Submitted URL: http://flowinglove.com/paypal_es.php
Effective URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Submission: On March 07 via manual from ES

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 46 HTTP transactions. The main IP is 151.101.193.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
21 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
8 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
5 c.paypal.com www.paypal.com
c.paypal.com
4 www.google.com www.gstatic.com
www.google.com
3 www.gstatic.com www.recaptcha.net
www.google.com
3 t.paypal.com www.paypal.com
1 www.recaptcha.net www.paypalobjects.com
1 c6.paypal.com www.paypal.com
1 dub.stats.paypal.com www.paypal.com
1 b.stats.paypal.com 1 redirects
1 flowinglove.com 1 redirects
46 11

This site contains no links.

Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-01-12 -
2022-02-12
a year crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-06-24 -
2022-06-29
2 years crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA
2020-03-13 -
2022-06-03
2 years crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-11-17 -
2021-11-21
a year crt.sh
misc.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Frame ID: C399BAFF929D75CAD78990BEC2A7B9E6
Requests: 31 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: ECBE8ACCB1B0776A427286357B0F0EEA
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Frame ID: C56421941BD7F9BC9EC88E0542AD3CE9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Frame ID: A236A55BC82F3E6202DAE89D1BB96D6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Frame ID: EB836DA0969AF0990367D030DF4CDBFE
Requests: 6 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://flowinglove.com/paypal_es.php HTTP 302
    https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL HTTP 307
    https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

46
Requests

100 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

10
IPs

2
Countries

1211 kB
Transfer

4163 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flowinglove.com/paypal_es.php HTTP 302
    https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL HTTP 307
    https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://b.stats.paypal.com/v2/counter.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing HTTP 302
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.paypal.com/donate/
Redirect Chain
  • http://flowinglove.com/paypal_es.php
  • https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
  • https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
226 KB
74 KB
Document
General
Full URL
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6e26acbc59c0373db409aa25d5c38f71edd444b8a6dacd09019c05f7213f8b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYxNTA4NjcxNTA1NiIsImwiOiIwIiwibSI6IjAifQ; tsrce=xorouternodeweb; nsid=s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ; l7_az=dcg01.phx; ts=vreXpYrS%3D1709781114%26vteXpYrS%3D1615088514%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; x-cdn=fastly:AMS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type
text/html; charset=utf-8
etag
W/"387ed-1E7iewZpdC7hhkLkdOq6VQVTcR0"
paypal-debug-id
d756d81b1f695
set-cookie
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 07 Mar 2022 03:11:56 GMT; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 07 Mar 2021 11:57:52 GMT; HttpOnly; Secure; SameSite=None tsrce=donatenodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Wed, 10 Mar 2021 03:11:55 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNTA4NjcxNjM3MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sun, 07 Mar 2021 03:41:56 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1709781115%26vteXpYrS%3D1615088515%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:56 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:56 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Sun, 07 Mar 2021 03:11:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7320-LHR, cache-ams21047-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1615086715.167529,VS0,VE1292
vary
Accept-Encoding
content-encoding
br

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com; script-src 'nonce-Xl27DkCLTeAJKyCCCE3qTrMpf4IMhaLhZ3qYSI7o9k0SO1U+' 'self' https://*.paypal.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
location
/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
paypal-debug-id
b84c0347ffb5f
set-cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 07 Mar 2021 11:57:51 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 07 Mar 2022 03:11:55 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNTA4NjcxNTA1NiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=xorouternodeweb; Domain=.paypal.com; Path=/; Expires=Wed, 10 Mar 2021 03:11:55 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ; Path=/; HttpOnly; Secure l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sun, 07 Mar 2021 03:41:55 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1709781114%26vteXpYrS%3D1615088514%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:55 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; Path=/; Domain=paypal.com; Expires=Wed, 06 Mar 2024 03:11:55 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Sun, 07 Mar 2021 03:11:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7349-LHR, cache-ams21047-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1615086714.497078,VS0,VE646
content-length
171
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/
21 KB
6 KB
Script
General
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:15:31 GMT
etag
W/"5f765503-532f"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
cac10d7782ad5
cache-control
max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-2.paypal.com
content-length
6248
expires
Sun, 07 Mar 2021 04:11:56 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 May 2020 06:30:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18348
expires
Sun, 07 Mar 2021 04:11:56 GMT
PayPalSansBig-Light.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 May 2020 06:30:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18388
expires
Sun, 07 Mar 2021 04:11:56 GMT
fonts-and-normalize.min.css
www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
8628bbf1a40c0
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1036
last-modified
Thu, 01 Oct 2020 22:15:19 GMT
etag
W/"5f7654f7-ea0"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 07 Mar 2021 04:11:56 GMT
ppvx.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/
80 KB
10 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
650048754093d
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
9834
last-modified
Fri, 05 Mar 2021 01:47:41 GMT
etag
W/"60418dbd-13f6d"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Mon, 07 Mar 2022 03:11:56 GMT
router.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/
168 KB
20 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c751796fca089cbe8cd757aff6f6fbd38d565bdb693fc6900f75ae3ab9412c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
c080736c5516c
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
20462
last-modified
Fri, 05 Mar 2021 01:47:41 GMT
etag
W/"60418dbd-2a0e0"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Mon, 07 Mar 2022 03:11:56 GMT
internalServerError.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/
25 KB
4 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/internalServerError.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3090469b6cf02a0141f461e3ad242c89a65b7a185291af1d482ef5673c13074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
25048b3a1171
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
3941
last-modified
Fri, 05 Mar 2021 01:47:41 GMT
etag
W/"60418dbd-65e5"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Mon, 07 Mar 2022 03:11:56 GMT
ppvx-app.css
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/
52 KB
10 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
3935bc6bbf5bb
dc
slc-b-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
9585
last-modified
Fri, 05 Mar 2021 01:47:41 GMT
etag
W/"60418dbd-d131"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Mon, 07 Mar 2022 03:11:56 GMT
pa.js
www.paypalobjects.com/staging/pa/js/min/
52 KB
20 KB
Script
General
Full URL
https://www.paypalobjects.com/staging/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
2743870216caf
dc
slc-b-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20178
last-modified
Thu, 18 Feb 2021 06:52:33 GMT
etag
W/"602e0eb1-d060"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Mar 2021 04:11:56 GMT
pa.js
www.paypalobjects.com/pa/js/min/
52 KB
20 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
cb4fa6c43183
dc
slc-b-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
20130
last-modified
Thu, 18 Feb 2021 06:57:36 GMT
etag
W/"602e0fe0-cfcb"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Mar 2021 04:11:56 GMT
miconfig.js
www.paypalobjects.com/staging/pa/mi/
244 KB
26 KB
Script
General
Full URL
https://www.paypalobjects.com/staging/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/staging/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
a98fe9d618b5f
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
25727
last-modified
Fri, 12 Feb 2021 22:44:08 GMT
etag
W/"602704b8-3ce2f"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Mar 2021 04:11:56 GMT
miconfig.js
www.paypalobjects.com/pa/mi/
110 KB
21 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
8e29ecafdcd9e
dc
slc-b-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20779
last-modified
Fri, 12 Feb 2021 22:44:08 GMT
etag
W/"602704b8-1b9c2"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Mar 2021 04:11:56 GMT
ic_arrow.svg
www.paypalobjects.com/images/Cause/CampaignPage/
1 KB
828 B
Image
General
Full URL
https://www.paypalobjects.com/images/Cause/CampaignPage/ic_arrow.svg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:20:18 GMT
cache-control
public, max-age=3600
etag
W/"60271b42-4e4"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
paypal-debug-id
10aa9c2f75bcb
strict-transport-security
max-age=31536000
dc
slc-b-origin-www-3.paypal.com
content-length
528
expires
Sun, 07 Mar 2021 04:11:56 GMT
logo_paypal_106x27.png
www.paypalobjects.com/webstatic/logo/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/webstatic/logo/logo_paypal_106x27.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
48a50abe4331d7e9a3a258a9182db94d6ea23dce50aaf70b43403bdc67d0d6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/ppvx-app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1806
etag
"qe2R9qdpIOL3HI0q+J/EfJvcphAcb/HJg+n5kfVdVUM"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
last-modified
Mon, 01 Mar 2021 01:27:46 GMT
content-length
1575
server
Akamai Image Manager
expires
Sun, 07 Mar 2021 15:11:56 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18348
expires
Sun, 07 Mar 2021 04:11:56 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Oct 2020 22:15:19 GMT
cache-control
max-age=3600
etag
"5f7654f7-6318"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
e094a0c918144
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
slc-b-origin-www-2.paypal.com
content-length
25368
expires
Sun, 07 Mar 2021 04:11:56 GMT
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Apr 2020 19:23:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18536
expires
Sun, 07 Mar 2021 04:11:56 GMT
OrchestratorMain.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/
55 KB
16 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/OrchestratorMain.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
a2346317fa996
dc
slc-b-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
16301
last-modified
Thu, 19 Nov 2020 00:00:22 GMT
etag
W/"5fb5b596-dc08"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Mar 2021 04:11:56 GMT
fb.js
c.paypal.com/da/r/
61 KB
21 KB
Script
General
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish
age
1215826
x-cache
HIT
content-encoding
gzip
content-length
21347
x-served-by
cache-ams21034-AMS
last-modified
Tue, 26 Jan 2021 03:41:11 GMT
server
Apache
x-timer
S1615086717.166939,VS0,VE2
vary
Accept-Encoding
content-type
application/x-javascript
expires
Mon, 08 Mar 2021 03:11:57 GMT
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
78687
i
c.paypal.com/v1/r/d/ Frame ECBE
160 B
916 B
Document
General
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
c.paypal.com
:scheme
https
:path
/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
LANG=en_US%3BUS; enforce_policy=ccpa; l7_az=dcg01.phx; ts_c=vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad; x-cdn=fastly:AMS; tsrce=donatenodeweb; x-pp-s=eyJ0IjoiMTYxNTA4NjcxNjM3MiIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1709781115%26vteXpYrS%3D1615088515%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paypal.com/

Response headers

correlation-id
e86deff31a955
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
e86deff31a955
x-content-type-options
nosniff
x-xss-protection
1; mode=block
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Sun, 07 Mar 2021 03:11:57 GMT
x-served-by
cache-hhn11544-HHN, cache-ams21034-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1615086717.218040,VS0,VE174
vary
Accept-Encoding
content-encoding
br
counter2.cgi
dub.stats.paypal.com/v2/ Frame C564
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
  • https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
42 B
299 B
Image
General
Full URL
https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 07 Mar 2021 03:11:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v2/counter2.cgi?p=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Date
Sun, 07 Mar 2021 03:11:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
router.js
www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/
2 MB
331 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4033923f53f11148f61de82464c63a507695b46e9d647f240ab68dfcd6a8e479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
985a7ee1c2e5e
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
337341
last-modified
Fri, 05 Mar 2021 01:47:42 GMT
etag
W/"60418dbe-18c473"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Mon, 07 Mar 2022 03:11:57 GMT
recaptchav3.js
www.paypal.com/auth/createchallenge/bd3e238097ced441/
11 KB
6 KB
Script
General
Full URL
https://www.paypal.com/auth/createchallenge/bd3e238097ced441/recaptchav3.js?_sessionID=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c6556724595f33a4f1b1e8817df1742ec70fd81781ce1c9972d5a90cfe8de6b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-o9qpRWs6ZMLuokI/RMkoH+wlmedgsA0YVSGJVATA4EPC0a4l' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-o9qpRWs6ZMLuokI/RMkoH+wlmedgsA0YVSGJVATA4EPC0a4l' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
a5f2c0b8a25da
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7372-LHR, cache-ams21047-AMS
x-timer
S1615086717.380938,VS0,VE434
date
Sun, 07 Mar 2021 03:11:57 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"2b91-pXD5H5Iphwc8RIxIjK6uAllQTB0"
accept-ranges
none
x-cache-hits
0, 0
fb.js
c.paypal.com/da/r/ Frame ECBE
61 KB
21 KB
Script
General
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish
age
1215826
x-cache
HIT
content-encoding
gzip
content-length
21347
x-served-by
cache-ams21034-AMS
last-modified
Tue, 26 Jan 2021 03:41:11 GMT
server
Apache
x-timer
S1615086717.416070,VS0,VE1
vary
Accept-Encoding
content-type
application/x-javascript
expires
Mon, 08 Mar 2021 03:11:57 GMT
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
78688
PPUI-Icons.woff2
www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/
26 KB
27 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-29/PPUI-Icons.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8599d3429edb0a0c025a20e7e8c693ee5a6b815fbad8af5232cc7965f2931153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/css/router.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 19:40:20 GMT
cache-control
max-age=3600
etag
"6011c1a4-6904"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
f10464c3f170e
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
ccg11-origin-www-2.paypal.com
content-length
26884
expires
Sun, 07 Mar 2021 04:11:57 GMT
vendors~bodymovin.bundle.js
www.paypal.com/donate/js/apps/
247 KB
85 KB
Script
General
Full URL
https://www.paypal.com/donate/js/apps/vendors~bodymovin.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0903e17f90d5a74b150736326640d87f260953992284599eee567650995328ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
ef4de80f78c08
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7363-LHR, cache-ams21047-AMS
last-modified
Thu, 04 Mar 2021 23:34:45 GMT
x-timer
S1615086718.609078,VS0,VE215
etag
W/"3dd34-177ff97f608"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
hearts.bundle.js
www.paypal.com/donate/js/apps/
15 KB
4 KB
Script
General
Full URL
https://www.paypal.com/donate/js/apps/hearts.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
3edb7fc6737e4
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7373-LHR, cache-ams21047-AMS
last-modified
Thu, 04 Mar 2021 23:34:45 GMT
x-timer
S1615086718.609196,VS0,VE215
etag
W/"3c9b-177ff97f608"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
16.bundle.js
www.paypal.com/donate/js/apps/
31 KB
7 KB
Script
General
Full URL
https://www.paypal.com/donate/js/apps/16.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39e89c994731d373e50c3a796bf3a3b346ff61b68d0198b2380897e74fd69d24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
2f3aafe3ddb12
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7353-LHR, cache-ams21047-AMS
last-modified
Thu, 04 Mar 2021 23:34:45 GMT
x-timer
S1615086718.611428,VS0,VE168
etag
W/"7a83-177ff97f608"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
17.bundle.js
www.paypal.com/donate/js/apps/
176 KB
65 KB
Script
General
Full URL
https://www.paypal.com/donate/js/apps/17.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/82b/626b2f71f55f865822b60c48abe1f/js/apps/router.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d30f88c4d8db9d49ee08e99dba0371fab7c07b4a22981e4c55a0ea35d40541f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
c273d26862dd0
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7350-LHR, cache-ams21047-AMS
last-modified
Thu, 04 Mar 2021 23:34:45 GMT
x-timer
S1615086718.611512,VS0,VE219
etag
W/"2c001-177ff97f608"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/
42 B
488 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1615086717607&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&displayPage=main%3Adonate%3Awps%3Aguest%3Aguestform&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&bannerSource=ConsentNodeServ&e=ac
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1615086718.616608,VS0,VE175
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires
Sun, 07 Mar 2021 03:11:57 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11555-HHN, cache-ams21030-AMS
p1
c.paypal.com/v1/r/d/b/ Frame ECBE
125 B
672 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c63a8949ab3a8aa6448e3b9e4e5e628fc7c5d7ab5a4fc57bffdaa974698dcde

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
f6f45754bf854
x-served-by
cache-hhn11548-HHN, cache-ams21034-AMS
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
f6f45754bf854
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
p2
c.paypal.com/v1/r/d/b/ Frame ECBE
125 B
396 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p2
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a5456b5b941dc5f4da3bd007309836d70bfd73b35ccc61387c0057bdeba6619

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
302b7fc0d4c2a
x-served-by
cache-hhn11533-HHN, cache-ams21034-AMS
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
302b7fc0d4c2a
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame ECBE
0
80 B
Image
General
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&s=donatenodeweb_landing
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
92659a2684a06
x-timer
S1615086718.672308,VS0,VE204
x-served-by
cache-hhn11544-HHN, cache-ams21034-AMS
x-cache
MISS, MISS
paypal-debug-id
92659a2684a06
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
x-cache-hits
0, 0
grcenterprise_v3.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame A236
4 KB
2 KB
Document
General
Full URL
https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/bd3e238097ced441/recaptchav3.js?_sessionID=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.paypalobjects.com
:scheme
https
:path
/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paypal.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
W/"5f527c11-fae"
last-modified
Fri, 04 Sep 2020 17:40:33 GMT
paypal-debug-id
3206a79c842a6
surrogate-control
max-age=31536000
content-length
1549
dc
phx-origin-www-1.paypal.com
cache-control
max-age=31536000
expires
Mon, 07 Mar 2022 03:11:57 GMT
date
Sun, 07 Mar 2021 03:11:57 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
enterprise.js
www.recaptcha.net/recaptcha/ Frame A236
974 B
1 KB
Script
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c36d9b135e63684b3d7897701770d8e126af3ec1012407b50bd3d565af14c2e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
618
x-xss-protection
1; mode=block
expires
Sun, 07 Mar 2021 03:11:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame A236
331 KB
129 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paypalobjects.com
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 03:05:05 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame EB83
19 KB
10 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
37e8b0295936c2bd6f00a0283ce75a3d229daf79c0b4068bc7d3a8d0af32f08b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KtcEZOuzc+WDdOLYHMRA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paypalobjects.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paypalobjects.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 07 Mar 2021 03:11:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-KtcEZOuzc+WDdOLYHMRA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10172
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame EB83
50 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 22:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
103603
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Sat, 05 Mar 2022 22:25:15 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame EB83
331 KB
129 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 02:25:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2813
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 02:25:05 GMT
6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js
www.google.com/js/bg/ Frame EB83
14 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 22:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
105079
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6328
x-xss-protection
0
expires
Sat, 05 Mar 2022 22:00:39 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame EB83
102 B
295 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 03:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 07 Mar 2021 03:11:58 GMT
reload
www.google.com/recaptcha/enterprise/ Frame EB83
10 KB
7 KB
XHR
General
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3fdede36186a5dedb4f1b527b5df2225f6e688e9bd535b8558884ad1bc7852e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=4e3dgzhnkf8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 07 Mar 2021 03:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7179
x-xss-protection
1; mode=block
expires
Sun, 07 Mar 2021 03:11:58 GMT
ts
t.paypal.com/
42 B
510 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1615086718314&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3A%3Alanding%3AlandingPageComponent%3Aweb%3A%3A&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=pf&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&action=landing_page_loaded&uicomp=landingPageComponent&uitype=page&tt=4119&view=%7B%22t11%22%3A4120%2C%22et%22%3A%224g%22%2C%22pt%22%3A%22Donate%22%2C%22ru%22%3A%22%22%2C%22cd%22%3A24%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 03:11:58 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1615086718.323218,VS0,VE166
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slcb.slc
expires
Sun, 07 Mar 2021 03:11:58 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4081-HHN, cache-ams21030-AMS
verifygrcenterprise
www.paypal.com/auth/
0
2 KB
XHR
General
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-/6I8RithZb+i7Dfs0RA9jdmovuosDjMDteeO5qqtnIuryhup' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-/6I8RithZb+i7Dfs0RA9jdmovuosDjMDteeO5qqtnIuryhup' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
eb5fcdefd038b
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
phx-origin-www-2.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7335-LHR, cache-ams21047-AMS
x-timer
S1615086718.371336,VS0,VE305
date
Sun, 07 Mar 2021 03:11:58 GMT
vary
accept-encoding
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/
42 B
144 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.4.30&t=1615086718588&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1615086715299&calc=d756d81b1f695&nsid=JJpdWbWg-y_rnLIoovyRB_kefkfr30FF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8757dadae00248cfb347263f17a62407&comp=donatenodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&context_id=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&token=0sLWbe1txd_S1YR2amnmjgiQ_GG9tYeN1RpQtQlXXGS3ZGKKTRmaTK_3Q_EEqzlLNYqnHdBmWx9szp-x&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=button&entry_point=button&button_id=E826KFKL6VNSL&hosted_button_id=E826KFKL6VNSL&bn_code=PP-DonationsBF%3Abtn_donateCC_LG.gif%3AHosted&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=VARIABLE&autord=false&rdtyp=GET&gstalwd=true&mrid=QW5Q288VVZ2XE&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=im&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&imsrc=setup&view=%7B%22t10%22%3A965%2C%22t11%22%3A4169%2C%22tcp%22%3A2595%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Donate&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=1315&t3=892&t4d=1833&t4=1836&t4e=3&tt=4119&rdc=0&res=%7B%7D&rtt=186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=E826KFKL6VNSL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Mar 2021 03:11:58 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1615086719.596918,VS0,VE166
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Sun, 07 Mar 2021 03:11:58 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11581-HHN, cache-ams21030-AMS

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| paypalADSInterceptorInjected object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| miconfig object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.37.0 object| webpackJsonp function| setImmediate function| clearImmediate object| core object| regeneratorRuntime object| React object| ReactDOM function| _ function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| _0xbcff function| _0x5c8b

12 Cookies

Domain/Path Name / Value
.c.paypal.com/ Name: sc_f
Value: zfTlVNkMEVeBN84pTFN2_DlWVyR_ukjKRWkovDGl5g8YOYU1llr_7zSW6YIvAwaRsbm4735DKf5OHC7_ULU9QYJcATMMLkHUEdcCzm
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: cookie_prefs
Value: P%3D1%2CF%3D1%2Ctype%3Dimplicit
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: i3XXwinjvrrilQfAnRZQsn6aiZQIEry1TpM2554dbHlNkqoq4upgw3wxMSl_reTE6-dmWXuNVdWLUe8b
www.paypal.com/ Name: nsid
Value: s%3AJJpdWbWg-y_rnLIoovyRB_kefkfr30FF.9qUwbeRi5n87UQ5rCBr4MTkuBb6Ra2Z7OG0E%2FN11imQ
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYxNTA4NjcxNzcyOSIsImwiOiIxIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1709781117%26vteXpYrS%3D1615088517%26vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad%26vtyp%3Dnew
.paypal.com/ Name: x-cdn
Value: fastly:AMS
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts_c
Value: vr%3D0aab7ecc1780a7886854bb54fd541aae%26vt%3D0aab7ecc1780a7886854bb54fd541aad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bhoJRNyqUIyNXKZwkOZHKd8friLfSJ3K5MogBQu+fX5dyj1W' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
flowinglove.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
104.111.228.123
151.101.1.35
151.101.193.21
151.101.193.35
209.159.155.163
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
64.4.245.84
02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689
0903e17f90d5a74b150736326640d87f260953992284599eee567650995328ad
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
1a5456b5b941dc5f4da3bd007309836d70bfd73b35ccc61387c0057bdeba6619
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
37e8b0295936c2bd6f00a0283ce75a3d229daf79c0b4068bc7d3a8d0af32f08b
39e89c994731d373e50c3a796bf3a3b346ff61b68d0198b2380897e74fd69d24
3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
4033923f53f11148f61de82464c63a507695b46e9d647f240ab68dfcd6a8e479
44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5
48a50abe4331d7e9a3a258a9182db94d6ea23dce50aaf70b43403bdc67d0d6e7
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
5c63a8949ab3a8aa6448e3b9e4e5e628fc7c5d7ab5a4fc57bffdaa974698dcde
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7c6556724595f33a4f1b1e8817df1742ec70fd81781ce1c9972d5a90cfe8de6b
8599d3429edb0a0c025a20e7e8c693ee5a6b815fbad8af5232cc7965f2931153
8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
a3090469b6cf02a0141f461e3ad242c89a65b7a185291af1d482ef5673c13074
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209
a6e26acbc59c0373db409aa25d5c38f71edd444b8a6dacd09019c05f7213f8b7
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
c36d9b135e63684b3d7897701770d8e126af3ec1012407b50bd3d565af14c2e0
c751796fca089cbe8cd757aff6f6fbd38d565bdb693fc6900f75ae3ab9412c2c
d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2
d30f88c4d8db9d49ee08e99dba0371fab7c07b4a22981e4c55a0ea35d40541f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fdede36186a5dedb4f1b527b5df2225f6e688e9bd535b8558884ad1bc7852e
e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d