www.paypal.com Open in urlscan Pro
151.101.193.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://flowinglove.com/paypal_es.php
Effective URL:
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Submission: On March 07 via manual (March 7th 2021, 3:12:15 am UTC) from ES

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 46 HTTP transactions. The main IP is 151.101.193.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.159.155.163 209.159.155.163	19318 (IS-AS-1) (IS-AS-1)
1 8	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
21	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
46	10

1 209.159.155.163 (United States) 1 redirects

ASN19318 (IS-AS-1, US)
PTR: webhosting900.is.cc

flowinglove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.193.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	paypalobjects.com www.paypalobjects.com	614 KB
19	paypal.com 2 redirects www.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com c6.paypal.com	290 KB
4	google.com www.google.com	24 KB
3	gstatic.com www.gstatic.com	284 KB
1	recaptcha.net www.recaptcha.net	1 KB
1	flowinglove.com 1 redirects flowinglove.com	424 B
46	6

	Domain	Requested by
21	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
8	www.paypal.com	1 redirects www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.google.com	www.gstatic.com www.google.com
3	www.gstatic.com	www.recaptcha.net www.google.com
3	t.paypal.com	www.paypal.com
1	www.recaptcha.net	www.paypalobjects.com
1	c6.paypal.com	www.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	flowinglove.com	1 redirects
46	11

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-12` - `2022-02-12`	a year	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh
misc.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Frame ID: C399BAFF929D75CAD78990BEC2A7B9E6
Requests: 31 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: ECBE8ACCB1B0776A427286357B0F0EEA
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Frame ID: C56421941BD7F9BC9EC88E0542AD3CE9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Frame ID: A236A55BC82F3E6202DAE89D1BB96D6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Frame ID: EB836DA0969AF0990367D030DF4CDBFE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://flowinglove.com/paypal_es.php HTTP 302
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL HTTP 307
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

46
Requests

100 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

10
IPs

2
Countries

1211 kB
Transfer

4163 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flowinglove.com/paypal_es.php HTTP 302
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL HTTP 307
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://b.stats.paypal.com/v2/counter.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.paypal.com/donate/
Redirect Chain

http://flowinglove.com/paypal_es.php
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

226 KB
74 KB

1315ms
1315ms

Document
text/html

151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6e26acbc59c0373db409aa25d5c38f71edd444b8a6dacd09019c05f7213f8b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYxNTA4NjcxNTA1NiIsImwiOiIwIiwibSI6IjAifQ; tsrce=xorouternodeweb; nsid=s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ; l7_az=dcg01.phx; ts=vreXpYrS%3D1709781114%26vteXpYrS%3D1615088514%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; x-cdn=fastly:AMS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: text/html; charset=utf-8
etag: W/"387ed-1E7iewZpdC7hhkLkdOq6VQVTcR0"
paypal-debug-id: d756d81b1f695
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 07 Mar 2022 03:11:56 GMT; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 07 Mar 2021 11:57:52 GMT; HttpOnly; Secure; SameSite=None tsrce=donatenodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Wed, 10 Mar 2021 03:11:55 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNTA4NjcxNjM3MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sun, 07 Mar 2021 03:41:56 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1709781115%26vteXpYrS%3D1615088515%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:56 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:56 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Sun, 07 Mar 2021 03:11:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7320-LHR, cache-ams21047-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1615086715.167529,VS0,VE1292
vary: Accept-Encoding
content-encoding: br

Redirect headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com; script-src 'nonce-Xl27DkCLTeAJKyCCCE3qTrMpf4IMhaLhZ3qYSI7o9k0SO1U+' 'self' https://*.paypal.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
location: /donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
paypal-debug-id: b84c0347ffb5f
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 07 Mar 2021 11:57:51 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 07 Mar 2022 03:11:55 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNTA4NjcxNTA1NiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=xorouternodeweb; Domain=.paypal.com; Path=/; Expires=Wed, 10 Mar 2021 03:11:55 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ; Path=/; HttpOnly; Secure l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sun, 07 Mar 2021 03:41:55 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1709781114%26vteXpYrS%3D1615088514%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:55 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:55 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 07 Mar 2021 03:11:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7349-LHR, cache-ams21047-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1615086714.497078,VS0,VE646
content-length: 171

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
6 KB 29ms
29ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:15:31 GMT
etag: W/"5f765503-532f"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: cac10d7782ad5
cache-control: max-age=3600
strict-transport-security: max-age=31536000
dc: phx-origin-www-2.paypal.com
content-length: 6248
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 112ms
54ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 May 2020 06:30:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18348
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 111ms
54ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 May 2020 06:30:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18388
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 fonts-and-normalize.min.css
www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/ 4 KB
1 KB 32ms
31ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 8628bbf1a40c0
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 1036
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
etag: W/"5f7654f7-ea0"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 ppvx.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ 80 KB
10 KB 33ms
31ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 650048754093d
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9834
last-modified: Fri, 05 Mar 2021 01:47:41 GMT
etag: W/"60418dbd-13f6d"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Mon, 07 Mar 2022 03:11:56 GMT

GET
H2 200 router.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ 168 KB
20 KB 33ms
32ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

c751796fca089cbe8cd757aff6f6fbd38d565bdb693fc6900f75ae3ab9412c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: c080736c5516c
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 20462
last-modified: Fri, 05 Mar 2021 01:47:41 GMT
etag: W/"60418dbd-2a0e0"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Mon, 07 Mar 2022 03:11:56 GMT

GET
H2 200 internalServerError.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ 25 KB
4 KB 35ms
34ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/internalServerError.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

a3090469b6cf02a0141f461e3ad242c89a65b7a185291af1d482ef5673c13074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 25048b3a1171
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 3941
last-modified: Fri, 05 Mar 2021 01:47:41 GMT
etag: W/"60418dbd-65e5"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Mon, 07 Mar 2022 03:11:56 GMT

GET
H2 200 ppvx-app.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ 52 KB
10 KB 39ms
37ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 3935bc6bbf5bb
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9585
last-modified: Fri, 05 Mar 2021 01:47:41 GMT
etag: W/"60418dbd-d131"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Mon, 07 Mar 2022 03:11:56 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/staging/pa/js/min/ 52 KB
20 KB 39ms
38ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/staging/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 2743870216caf
dc: slc-b-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 20178
last-modified: Thu, 18 Feb 2021 06:52:33 GMT
etag: W/"602e0eb1-d060"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: x-csrf-token
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 52 KB
20 KB 40ms
39ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: cb4fa6c43183
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 20130
last-modified: Thu, 18 Feb 2021 06:57:36 GMT
etag: W/"602e0fe0-cfcb"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: x-csrf-token
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/staging/pa/mi/ 244 KB
26 KB 44ms
38ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/staging/pa/mi/miconfig.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/staging/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: a98fe9d618b5f
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 25727
last-modified: Fri, 12 Feb 2021 22:44:08 GMT
etag: W/"602704b8-3ce2f"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: x-csrf-token
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/pa/mi/ 110 KB
21 KB 59ms
53ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/miconfig.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 8e29ecafdcd9e
dc: slc-b-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 20779
last-modified: Fri, 12 Feb 2021 22:44:08 GMT
etag: W/"602704b8-1b9c2"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: x-csrf-token
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 ic_arrow.svg
www.paypalobjects.com/images/Cause/CampaignPage/ 1 KB
828 B 29ms
28ms Image
image/svg+xml 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/Cause/CampaignPage/ic_arrow.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:20:18 GMT
cache-control: public, max-age=3600
etag: W/"60271b42-4e4"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
paypal-debug-id: 10aa9c2f75bcb
strict-transport-security: max-age=31536000
dc: slc-b-origin-www-3.paypal.com
content-length: 528
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 logo_paypal_106x27.png
www.paypalobjects.com/webstatic/logo/ 2 KB
2 KB 30ms
30ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/logo/logo_paypal_106x27.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

48a50abe4331d7e9a3a258a9182db94d6ea23dce50aaf70b43403bdc67d0d6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1806
etag: "qe2R9qdpIOL3HI0q+J/EfJvcphAcb/HJg+n5kfVdVUM"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 01:27:46 GMT
content-length: 1575
server: Akamai Image Manager
expires: Sun, 07 Mar 2021 15:11:56 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 38ms
37ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18348
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 30ms
29ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
cache-control: max-age=3600
etag: "5f7654f7-6318"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
paypal-debug-id: e094a0c918144
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: slc-b-origin-www-2.paypal.com
content-length: 25368
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 40ms
39ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Apr 2020 19:23:50 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18536
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/ 55 KB
16 KB 30ms
30ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: a2346317fa996
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 16301
last-modified: Thu, 19 Nov 2020 00:00:22 GMT
etag: W/"5fb5b596-dc08"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-headers: x-csrf-token
expires: Sun, 07 Mar 2021 04:11:56 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 61 KB
21 KB 65ms
22ms Script
application/x-javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish
age: 1215826
x-cache: HIT
content-encoding: gzip
content-length: 21347
x-served-by: cache-ams21034-AMS
last-modified: Tue, 26 Jan 2021 03:41:11 GMT
server: Apache
x-timer: S1615086717.166939,VS0,VE2
vary: Accept-Encoding
content-type: application/x-javascript
expires: Mon, 08 Mar 2021 03:11:57 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 78687

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame ECBE 160 B
916 B 194ms
194ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: LANG=en_US%3BUS; enforce_policy=ccpa; l7_az=dcg01.phx; ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; x-cdn=fastly:AMS; tsrce=donatenodeweb; x-pp-s=eyJ0IjoiMTYxNTA4NjcxNjM3MiIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1709781115%26vteXpYrS%3D1615088515%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paypal.com/

Response headers

correlation-id: e86deff31a955
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: e86deff31a955
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Sun, 07 Mar 2021 03:11:57 GMT
x-served-by: cache-hhn11544-HHN, cache-ams21034-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1615086717.218040,VS0,VE174
vary: Accept-Encoding
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame C564
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing

42 B
299 B

153ms
52ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Mar 2021 03:11:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Date: Sun, 07 Mar 2021 03:11:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 router.js Show response
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/ 2 MB
331 KB 30ms
29ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4033923f53f11148f61de82464c63a507695b46e9d647f240ab68dfcd6a8e479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 985a7ee1c2e5e
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 337341
last-modified: Fri, 05 Mar 2021 01:47:42 GMT
etag: W/"60418dbe-18c473"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Mon, 07 Mar 2022 03:11:57 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/bd3e238097ced441/ 11 KB
6 KB 462ms
461ms Script
text/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/bd3e238097ced441/recaptchav3.js?_sessionID=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c6556724595f33a4f1b1e8817df1742ec70fd81781ce1c9972d5a90cfe8de6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-o9qpRWs6ZMLuokI/RMkoH+wlmedgsA0YVSGJVATA4EPC0a4l' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-o9qpRWs6ZMLuokI/RMkoH+wlmedgsA0YVSGJVATA4EPC0a4l' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: a5f2c0b8a25da
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7372-LHR, cache-ams21047-AMS
x-timer: S1615086717.380938,VS0,VE434
date: Sun, 07 Mar 2021 03:11:57 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"2b91-pXD5H5Iphwc8RIxIjK6uAllQTB0"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame ECBE 61 KB
21 KB 22ms
22ms Script
application/x-javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish
age: 1215826
x-cache: HIT
content-encoding: gzip
content-length: 21347
x-served-by: cache-ams21034-AMS
last-modified: Tue, 26 Jan 2021 03:41:11 GMT
server: Apache
x-timer: S1615086717.416070,VS0,VE1
vary: Accept-Encoding
content-type: application/x-javascript
expires: Mon, 08 Mar 2021 03:11:57 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 78688

GET
H2 200 PPUI-Icons.woff2
www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/ 26 KB
27 KB 29ms
29ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

8599d3429edb0a0c025a20e7e8c693ee5a6b815fbad8af5232cc7965f2931153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:40:20 GMT
cache-control: max-age=3600
etag: "6011c1a4-6904"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
paypal-debug-id: f10464c3f170e
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-2.paypal.com
content-length: 26884
expires: Sun, 07 Mar 2021 04:11:57 GMT

GET
H2 200 vendors~bodymovin.bundle.js Show response
www.paypal.com/donate/js/apps/ 247 KB
85 KB 236ms
236ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/vendors~bodymovin.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0903e17f90d5a74b150736326640d87f260953992284599eee567650995328ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: ef4de80f78c08
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7363-LHR, cache-ams21047-AMS
last-modified: Thu, 04 Mar 2021 23:34:45 GMT
x-timer: S1615086718.609078,VS0,VE215
etag: W/"3dd34-177ff97f608"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 hearts.bundle.js Show response
www.paypal.com/donate/js/apps/ 15 KB
4 KB 236ms
235ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/hearts.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: 3edb7fc6737e4
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7373-LHR, cache-ams21047-AMS
last-modified: Thu, 04 Mar 2021 23:34:45 GMT
x-timer: S1615086718.609196,VS0,VE215
etag: W/"3c9b-177ff97f608"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 16.bundle.js Show response
www.paypal.com/donate/js/apps/ 31 KB
7 KB 188ms
188ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/16.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39e89c994731d373e50c3a796bf3a3b346ff61b68d0198b2380897e74fd69d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: 2f3aafe3ddb12
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7353-LHR, cache-ams21047-AMS
last-modified: Thu, 04 Mar 2021 23:34:45 GMT
x-timer: S1615086718.611428,VS0,VE168
etag: W/"7a83-177ff97f608"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 17.bundle.js Show response
www.paypal.com/donate/js/apps/ 176 KB
65 KB 240ms
239ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/17.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d30f88c4d8db9d49ee08e99dba0371fab7c07b4a22981e4c55a0ea35d40541f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: c273d26862dd0
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7350-LHR, cache-ams21047-AMS
last-modified: Thu, 04 Mar 2021 23:34:45 GMT
x-timer: S1615086718.611512,VS0,VE219
etag: W/"2c001-177ff97f608"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
488 B 196ms
196ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1615086717607&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&displayPage=main%3Adonate%3Awps%3Aguest%3Aguestform&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&bannerSource=ConsentNodeServ&e=ac
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1615086718.616608,VS0,VE175
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Sun, 07 Mar 2021 03:11:57 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11555-HHN, cache-ams21030-AMS

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame ECBE 125 B
672 B 234ms
234ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p1
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c63a8949ab3a8aa6448e3b9e4e5e628fc7c5d7ab5a4fc57bffdaa974698dcde

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: f6f45754bf854
x-served-by: cache-hhn11548-HHN, cache-ams21034-AMS
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: f6f45754bf854
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ Frame ECBE 125 B
396 B 232ms
232ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p2
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a5456b5b941dc5f4da3bd007309836d70bfd73b35ccc61387c0057bdeba6619

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 302b7fc0d4c2a
x-served-by: cache-hhn11533-HHN, cache-ams21034-AMS
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 302b7fc0d4c2a
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame ECBE 0
80 B 232ms
224ms Image
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c6.paypal.com/v1/r/d/b/p3?f=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 92659a2684a06
x-timer: S1615086718.672308,VS0,VE204
x-served-by: cache-hhn11544-HHN, cache-ams21034-AMS
x-cache: MISS, MISS
paypal-debug-id: 92659a2684a06
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0, 0

GET
H2 200 grcenterprise_v3.html Show response
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame A236 4 KB
2 KB 29ms
29ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/bd3e238097ced441/recaptchav3.js?_sessionID=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paypal.com/

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"5f527c11-fae"
last-modified: Fri, 04 Sep 2020 17:40:33 GMT
paypal-debug-id: 3206a79c842a6
surrogate-control: max-age=31536000
content-length: 1549
dc: phx-origin-www-1.paypal.com
cache-control: max-age=31536000
expires: Mon, 07 Mar 2022 03:11:57 GMT
date: Sun, 07 Mar 2021 03:11:57 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame A236 974 B
1 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c36d9b135e63684b3d7897701770d8e126af3ec1012407b50bd3d565af14c2e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 618
x-xss-protection: 1; mode=block
expires: Sun, 07 Mar 2021 03:11:57 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame A236 331 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.paypalobjects.com
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 03:05:05 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame EB83 19 KB
10 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37e8b0295936c2bd6f00a0283ce75a3d229daf79c0b4068bc7d3a8d0af32f08b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KtcEZOuzc+WDdOLYHMRA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypalobjects.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paypalobjects.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 07 Mar 2021 03:11:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-KtcEZOuzc+WDdOLYHMRA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10172
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame EB83 50 KB
25 KB 36ms
21ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 22:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 103603
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Sat, 05 Mar 2022 22:25:15 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame EB83 331 KB
129 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2813
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132194
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:25:05 GMT

GET
H3-Q050 200 6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js Show response
www.google.com/js/bg/ Frame EB83 14 KB
7 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 22:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 105079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6328
x-xss-protection: 0
expires: Sat, 05 Mar 2022 22:00:39 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame EB83 102 B
295 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 03:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 07 Mar 2021 03:11:58 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame EB83 10 KB
7 KB 44ms
44ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3fdede36186a5dedb4f1b527b5df2225f6e688e9bd535b8558884ad1bc7852e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 07 Mar 2021 03:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7179
x-xss-protection: 1; mode=block
expires: Sun, 07 Mar 2021 03:11:58 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
510 B 185ms
185ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1615086718314&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3A%3Alanding%3AlandingPageComponent%3Aweb%3A%3A&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=pf&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&action=landing_page_loaded&uicomp=landingPageComponent&uitype=page&tt=4119&view=%7B%22t11%22%3A4120%2C%22et%22%3A%224g%22%2C%22pt%22%3A%22Donate%22%2C%22ru%22%3A%22%22%2C%22cd%22%3A24%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 03:11:58 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1615086718.323218,VS0,VE166
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slcb.slc
expires: Sun, 07 Mar 2021 03:11:58 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4081-HHN, cache-ams21030-AMS

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 327ms
327ms XHR
text/plain 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-/6I8RithZb+i7Dfs0RA9jdmovuosDjMDteeO5qqtnIuryhup' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-/6I8RithZb+i7Dfs0RA9jdmovuosDjMDteeO5qqtnIuryhup' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: eb5fcdefd038b
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-2.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7335-LHR, cache-ams21047-AMS
x-timer: S1615086718.371336,VS0,VE305
date: Sun, 07 Mar 2021 03:11:58 GMT
vary: accept-encoding
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
144 B 186ms
185ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1615086718588&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=im&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&imsrc=setup&view=%7B%22t10%22%3A965%2C%22t11%22%3A4169%2C%22tcp%22%3A2595%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Donate&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=1315&t3=892&t4d=1833&t4=1836&t4e=3&tt=4119&rdc=0&res=%7B%7D&rtt=186
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Mar 2021 03:11:58 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1615086719.596918,VS0,VE166
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Sun, 07 Mar 2021 03:11:58 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11581-HHN, cache-ams21030-AMS

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.c.paypal.com/	1970-01-21 12:26:06	Name: sc_f Value: zfTlVNkMEVeBN84pTFN2_DlWVyR_ukjKRWkovDGl5g8YOYU1llr_7zSW6YIvAwaRsbm4735DKf5OHC7_ULU9QYJcATMMLkHUEdcCzm
.paypal.com/	1970-01-19 16:38:38	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 01:23:42	Name: cookie_prefs Value: P%3D1%2CF%3D1%2Ctype%3Dimplicit
.paypal.com/	1970-01-20 01:23:42	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-26 23:50:06	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: i3XXwinjvrrilQfAnRZQsn6aiZQIEry1TpM2554dbHlNkqoq4upgw3wxMSl_reTE6-dmWXuNVdWLUe8b
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ
.paypal.com/	1970-01-19 16:42:25	Name: tsrce Value: authchallengenodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYxNTA4NjcxNzcyOSIsImwiOiIxIiwibSI6IjAifQ
.paypal.com/	1970-01-20 18:54:54	Name: ts Value: vreXpYrS%3D1709781117%26vteXpYrS%3D1615088517%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-cdn Value: fastly:AMS
.paypal.com/	1970-01-19 16:38:08	Name: l7_az Value: dcg01.phx
.paypal.com/	1970-01-20 18:54:54	Name: ts_c Value: vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
flowinglove.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
104.111.228.123
151.101.1.35
151.101.193.21
151.101.193.35
209.159.155.163
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
64.4.245.84
02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689
0903e17f90d5a74b150736326640d87f260953992284599eee567650995328ad
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
1a5456b5b941dc5f4da3bd007309836d70bfd73b35ccc61387c0057bdeba6619
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
37e8b0295936c2bd6f00a0283ce75a3d229daf79c0b4068bc7d3a8d0af32f08b
39e89c994731d373e50c3a796bf3a3b346ff61b68d0198b2380897e74fd69d24
3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
4033923f53f11148f61de82464c63a507695b46e9d647f240ab68dfcd6a8e479
44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5
48a50abe4331d7e9a3a258a9182db94d6ea23dce50aaf70b43403bdc67d0d6e7
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
5c63a8949ab3a8aa6448e3b9e4e5e628fc7c5d7ab5a4fc57bffdaa974698dcde
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7c6556724595f33a4f1b1e8817df1742ec70fd81781ce1c9972d5a90cfe8de6b
8599d3429edb0a0c025a20e7e8c693ee5a6b815fbad8af5232cc7965f2931153
8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
a3090469b6cf02a0141f461e3ad242c89a65b7a185291af1d482ef5673c13074
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209
a6e26acbc59c0373db409aa25d5c38f71edd444b8a6dacd09019c05f7213f8b7
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
c36d9b135e63684b3d7897701770d8e126af3ec1012407b50bd3d565af14c2e0
c751796fca089cbe8cd757aff6f6fbd38d565bdb693fc6900f75ae3ab9412c2c
d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2
d30f88c4d8db9d49ee08e99dba0371fab7c07b4a22981e4c55a0ea35d40541f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fdede36186a5dedb4f1b527b5df2225f6e688e9bd535b8558884ad1bc7852e
e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d

www.paypal.com Open in urlscan Pro 151.101.193.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

45 %IPv6

6 Domains

11 Subdomains

10 IPs

2 Countries

1211 kBTransfer

4163 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.193.21 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

10
IPs

2
Countries

1211 kB
Transfer

4163 kB
Size

12
Cookies

46 HTTP transactions
0 data transactions