints": [ { "url": "https://sjc1.qualtrics.com/csp-report" } ] }
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report; report-to csp-endpoint
strict-transport-security
max-age=31536000; includeSubDomains; preload
QualtricsGrotesque-Regular.94266c85c1.woff
www.paypal-experience.com/login/static/css/qstrap/dist/fonts/ 		35 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/css/qstrap/dist/fonts/QualtricsGrotesque-Regular.94266c85c1.woff
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
088c2e61ebb4a3d61ad7f254621c688a1fa2206819a37fd386fd395df240a337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paypal-experience.com/login/static/css/bundle.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Origin
https://www.paypal-experience.com

Response headers

date
Sun, 26 Jul 2020 19:07:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
application/font-woff
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
38088
login.min.html
www.paypal-experience.com/login/static/views/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/login.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f0f83cac16640c7b6f5e47468600503efa0eb9407e9586dda188c99adbe0b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
status
200
vary
Accept-Encoding
content-length
3842
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
api.js
www.google.com/recaptcha/ 		733 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en-US
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
355c30cade738a3c9de5b65c3cf122657d60b283537a7da59a521df7117a18ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
467
x-xss-protection
1; mode=block
expires
Sun, 26 Jul 2020 19:07:47 GMT
account-select.min.html
www.paypal-experience.com/login/static/views/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/account-select.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e0c88d31a2948c37c6cfc0f634a0463177c82a47ee3ba82ef7c750d62bc2eb09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
status
200
vary
Accept-Encoding
content-length
1048
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
link-expired.min.html
www.paypal-experience.com/login/static/views/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/link-expired.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a302a5ce2fba8fe3b7ec215e8cdf10d74d5bd52cead0a68dcae3902f96e1f802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
status
200
vary
Accept-Encoding
content-length
703
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
logo.min.html
www.paypal-experience.com/login/static/views/ 		217 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/logo.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10bb8349b6608620e18f161a994985138431253ee00c90e3bd3972c0bed4bd9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
217
x-xss-protection
1; mode=block
expires
0
btn.min.html
www.paypal-experience.com/login/static/views/ 		181 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/btn.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18b3e0482fde82d77b7088881e3703fb1ebdadb53629cd2b8cf8b544416e75fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
181
x-xss-protection
1; mode=block
expires
0
authenticator-app-info.min.html
www.paypal-experience.com/login/static/views/ 		679 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/authenticator-app-info.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76a7d4e56249b957e04de0764780013c2de1d19f285c61ee45c9e3222ab2524e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
679
x-xss-protection
1; mode=block
expires
0
scan-qr-code.min.html
www.paypal-experience.com/login/static/views/ 		667 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/scan-qr-code.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35c7c487697caaf215ba32d40aff9f4eb11f5f82b28bd02298afdb33db116399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
667
x-xss-protection
1; mode=block
expires
0
input-token.min.html
www.paypal-experience.com/login/static/views/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/input-token.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c491f886cf5a8e58f71f3117773b4c03c38c1a0c25182cc56d36b51c3620daca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
status
200
vary
Accept-Encoding
content-length
1011
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
mfa-login-options.min.html
www.paypal-experience.com/login/static/views/ 		808 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/mfa-login-options.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bdd551431e092ae83fabd3df71e28814bde3158bff0396ea7b88dd14810ca5f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
808
x-xss-protection
1; mode=block
expires
0
mfa-backup-codes.min.html
www.paypal-experience.com/login/static/views/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/mfa-backup-codes.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e853d8aeb81b70b809ad38a92168245d5f2635267301167c9377466b475bb164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
status
200
vary
Accept-Encoding
content-length
741
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
0
mfa-link-expired.min.html
www.paypal-experience.com/login/static/views/ 		222 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/mfa-link-expired.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
791e0134ca68f33915cf7cd7bce494a7c8a03f6e2f565e2f7d412f5cfa2223b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
222
x-xss-protection
1; mode=block
expires
0
verifying-request.min.html
www.paypal-experience.com/login/static/views/ 		309 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/verifying-request.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d80827734119a1c5aaf56d12c2d5c4b3fcb667b2f44abb05e6a17013da3cc74a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
309
x-xss-protection
1; mode=block
expires
0
enroll-extra-factors-message.min.html
www.paypal-experience.com/login/static/views/ 		475 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/enroll-extra-factors-message.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20845ee25b7349f19eeaf8345d5d929502217328e5a1cf05ae7f1e5ac932eb8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
475
x-xss-protection
1; mode=block
expires
0
mfa-finish-enrolling-message.min.html
www.paypal-experience.com/login/static/views/ 		383 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/mfa-finish-enrolling-message.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
023555cc2cfe93f4c35da8b038a3ee255e2d0c1c7194ec3926f4fe4acbd5f5d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
383
x-xss-protection
1; mode=block
expires
0
mfa-enter-phone-number.min.html
www.paypal-experience.com/login/static/views/ 		780 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/mfa-enter-phone-number.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98377bb6ad06c06153cfe39f9bfee582cf679cd84e2035171cd4c9f929fc25b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
780
x-xss-protection
1; mode=block
expires
0
user.min.svg
www.paypal-experience.com/login/static/client/img/ 		515 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypal-experience.com/login/static/client/img/user.min.svg
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08afd4d45509228cfb3e52be6b85eda3827f61e2c4d9781186f3b6cf1fb2366d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login/static/css/bundle.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
last-modified
Thu, 23 Jul 2020 18:36:08 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
515
lock.min.svg
www.paypal-experience.com/login/static/client/img/ 		336 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypal-experience.com/login/static/client/img/lock.min.svg
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c87f5d2c7847f1fbdee321f7e0a59091815b26aa29fe63449058b9528aae26ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login/static/css/bundle.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
last-modified
Thu, 23 Jul 2020 18:35:56 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
336
recaptcha__en.js
www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/ 		330 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 16:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Jul 2020 04:04:52 GMT
server
sffe
age
527307
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133183
x-xss-protection
0
expires
Tue, 20 Jul 2021 16:39:20 GMT
base-styles.css
unpkg.com/@qualtrics/base-styles@0.1.5/dist/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@qualtrics/base-styles@0.1.5/dist/base-styles.css
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbaec9f50580d4f6860c6360b93c1b4cfc516896fe29184244d64a1d1a72627c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5875618
status
200
vary
Accept-Encoding
cf-request-id
042e1f39050000dffb9817c200000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"f93-K4Iu+I/mtQvXprIcx6m26pElt44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e6aa281ba27fc6be8208509478a236a5
cache-control
public, max-age=31536000
cf-ray
5b9067d4d997dffb-FRA
qualtrics-logo.png
s.qualtrics.com/login/static/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.qualtrics.com/login/static/qualtrics-logo.png
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.106.46 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-106-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0158ddde64943547d9c915c7c38bdf2b288c3ccd300434bd45660e5008c03890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 26 Jul 2020 19:07:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 23 Jul 2020 18:35:56 GMT
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
Content-Type
image/png
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
5263
qualtrics-logo.min.svg
www.paypal-experience.com/login/static/client/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypal-experience.com/login/static/client/img/qualtrics-logo.min.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c4c68ebcdda27349bf624fe7583b36d5369e2b6b3e3a758136011c8037cdb58b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.paypal-experience.com/login/static/css/bundle.css?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 23 Jul 2020 18:36:08 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
image/svg+xml
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
2882
anchor
www.google.com/recaptcha/api2/ Frame 430D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&co=aHR0cHM6Ly93d3cucGF5cGFsLWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=zc6fjyjlj5al
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Cvkee36sCcUpBbzdzl7OBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&co=aHR0cHM6Ly93d3cucGF5cGFsLWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=zc6fjyjlj5al
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Jul 2020 19:07:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-Cvkee36sCcUpBbzdzl7OBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10424
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
two-step-header.min.html
www.paypal-experience.com/login/static/views/ 		52 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/two-step-header.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51dc745bbc605bbdb23bbc4f76a562676e5c4b620f40b95f057a4c4deb4d751e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
52
x-xss-protection
1; mode=block
expires
0
more-verification-options-button.min.html
www.paypal-experience.com/login/static/views/ 		134 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/more-verification-options-button.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
442c6568c5cb7036bdb7ec132d7753a16fe52e3c99bc048869a4faa654c59cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
134
x-xss-protection
1; mode=block
expires
0
back-to-login-button.min.html
www.paypal-experience.com/login/static/views/ 		103 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/back-to-login-button.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0dacf7a647bb02fc79a88e4b6369e668864d38e24fa2a16fb2baf32e6701363a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
103
x-xss-protection
1; mode=block
expires
0
authenticator-app-option.min.html
www.paypal-experience.com/login/static/views/ 		178 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/authenticator-app-option.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93c4955981e31b27a29f182b80dd52e51da27a15d57cadf34022e8330cf2c8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
178
x-xss-protection
1; mode=block
expires
0
bold-header.min.html
www.paypal-experience.com/login/static/views/ 		119 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/bold-header.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e85641c9f14732ae64ebdfcb55fa76fe74ed33b99c3e9fe6b40ddc757a364a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
119
x-xss-protection
1; mode=block
expires
0
error-banner.min.html
www.paypal-experience.com/login/static/views/ 		192 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal-experience.com/login/static/views/error-banner.min.html
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.70.90 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-70-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5259e21499eb6f973f5d37d6fdab6cb137c0f5af8c78386a1960c08b268e4e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 18:36:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
content-length
192
x-xss-protection
1; mode=block
expires
0
QualtricsGrotesque-Regular.woff
unpkg.com/@qualtrics/base-styles@0.1.5/dist/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@qualtrics/base-styles@0.1.5/dist/fonts/QualtricsGrotesque-Regular.woff
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088c2e61ebb4a3d61ad7f254621c688a1fa2206819a37fd386fd395df240a337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://unpkg.com/@qualtrics/base-styles@0.1.5/dist/base-styles.css
Origin
https://www.paypal-experience.com

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14726999
status
200
vary
Accept-Encoding
content-length
36256
cf-request-id
042e1f395b00009790c69bb200000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
"8da0-yvgiz7WY/3Qvq3FPce67yLNX7JA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
access-control-allow-origin
*
x-cloud-trace-context
549b0b138daa0e1522916c3cf96831a2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5b9067d558f89790-FRA
/
zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Requested by
Host: www.paypal-experience.com
URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
223589df4916eeedfa83574feffc6fb4309218d2342af9d307b53a5ec7d8fa3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
317189
cf-polished
origSize=53500
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
042e1f3a4f000004765e908200000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"d0fc-BJhoTjqRgGnbRB4+nOc+AbcQJ1o"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
5b9067d6e9360476-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
bframe
www.google.com/recaptcha/api2/ Frame 8143 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&cb=p0206er0t9vr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kr8QU45Hq+n9XSBz7GiHMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LdFdyQTAAAAAM5BnlGoA6uwbNuuBjUmHaEzF007&cb=p0206er0t9vr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Jul 2020 19:07:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-Kr8QU45Hq+n9XSBz7GiHMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1177
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cYDxfeM8jruPnSJ&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
URL: https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df727b7cfe5c4052b017a1c4d03da013258ef569cf4c4b1c268d2e10dd00f53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
vary
Accept-Encoding
cf-request-id
042e1f3aab000004765e90b200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.paypal-experience.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=315360000
access-control-allow-credentials
true
cf-ray
5b9067d77a750476-CDG
servershortname
expires
Wed, 24 Jul 2030 19:07:47 GMT
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
URL: https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
317212
cf-polished
origSize=89652
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
042e1f3b67000004765e912200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"15e34-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9067d8ad040476-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cYDxfeM8jruPnSJ&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web&t=1595790468008&Q_VSI=%7B%22SI_0qacHGe4VwpAUq9%22%3A%22DependencyResolver%22%2C%22SI_3t0BSEVEUwskQsJ%22%3A%22DependencyResolver%22%2C%22SI_3WrDyc4ChPAfwEd%22%3A%22DependencyResolver%22%2C%22SI_4O44zUPxReYbFQN%22%3A%22DependencyResolver%22%2C%22SI_6x9lxIq9TV4xghL%22%3A%22DependencyResolver%22%2C%22SI_7O0GWyBPyX4RVfD%22%3A%22DependencyResolver%22%2C%22SI_8dzlQi5fo4dD6Bf%22%3A%22DependencyResolver%22%2C%22SI_8q9ADi9coNqKnPf%22%3A%22DependencyResolver%22%2C%22SI_9H3wdxm8RvjEB3T%22%3A%22DependencyResolver%22%2C%22SI_aarNS67qrISVBCl%22%3A%22DependencyResolver%22%2C%22SI_aWbyKLXqYR3B4lT%22%3A%22DependencyResolver%22%2C%22SI_b3l8c64pWZWhdpH%22%3A%22DependencyResolver%22%2C%22SI_bxBaShXw0QG5pit%22%3A%22DependencyResolver%22%7D&Q_DPR=true
Requested by
Host: zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
URL: https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4138eef03908b9ae4881731e77ab6923d25cd0d9e5d6b0a1ef746540b17162b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 26 Jul 2020 19:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
vary
Accept-Encoding
cf-request-id
042e1f3baf000004765e917200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.paypal-experience.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=315360000
access-control-allow-credentials
true
cf-ray
5b9067d91df30476-CDG
servershortname
expires
Wed, 24 Jul 2030 19:07:48 GMT
12.0da2f5012e49e065e383.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0da2f5012e49e065e383.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
URL: https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
317194
cf-polished
origSize=2639
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
042e1f3c67000004765e91f200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9067da384e0476-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.2d7df593a54f23d86743.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.2d7df593a54f23d86743.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
URL: https://zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYDxfeM8jruPnSJ&Q_LOC=https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F&t=1595790467596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal-experience.com/login?g-recaptcha-response=http://hitihytzzyaii.bxss.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 26 Jul 2020 19:07:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
317208
cf-polished
origSize=26960
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
042e1f3c68000004765e920200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6950-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9067da48520476-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onloadCallback object| Qualtrics function| qrcode function| $ function| jQuery object| angular object| intlTelInputUtils object| PointerEventsPolyfill object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| closure_lm_189595 object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.31.3 object| _qsie

3 Cookies

Domain/Path Name / Value
.qualtrics.com/ Name: q_marketing_utm_ref_tracking
Value: %7B%22params%22%3A%22%22%2C%22referrer%22%3A%22https%253A%252F%252Fwww.paypal-experience.com%252Flogin%253Fg-recaptcha-response%253Dhttp%253A%252F%252Fhitihytzzyaii.bxss.me%252F%22%2C%22landingPage%22%3A%22https%3A%2F%2Fwww.qualtrics.com%2Flogin-banners%2F%22%2C%22convertingPagePath%22%3A%22https%3A%2F%2Fwww.qualtrics.com%2Flogin-banners%2F%22%2C%22convertingPage%22%3A%22https%3A%2F%2Fwww.qualtrics.com%2Flogin-banners%2F%22%7D
.qualtrics.com/ Name: __gtm_referrer
Value: https%3A%2F%2Fwww.paypal-experience.com%2Flogin%3Fg-recaptcha-response%3Dhttp%3A%2F%2Fhitihytzzyaii.bxss.me%2F
.qualtrics.com/ Name: _gcl_au
Value: 1.1.615118970.1595790467

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.paypal-experience.com/login/static/js/bundle.js?v=b36e5e8471b70eb8a94ea005c5c56576d6d4e8d0(Line 130)
Message:
pascalprecht.translate.$translateSanitization: No sanitization strategy has been configured. This can have serious security implications. See http://angular-translate.github.io/docs/#/guide/19_security for details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
s.qualtrics.com
siteintercept.qualtrics.com
unpkg.com
www.google.com
www.gstatic.com
www.paypal-experience.com
www.qualtrics.com
zncydxfem8jrupnsj-qwebsite.siteintercept.qualtrics.com
104.17.208.240
2.17.189.61
2001:4de0:ac19::1:b:1b
2606:4700::6810:7baf
2a00:1450:4001:819::2003
2a00:1450:4001:81d::2004
92.122.106.46
95.100.70.90
0158ddde64943547d9c915c7c38bdf2b288c3ccd300434bd45660e5008c03890
023555cc2cfe93f4c35da8b038a3ee255e2d0c1c7194ec3926f4fe4acbd5f5d4
088c2e61ebb4a3d61ad7f254621c688a1fa2206819a37fd386fd395df240a337
08afd4d45509228cfb3e52be6b85eda3827f61e2c4d9781186f3b6cf1fb2366d
0c8a4f964b948a6653e265c633d2068ca270782899ec9b0a3e2a1697104d56c5
0dacf7a647bb02fc79a88e4b6369e668864d38e24fa2a16fb2baf32e6701363a
10bb8349b6608620e18f161a994985138431253ee00c90e3bd3972c0bed4bd9e
18b3e0482fde82d77b7088881e3703fb1ebdadb53629cd2b8cf8b544416e75fc
20845ee25b7349f19eeaf8345d5d929502217328e5a1cf05ae7f1e5ac932eb8a
223589df4916eeedfa83574feffc6fb4309218d2342af9d307b53a5ec7d8fa3e
3093fd1ce388a73218d30409c7e9b494b27a4e4b8f42546538f93810fa22afcf
355c30cade738a3c9de5b65c3cf122657d60b283537a7da59a521df7117a18ad
35c7c487697caaf215ba32d40aff9f4eb11f5f82b28bd02298afdb33db116399
4138eef03908b9ae4881731e77ab6923d25cd0d9e5d6b0a1ef746540b17162b9
442c6568c5cb7036bdb7ec132d7753a16fe52e3c99bc048869a4faa654c59cc2
51dc745bbc605bbdb23bbc4f76a562676e5c4b620f40b95f057a4c4deb4d751e
5259e21499eb6f973f5d37d6fdab6cb137c0f5af8c78386a1960c08b268e4e39
534c2c7e362dcf726c76132b04267468609f7f50c3f78836c8056b550ac9ae25
61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
76a7d4e56249b957e04de0764780013c2de1d19f285c61ee45c9e3222ab2524e
791e0134ca68f33915cf7cd7bce494a7c8a03f6e2f565e2f7d412f5cfa2223b1
93c4955981e31b27a29f182b80dd52e51da27a15d57cadf34022e8330cf2c8f1
98377bb6ad06c06153cfe39f9bfee582cf679cd84e2035171cd4c9f929fc25b7
a1643bb1adb962533357a8220e8b268487dadfc37a8f240d4ef44c5f3fabe8d2
a302a5ce2fba8fe3b7ec215e8cdf10d74d5bd52cead0a68dcae3902f96e1f802
bdd551431e092ae83fabd3df71e28814bde3158bff0396ea7b88dd14810ca5f4
c491f886cf5a8e58f71f3117773b4c03c38c1a0c25182cc56d36b51c3620daca
c4c68ebcdda27349bf624fe7583b36d5369e2b6b3e3a758136011c8037cdb58b
c87f5d2c7847f1fbdee321f7e0a59091815b26aa29fe63449058b9528aae26ea
c99a5950b8da3e594549115f4ba26c0efb9cc91777c8da3bc8a73f62c31002c9
cbaec9f50580d4f6860c6360b93c1b4cfc516896fe29184244d64a1d1a72627c
ceeffe3e09cac9c3da21489f01904e6dcecbdb5ea4f6525861170cb38afdb9d1
d80827734119a1c5aaf56d12c2d5c4b3fcb667b2f44abb05e6a17013da3cc74a
df727b7cfe5c4052b017a1c4d03da013258ef569cf4c4b1c268d2e10dd00f53e
e0c88d31a2948c37c6cfc0f634a0463177c82a47ee3ba82ef7c750d62bc2eb09
e1f0f83cac16640c7b6f5e47468600503efa0eb9407e9586dda188c99adbe0b9
e853d8aeb81b70b809ad38a92168245d5f2635267301167c9377466b475bb164
e85641c9f14732ae64ebdfcb55fa76fe74ed33b99c3e9fe6b40ddc757a364a54