www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=...
Submission: On December 29 via api (December 29th 2022, 9:02:49 pm UTC) from IE — Scanned from DE

Summary HTTP 39 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 151.101.1.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2261.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 10th 2022. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
21	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	2600:9000:230... 2600:9000:2304:4e00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
39	7

5 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2304:4e00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2207	683 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2261 t.paypal.com — Cisco Umbrella Rank: 3169	35 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2510	43 KB
3	gstatic.com www.gstatic.com	350 KB
2	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4313	8 KB
1	qualtrics.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 18762	10 KB
39	6

	Domain	Requested by
21	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
5	www.paypal.com	www.paypal.com www.paypalobjects.com
4	www.recaptcha.net	www.paypal.com www.gstatic.com www.recaptcha.net
3	www.gstatic.com	www.recaptcha.net
3	t.paypal.com	www.paypal.com
2	images.ctfassets.net	www.paypal.com
1	zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	www.paypalobjects.com
39	7

This site contains links to these domains. Also see Links.

Domain
newsroom.deatch.paypal-corp.com
itunes.apple.com
play.google.com
www.paypal.me
developer.paypal.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
Frame ID: FCB7A85604075D3CD880354428BA4F4A
Requests: 31 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: C62A7C650019398BC58CB519E9F7365C
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=bvtrza9xs9l8
Frame ID: F2950BD5944E5F02DCC2C6B5D14E55DB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal-App: Geld senden und empfangen | PayPal CH

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Page Statistics

39
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

1127 kB
Transfer

3638 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://newsroom.deatch.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ch/app/paypal/id283646709?mt=8
Title: apple

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.paypal.android.p2pmobile&hl=ch
Title: google

Search URL Search Domain Scan URL

URL: https://www.paypal.me/?country.x=CH&locale.x=de_CH
Title: PayPal.Me-Link erstellen

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/de/app/paypal/id283646709?mt=8
Title: apple

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.paypal.android.p2pmobile&hl=de
Title: google

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/
Title: Integration Center

Search URL Search Domain Scan URL

URL: https://newsroom.deatch.paypal-corp.com/?categoryId=company-news
Title: Presse

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mobile-apps Show response
www.paypal.com/ch/webapps/mpp/ 85 KB
21 KB 616ms
498ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a6847ac44dabf7f1b6f8489a300f91acbbc99ce5d428fee391c6d9b0ba59eb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-CyqPR8PYoyTagMkvL8476cy+BSD+qR08rP17/XdmM9jRp7U6' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-CyqPR8PYoyTagMkvL8476cy+BSD+qR08rP17/XdmM9jRp7U6' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 29 Dec 2022 21:02:43 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"15286-CysLofo/Fo4BBihtmYtDH2SQY9k"
paypal-debug-id: f3032980be337
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3032980be337-d81b5bb574b1c94f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220098-HHN
x-timer: S1672347763.737523,VS0,VE460
x-xss-protection: 1; mode=block

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 22 KB
7 KB 130ms
37ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a299bad7148fbf0da85a232d8dee2aebbfaa77e8cf41956a0e164ec71304a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 62bd5716224af
dc: ccg11-origin-www-1.paypal.com
content-length: 6717
x-served-by: cache-sjc10023-SJC, cache-hhn-etou8220062-HHN
last-modified: Mon, 19 Dec 2022 07:29:53 GMT
traceparent: 00-000000000000000000062bd5716224af-a65a9312dc3a687e-01
x-timer: S1672347763.349671,VS0,VE0
etag: W/"63a012f1-595c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 13, 228256

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 132ms
39ms Font
application/font-woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 1286a678933af
dc: ccg11-origin-www-1.paypal.com
content-length: 18320
x-served-by: cache-sjc10080-SJC, cache-hhn-etou8220023-HHN
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
x-timer: S1672347763.351039,VS0,VE0
etag: "5a66ae4b-4790"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 51286, 28881

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 132ms
39ms Font
application/font-woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 8c8861f97f0a0
dc: ccg11-origin-www-1.paypal.com
content-length: 18360
x-served-by: cache-sjc10053-SJC, cache-hhn-etou8220023-HHN
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
x-timer: S1672347763.351022,VS0,VE0
etag: "5a66a30d-47b8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 249860, 26585

GET
H2 200 35d213442a22292bdb85bc360975431c2bf2e6.css
www.paypalobjects.com/marketing-resources/css/c6/ 479 KB
66 KB 136ms
43ms Stylesheet
text/css 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/c6/35d213442a22292bdb85bc360975431c2bf2e6.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f158d9c8d0aea0ebd05994b485538aadf1170c0c44bdbb9fa5b7aacf101e2e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 4b45b45c24b19
dc: ccg11-origin-www-1.paypal.com
content-length: 67493
x-served-by: cache-sjc10078-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 20 Dec 2022 05:48:24 GMT
traceparent: 00-00000000000000000004b45b45c24b19-62ba6d404a2b3651-01
x-timer: S1672347763.350092,VS0,VE0
etag: W/"63a14ca8-77c9c"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 17, 17480

GET
H2 200 react-17_0_1-bundle.js Show response
www.paypalobjects.com/marketing-resources/vendors/ 132 KB
44 KB 97ms
97ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 15802799ae7df
dc: ccg11-origin-www-1.paypal.com
content-length: 44545
x-served-by: cache-sjc10032-SJC, cache-hhn-etou8220062-HHN
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
traceparent: 00-000000000000000000015802799ae7df-51955c0603512201-01
x-timer: S1672347763.389789,VS0,VE0
etag: W/"603428fb-20ee8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1288, 17517

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 55 KB
21 KB 131ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71b766fc984d8d985e8e9e3b9feb3cd2046536de7bcdd0c8808d30650a737a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 320fe4d058b29
dc: ccg11-origin-www-1.paypal.com
content-length: 21561
x-served-by: cache-sjc10020-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 13 Dec 2022 00:51:23 GMT
traceparent: 00-0000000000000000000320fe4d058b29-162585d4a82500c6-01
x-timer: S1672347763.349680,VS0,VE0
etag: W/"6397cc8b-dd34"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 9, 417791

GET
H2 200 open-chat.js Show response
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 1 KB
955 B 112ms
112ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 3c55c1d95fdc3
dc: ccg11-origin-www-1.paypal.com
content-length: 779
x-served-by: cache-sjc10047-SJC, cache-hhn-etou8220062-HHN
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
x-timer: S1672347763.390824,VS0,VE0
etag: W/"60271b1c-5bf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 377324, 10

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
764 B 112ms
112ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 2c8d8755f93e1
dc: ccg11-origin-www-1.paypal.com
content-length: 365
x-served-by: cache-sjc10030-SJC, cache-hhn-etou8220062-HHN
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
x-timer: S1672347763.390810,VS0,VE0
etag: W/"60271561-22a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 8417, 23412

GET
H2 200 11ca570be7576e20da6ebb47f021f3d14d6e32.js Show response
www.paypalobjects.com/marketing-resources/js/09/ 1 MB
226 KB 176ms
84ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/09/11ca570be7576e20da6ebb47f021f3d14d6e32.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d43b77ef50ddcf460a5e2953ad4f202ad8c96c19f71e3cd0892960981339f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 777e44ad3caa8
dc: ccg11-origin-www-1.paypal.com
content-length: 231155
x-served-by: cache-sjc10037-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 20 Dec 2022 08:24:07 GMT
traceparent: 00-0000000000000000000777e44ad3caa8-8630e2ef2c63a4df-01
x-timer: S1672347763.349753,VS0,VE2
etag: W/"63a17127-103c9a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 4, 1

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/7c420cb359b1b1eb/ 10 KB
6 KB 292ms
291ms Script
text/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/7c420cb359b1b1eb/recaptchav3.js?_sessionID=t0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af36972a779fa748a19765f406a97fa737fec325f4001b630c9c02891cf9398f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-xFeOAgXmsBIiRTxDoN4OulXSBARq8MaOkEZWPu6EAxVvrFkc' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-xFeOAgXmsBIiRTxDoN4OulXSBARq8MaOkEZWPu6EAxVvrFkc' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
date: Thu, 29 Dec 2022 21:02:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
content-encoding: br
x-cache: MISS
paypal-debug-id: f303298499ce8
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220098-HHN
traceparent: 00-0000000000000000000f303298499ce8-2070b41432477e1d-01
x-timer: S1672347763.261040,VS0,VE253
etag: W/W/"26e1-hNV3vOMDy6cA4bV0mKzwmny/KTw"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET
H2 200 pp_fc_hl.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/ 11 KB
4 KB 66ms
65ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/c6/35d213442a22292bdb85bc360975431c2bf2e6.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/c6/35d213442a22292bdb85bc360975431c2bf2e6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 9a298e4cb426
dc: ccg11-origin-www-1.paypal.com
content-length: 3732
x-served-by: cache-sjc10062-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 15 Mar 2016 17:48:58 GMT
traceparent: 00-000000000000000000009a298e4cb426-51bff1361bfee2b3-01
x-timer: S1672347763.446605,VS0,VE1
etag: W/"56e84b0a-2b4b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 151665, 24923

GET
H2 200 homepage-hero.jpg
www.paypalobjects.com/marketing/web/de/de/mobile-apps/ 122 KB
123 KB 66ms
65ms Image
image/jpeg 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/de/de/mobile-apps/homepage-hero.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1db5cb01277e77ce10dd46ceba0a3317280d4425fb483d80fbc2c85bb75d63e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=126125 idim=1600x600 ifmt=jpeg ofsz=125282 odim=1600x600 ofmt=jpeg
paypal-debug-id: f1baea94dc532
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 125282
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10060-SJC, cache-hhn-etou8220062-HHN
traceparent: 00-0000000000000000000f1baea94dc532-44bb7b1a00f8177d-01
x-timer: S1672347763.447472,VS0,VE10
etag: "SBdWyokJj7gHlSlgoeJ64sKGGB9/sCwmeInaGBnX8yg"
content-type: image/jpeg
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 339, 1

GET
H2 200 BADGE-APPLE-STORE-DE_640.png
images.ctfassets.net/7rifqg28wcbd/5xYP0H0cXry3PVwmhZapwG/f72a74a66b9495a6d891d4076aed21a0/ 3 KB
3 KB 173ms
47ms Image
image/png 2600:9000:2304:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/7rifqg28wcbd/5xYP0H0cXry3PVwmhZapwG/f72a74a66b9495a6d891d4076aed21a0/BADGE-APPLE-STORE-DE_640.png
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 27c0bc5ce50ff81c5fd6806a26f9e5f4cc3eefe20cda0bf80e7661d7124edcad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 05:43:52 GMT
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
last-modified: Mon, 09 Sep 2019 09:12:07 GMT
server: Contentful Images API
x-amz-cf-pop: VIE50-P1
age: 55132
etag: "105abad17d7ea01e68475014eed505e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 3174
x-amz-cf-id: GgJs7TJEmVreee3WOb5OjG1qr2D_jW9IMtn8BMAZLZ9hoQUhmqZtgg==

GET
H2 200 BADGE-GOOGLE-PLAY-DE_640.png
images.ctfassets.net/7rifqg28wcbd/1z0GxtzoskM8kNtkVq6XMQ/bc72d9c668bced6257b98ed025cb4f4f/ 4 KB
4 KB 174ms
49ms Image
image/png 2600:9000:2304:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/7rifqg28wcbd/1z0GxtzoskM8kNtkVq6XMQ/bc72d9c668bced6257b98ed025cb4f4f/BADGE-GOOGLE-PLAY-DE_640.png
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ad5572c4657fbb61179cc7f9d761dcb3d362af694ea8ea83483e39f852b10223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:56:22 GMT
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
last-modified: Mon, 09 Sep 2019 09:12:07 GMT
server: Contentful Images API
x-amz-cf-pop: VIE50-P1
age: 47181
etag: "e283f427fd729dc43fcf20154b316d76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 3754
x-amz-cf-id: em0Nb4vy0TGFHme5rNhUeKvA0P00jR0L5PXFViAXNjYvFoD4BNqJ0w==

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 38ms
37ms Font
application/font-woff2 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/c6/35d213442a22292bdb85bc360975431c2bf2e6.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/c6/35d213442a22292bdb85bc360975431c2bf2e6.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 92223fcebd019
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
x-served-by: cache-sjc10069-SJC, cache-hhn-etou8220023-HHN
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
traceparent: 00-000000000000000000092223fcebd019-80ccb4a4d8dcab77-01
x-timer: S1672347763.448403,VS0,VE0
etag: "60271cda-6318"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 209907, 190087

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 288 KB
34 KB 41ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12ac7223a1af8a07668d7ba9efa9078173cf57682e28bdec8fb496e01b7c1e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 86d1177d55240
dc: ccg11-origin-www-1.paypal.com
content-length: 34377
x-served-by: cache-sjc10071-SJC, cache-hhn-etou8220023-HHN
last-modified: Wed, 21 Dec 2022 02:46:46 GMT
traceparent: 00-000000000000000000086d1177d55240-622fa20a11846597-01
x-timer: S1672347763.474109,VS0,VE0
etag: W/"63a27396-4815d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 19, 187438

GET
H2 200 eligibility Show response
www.paypal.com/smartchat/open/ 1 KB
2 KB 256ms
255ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/ch/webapps/mpp/mobile-apps

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

270434655b740f677f01af851d5351afaeef00ea1bebce5b06db94a90f3fb25d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn; script-src 'nonce-7CWXCXsIY/2nGr8kD9Jz8WRrMnLiFo31Vz407wI+38KJpOEJ' 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' https://.kampyle.com https://.qualtrics.com; font-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn data:; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-7CWXCXsIY/2nGr8kD9Jz8WRrMnLiFo31Vz407wI+38KJpOEJ' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
date: Thu, 29 Dec 2022 21:02:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
content-encoding: br
x-cache: MISS
paypal-debug-id: f2814784ecaed
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220098-HHN
traceparent: 00-0000000000000000000f2814784ecaed-9fd0405afeced331-01
x-timer: S1672347764.539131,VS0,VE218
etag: W/W/"54f-nyTGhoD85iI+vBp+dffkPliMZrg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 7 KB
4 KB 56ms
56ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: b078ca8ac714d
dc: ccg11-origin-www-1.paypal.com
content-length: 3329
x-served-by: cache-sjc10075-SJC, cache-hhn-etou8220023-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.604006,VS0,VE0
etag: W/"61dccd14-1d47"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 80489, 156627

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame C62A 4 KB
2 KB 216ms
216ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/7c420cb359b1b1eb/recaptchav3.js?_sessionID=t0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Dec 2022 21:02:43 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"fb3-184dd4cd598"
last-modified: Sun, 04 Dec 2022 13:21:51 GMT
paypal-debug-id: f281478b93a39
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f281478b93a39-bf53de98d8462acb-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn-etou8220098-HHN
x-timer: S1672347764.591423,VS0,VE176

GET
H2 200 ts
t.paypal.com/ 42 B
744 B 321ms
194ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.7.5&t=1672347763590&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f3032980be337&nsid=t0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5&rsta=de_CH&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=941be44637a04a78a535a5206ef4d265&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=mobile-apps.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000016&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3A%3Amobile-apps&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/358E) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 21:02:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/358E)
traceparent: 00-0000000000000000000dd28cbc17f5db-e669d68099c51301-01
content-type: image/gif
paypal-debug-id: dd28cbc17f5db
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 29 Dec 2022 21:02:43 GMT

GET
H2 200 12.2e4d3453d92fa382c1f6.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 56 KB
16 KB 40ms
39ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: bbade2e971170
dc: ccg11-origin-www-1.paypal.com
content-length: 16285
x-served-by: cache-sjc10062-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.647327,VS0,VE0
etag: W/"61dccd14-e017"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 24043, 329898

POST
H2 200 Targeting.php Show response
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 136 KB
10 KB 253ms
133ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38258184352d2c257318eaa5506f8c22e4d8f35d111b9d0dd7e6ce594b904a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 9a013b1ae63d30e6
cf-ray: 78157a73dfc15c92-FRA
timing-allow-origin: *

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame C62A 980 B
1 KB 212ms
73ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de-CH

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f169e3c202c20b10306b8b8959bd0c3dbee19280b2a52c17d87b8c457ff6c03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 618
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 21:02:43 GMT

GET
H2 200 CoreModule.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 100 KB
30 KB 38ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 1e81c0acf248c
dc: ccg11-origin-www-1.paypal.com
content-length: 30223
x-served-by: cache-sjc10066-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.007572,VS0,VE0
etag: W/"61dccd14-190b6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 445673, 49

GET
H2 200 narr_sendmoney_dech_1x.png
www.paypalobjects.com/webstatic/emea/venice/ 10 KB
10 KB 40ms
40ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/emea/venice/narr_sendmoney_dech_1x.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ddd2e9ac2bdea061e4dd1716943276434d8e7294861278da13f23c1cb9c9ed19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=10026 idim=412x304 ifmt=png ofsz=10026 odim=412x304 ofmt=png
paypal-debug-id: fb4cb32d560b6
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 10026
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10053-SJC, cache-hhn-etou8220062-HHN
traceparent: 00-0000000000000000000fb4cb32d560b6-754d77d34099aa2c-01
x-timer: S1672347764.010447,VS0,VE3
etag: "M2rVDc93XN+2GTNHA9IyBTmysBRE/WBbUVfUMBYPzT8"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 34, 1

GET
H2 200 narr_activity_dech_1x.png
www.paypalobjects.com/webstatic/emea/venice/ 19 KB
19 KB 39ms
39ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/emea/venice/narr_activity_dech_1x.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f22341ebc0d4d8e282e18edd0ec78bae3a78d147ce3d1b8cde9f30677eccd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=19435 idim=460x388 ifmt=png ofsz=19435 odim=460x388 ofmt=png
paypal-debug-id: 12bebbe2a990a
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 19435
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10065-SJC, cache-hhn-etou8220062-HHN
traceparent: 00-000000000000000000012bebbe2a990a-85d313d797b85edd-01
x-timer: S1672347764.010982,VS0,VE1
etag: "qcZ0GYNyxkVe2Io6BCQ2chpomcwObUagL5lyW4EeRI0"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 17, 1

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame C62A 407 KB
163 KB 175ms
51ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de_ch.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=de-CH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004942a2c6ef337c31a50c0eb5c2d6cb309f8f921fa2768a241718d1756ee601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166486
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:12:23 GMT

GET
H2 200 4.bee7caf079144a7b9980.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 2 KB
1 KB 39ms
39ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 58b0bcb6e53fb
dc: ccg11-origin-www-1.paypal.com
content-length: 1231
x-served-by: cache-sjc10069-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.087464,VS0,VE0
etag: W/"61dccd14-9ed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 90062, 134982

GET
H2 200 1.1303dc17a61da0f506d3.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 29 KB
7 KB 38ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 42982a9762bbf
dc: ccg11-origin-www-1.paypal.com
content-length: 6602
x-served-by: cache-sjc10078-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.087713,VS0,VE0
etag: W/"61dccd14-7257"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 21904, 290529

GET
H2 200 17.0e47ac923c1fa85e46cf.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 19 KB
8 KB 39ms
39ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 4c85a99c2905d
dc: ccg11-origin-www-1.paypal.com
content-length: 7762
x-served-by: cache-sjc10045-SJC, cache-hhn-etou8220062-HHN
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
x-timer: S1672347764.088577,VS0,VE0
etag: W/"61dccd14-4a99"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 922050, 38

GET
H2 200 ts
t.paypal.com/ 42 B
499 B 195ms
195ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.7.5&t=1672347764244&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Amobile-apps&page=main%3Amktg%3Apersonal%3A%3Amobile-apps%3A%3A%3A&pgst=Unknown&calc=f3032980be337&nsid=t0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5&rsta=de_CH&pgtf=Nodejs&env=live&s=ci&ccpg=ch&csci=941be44637a04a78a535a5206ef4d265&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=mobile-apps.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000016&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A119%2C%22t11%22%3A1416%2C%22tcp%22%3A853%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A98%7D&pt=PayPal-App%3A%20Geld%20senden%20und%20empfangen%20%7C%20PayPal%20CH&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=119&t1c=119&t1d=32&t1s=49&t2=498&t3=6&t4d=0&t4=0&t4e=6&tt=1317&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=322

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35EF) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 21:02:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35EF)
traceparent: 00-00000000000000000004966fd6d955c8-3e6d9ee82829d5e3-01
content-type: image/gif
paypal-debug-id: 4966fd6d955c8
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 29 Dec 2022 21:02:44 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame F295 42 KB
22 KB 88ms
88ms Document
text/html 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=bvtrza9xs9l8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

445e010da54f2f9bf38558768d19725d3c82e9849ebea91871dc3a9453f5c8ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3FsmEnssRNdJCcYyXklBRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22527
content-security-policy: script-src 'report-sample' 'nonce-3FsmEnssRNdJCcYyXklBRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 21:02:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F295 52 KB
24 KB 155ms
51ms Stylesheet
text/css 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=bvtrza9xs9l8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame F295 407 KB
163 KB 181ms
77ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de_ch.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004942a2c6ef337c31a50c0eb5c2d6cb309f8f921fa2768a241718d1756ee601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166486
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:12:23 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame F295 105 B
137 B 75ms
75ms Other
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74db58b3aad4c1d65a30e6c647d1916846362e6e5738e5d405efd475378c4704

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=bvtrza9xs9l8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 21:02:44 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame F295 33 KB
19 KB 110ms
109ms XHR
application/json 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de_ch.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4282e1e770a83ceeb082de10d3c71c6883042918c0854322e10fb5e3d059e13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=de-CH&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=bvtrza9xs9l8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 29 Dec 2022 21:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19397
x-xss-protection: 1; mode=block
expires: Thu, 29 Dec 2022 21:02:45 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 352ms
351ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-0FHc0anMQb/O2Ee/gQPSd5R7BXrVta0crvsQIBfa+PzZTCnd' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-0FHc0anMQb/O2Ee/gQPSd5R7BXrVta0crvsQIBfa+PzZTCnd' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
date: Thu, 29 Dec 2022 21:02:45 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
paypal-debug-id: f464178f397c4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220098-HHN
traceparent: 00-0000000000000000000f464178f397c4-4d58a32c3e1b6d6a-01
x-timer: S1672347765.123072,VS0,VE314
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
498 B 210ms
210ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.7.5&t=1672347765245&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Amobile-apps&page=main%3Amktg%3Apersonal%3A%3Amobile-apps%3A%3A%3A&pgst=Unknown&calc=f3032980be337&nsid=t0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5&rsta=de_CH&pgtf=Nodejs&env=live&s=ci&ccpg=ch&csci=941be44637a04a78a535a5206ef4d265&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&utm_source=unp&utm_medium=email&utm_campaign=RT000016&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_medium%2Cutm_campaign&page_segment=ppcom&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=195&t3=1&tt=196&protocol=h2&cdn=edgecast&view=%7B%22t10%22%3A1%2C%22t11%22%3A196%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3588) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/ch/webapps/mpp/mobile-apps?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000016&utm_unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&ppid=RT000016&cnac=CH&rsta=de_DE%28de-CH%29&cust=XKC6XHYLTL8RQ&unptid=ed9d4cf8-6f03-11ed-9414-3cfdfeef73d1&calc=1821c17e7ae57&unp_tpcid=email-receipt-xclick-payment&page=main%3Aemail%3ART000016&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.128.0&xt=104038%2C127632/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 21:02:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3588)
traceparent: 00-000000000000000000082650344c5f56-b1aa884c394f8014-01
content-type: image/gif
paypal-debug-id: 82650344c5f56
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 29 Dec 2022 21:02:45 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 12:51:39	Name: _GRECAPTCHA Value: 09AJ4Tk-4_FxHRGJ5LYCu13wpWmZZ_hSD5VYGwe-Jj3tALpaH4vTsEDvWStj-FI750flS8QxOtfcRXyLmqiqBJo4E
.paypal.com/	1970-01-20 17:18:03	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 18:08:27	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 08:32:59	Name: LANG Value: de_DE%3BCH
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3At0W4EgLAWCMI7B-QvxZxsT3xs7T_zaT5.exU9ORmQn0eQzExE8YOVokBKwJ2efXvnhKCVwpCdyjo
.paypal.com/	1970-01-20 18:08:27	Name: ts_c Value: vr%3D5fb1c07e1850ad04be0aaaaefd195d25%26vt%3D5fb1c07e1850ad04be0aaaaefd195d24
.paypal.com/	1970-01-20 08:32:29	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 18:08:27	Name: ts Value: vreXpYrS%3D1767042165%26vteXpYrS%3D1672349565%26vr%3D5fb1c07e1850ad04be0aaaaefd195d25%26vt%3D5fb1c07e1850ad04be0aaaaefd195d24%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3MjM0Nzc2NTM0NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 08:36:46	Name: tsrce Value: authchallengenodeweb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-CyqPR8PYoyTagMkvL8476cy+BSD+qR08rP17/XdmM9jRp7U6' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.17.209.240
151.101.1.21
151.101.2.133
192.229.221.25
2600:9000:2304:4e00:12:94b3:c380:93a1
2a00:1450:400d:803::2003
2a00:1450:400d:808::2003
004942a2c6ef337c31a50c0eb5c2d6cb309f8f921fa2768a241718d1756ee601
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0f169e3c202c20b10306b8b8959bd0c3dbee19280b2a52c17d87b8c457ff6c03
12ac7223a1af8a07668d7ba9efa9078173cf57682e28bdec8fb496e01b7c1e4b
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
1db5cb01277e77ce10dd46ceba0a3317280d4425fb483d80fbc2c85bb75d63e3
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
270434655b740f677f01af851d5351afaeef00ea1bebce5b06db94a90f3fb25d
27c0bc5ce50ff81c5fd6806a26f9e5f4cc3eefe20cda0bf80e7661d7124edcad
2a6847ac44dabf7f1b6f8489a300f91acbbc99ce5d428fee391c6d9b0ba59eb0
38258184352d2c257318eaa5506f8c22e4d8f35d111b9d0dd7e6ce594b904a5d
445e010da54f2f9bf38558768d19725d3c82e9849ebea91871dc3a9453f5c8ff
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4f22341ebc0d4d8e282e18edd0ec78bae3a78d147ce3d1b8cde9f30677eccd9b
6a299bad7148fbf0da85a232d8dee2aebbfaa77e8cf41956a0e164ec71304a17
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71b766fc984d8d985e8e9e3b9feb3cd2046536de7bcdd0c8808d30650a737a32
74db58b3aad4c1d65a30e6c647d1916846362e6e5738e5d405efd475378c4704
77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9d43b77ef50ddcf460a5e2953ad4f202ad8c96c19f71e3cd0892960981339f8e
ad5572c4657fbb61179cc7f9d761dcb3d362af694ea8ea83483e39f852b10223
af36972a779fa748a19765f406a97fa737fec325f4001b630c9c02891cf9398f
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
ddd2e9ac2bdea061e4dd1716943276434d8e7294861278da13f23c1cb9c9ed19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
f158d9c8d0aea0ebd05994b485538aadf1170c0c44bdbb9fa5b7aacf101e2e1f
f4282e1e770a83ceeb082de10d3c71c6883042918c0854322e10fb5e3d059e13

www.paypal.com Open in urlscan Pro 151.101.1.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

1127 kBTransfer

3638 kBSize

10 Cookies

8 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

1127 kB
Transfer

3638 kB
Size

10
Cookies

39 HTTP transactions
0 data transactions