urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.1.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://epl.paypal-communication.com/T/v600000178ad2cd24aa037ddf4bbe5be68/d60e7edcc1f242aa0000021ef3a0bcd5/d60e7edc-c1f2-42aa-835b-03...
Effective URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5T...
Submission: On April 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 151.101.1.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 159.127.187.100 19137 (EPSILON-I...)
2 151.101.1.21 54113 (FASTLY)
20 104.111.228.123 16625 (AKAMAI-AS)
1 151.101.129.35 54113 (FASTLY)
23 3
Domain Requested by
20 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 www.paypal.com www.paypalobjects.com
1 t.paypal.com www.paypal.com
1 epl.paypal-communication.com 1 redirects
23 4

This site contains links to these domains. Also see Links.

Domain
www.aboutads.info
newsroom.paypal-corp.com
investor.paypal-corp.com
publicpolicy.paypal-corp.com
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-12 -
2022-02-12		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-17 -
2021-11-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Frame ID: 7583DEBE991D52BE581A0104C94F09E9
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://epl.paypal-communication.com/T/v600000178ad2cd24aa037ddf4bbe5be68/d60e7edcc1f242aa0000021ef3a0bcd5/d60e7e... HTTP 302
    https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

553 kB
Transfer

2127 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://epl.paypal-communication.com/T/v600000178ad2cd24aa037ddf4bbe5be68/d60e7edcc1f242aa0000021ef3a0bcd5/d60e7edc-c1f2-42aa-835b-039939eeb4b7 HTTP 302
    https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request marketing-preferences
www.paypal.com/myaccount/settings/
Redirect Chain
  • https://epl.paypal-communication.com/T/v600000178ad2cd24aa037ddf4bbe5be68/d60e7edcc1f242aa0000021ef3a0bcd5/d60e7edc-c1f2-42aa-835b-039939eeb4b7?
  • https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf609b1367bb77f80074b0f0c1ada209249210a295223f45801320fceb4d9836
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2xniUd4MWL9PrjTvAFFCMeZS5czfWQxLmXaXIfw2N4PMFwlp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2xniUd4MWL9PrjTvAFFCMeZS5czfWQxLmXaXIfw2N4PMFwlp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"9d67-A22FYvKjC2zS2Lp+iCdPh+6q5sg"
paypal-debug-id
cedc321dd70be
set-cookie
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Thu, 14 Apr 2022 17:23:38 GMT; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Thu, 15 Apr 2021 02:09:34 GMT; HttpOnly; Secure; SameSite=None tsrce=settingsnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sat, 17 Apr 2021 17:23:37 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxODQyMTAxODM4NiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3AYRkSI6_f9NB8ui4oCLe-QEpX1rxoJvzz.UtBdH2RREyZ0XL%2FrYi5xyayshiG3v4%2Bo6ULcB2kXwrI; Path=/; HttpOnly; Secure l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Wed, 14 Apr 2021 17:53:38 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1713115417%26vteXpYrS%3D1618422817%26vr%3Dd168ecfb1780ad0468e1dd7ffd620971%26vt%3Dd168ecfb1780ad0468e1dd7ffd620970%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sat, 13 Apr 2024 17:23:38 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Dd168ecfb1780ad0468e1dd7ffd620971%26vt%3Dd168ecfb1780ad0468e1dd7ffd620970; Path=/; Domain=paypal.com; Expires=Sat, 13 Apr 2024 17:23:38 GMT; Secure; SameSite=None x-cdn=fastly:FRA; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Wed, 14 Apr 2021 17:23:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn11579-HHN, cache-fra19123-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1618421018.776164,VS0,VE693
vary
Accept-Encoding
content-encoding
br

Redirect headers

location
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
cache-control
no-cache
content-length
0
date
Wed, 14 Apr 2021 17:23:37 GMT
app.ltr.css
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/ 		278 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/app.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d525e71888740eac089e734850355ddc0b0dd5c07ed2a880ed716f24b8a60217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
8f9bc67e77aeb
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
47021
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-457af"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
style.css
www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/ 		121 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b82ad7c257db89d82292e31541cc5c5b98e7eab5369d6c3ea742478f2cf4694d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 05:45:16 GMT
etag
W/"5bdfd8ec-1e31f"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
text/css
paypal-debug-id
1791516bbfb7d
cache-control
public, max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-3.paypal.com
content-length
20669
expires
Wed, 14 Apr 2021 18:23:38 GMT
settings.ltr.css
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/ 		154 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/settings.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8d2b9c6a5198807e471d48f9561f8e41c55ba17a99b66dab858b93f500ed56d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
914a1ed58c6db
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
29181
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-26720"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
unAuth.ltr.css
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/ 		283 B
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/unAuth.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b206371c157afc5c0e6275809df6a5ad604f74c112f9ddb48a8fea466b207d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
8614c0571c1b5
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
193
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-11b"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
243a1c7c64da6f60be60db0fe8603cf6a3ba4b30245ce3e3df312229c85ee40c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
c64fe3be918ce
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
20211
last-modified
Wed, 31 Mar 2021 18:24:01 GMT
etag
W/"6064be41-d0b8"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Apr 2021 18:23:38 GMT
app.js
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/ 		257 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/app.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9529205603a16cc8a7359af6a57a6a593583b5977c58fcf4a07a3a09ae63f606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
5a8a560578deb
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
81567
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-402b4"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
bootstrap.js
www.paypalobjects.com/tagmgmt/ 		19 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/tagmgmt/bootstrap.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
4bf9e8a157fb2
dc
slc-b-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
19
last-modified
Sat, 13 Feb 2021 00:28:58 GMT
etag
"60271d4a-13"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Apr 2021 18:23:38 GMT
xhr-ads.min.js
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/xhr-ads.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c130e32be5fc8988a3075c62e61ed24103ca35da7ef9a0b1172fd5deaa41a443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
f5eef8290161e
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4889
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-3ffc"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
jquery-3.2.1.min.js
www.paypalobjects.com/digitalassets/c/website/marketing/global/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/scripts/jquery-3.2.1.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Sep 2017 21:15:05 GMT
etag
W/"59c42bd9-15283"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
495b8d2387f5e
cache-control
public, max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-3.paypal.com
content-length
30388
expires
Wed, 14 Apr 2021 18:23:38 GMT
header.js
www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/js/header.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a22069fdf72709159f8864b3b709924d760a9d1457ea35133884f0fc2815cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Jan 2018 05:03:56 GMT
etag
W/"5a544d3c-1caf"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
69b4a3738ef9
cache-control
public, max-age=3600
strict-transport-security
max-age=31536000
dc
phx-origin-www-3.paypal.com
content-length
1495
expires
Wed, 14 Apr 2021 18:23:38 GMT
ppcom-white.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom-white.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 21 Mar 2015 01:00:01 GMT
cache-control
public, max-age=3600
etag
W/"550cc291-1445"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
paypal-debug-id
194663f7c8fe9
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-3.paypal.com
content-length
1988
expires
Wed, 14 Apr 2021 18:23:38 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18348
expires
Wed, 14 Apr 2021 18:23:38 GMT
ConsumerIcons-Regular.woff
www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ConsumerIcons-Regular.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/app.ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/css/app.ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:29:23 GMT
cache-control
public, max-age=3600
etag
"60271d63-8b5c"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
paypal-debug-id
ebb4e46c3bfbf
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
slc-b-origin-www-3.paypal.com
content-length
35676
expires
Wed, 14 Apr 2021 18:23:38 GMT
PayPalSansSmall-Medium.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Medium.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1fc978067430d2bf5d50d4adebd57ec8cb847f63cb8925fddb76fb5825071e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
48487
expires
Wed, 14 Apr 2021 18:23:38 GMT
miconfig.js
www.paypalobjects.com/pa/mi/ 		114 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf457a5b74e7e1b8f31704fe22cc98a9caff4901d1e6bd4c2919e6d1ad5ccf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
e6d41d75007ac
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
21046
last-modified
Wed, 31 Mar 2021 18:24:01 GMT
etag
W/"6064be41-1c73b"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Apr 2021 18:23:38 GMT
dust-templates.js
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/templates/US/en/ 		518 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/templates/US/en/dust-templates.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
387028e330931d380283f5271e711d1cc12a5dd09c7fd80accfed3afd72d6a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
564ddabd43f59
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
75558
last-modified
Tue, 23 Mar 2021 11:35:52 GMT
etag
W/"6059d298-81874"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, GET
content-type
application/javascript
access-control-allow-origin
*, *
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token, x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
languagepack.js
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/locales/US/en/ 		32 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/locales/US/en/languagepack.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47becca749c820dc8fc7c37f6d0c4b9314499a381d09ba6619ec04ae8e69a055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
7b235f6cf8735
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
52
last-modified
Tue, 23 Mar 2021 11:26:24 GMT
etag
"6059d060-20"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
1.1.js
www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/ 		250 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/1.1.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f00/fda26fb6fddd42fd56d7f0767a1aa/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44fe5c91142133e98306bcbedf45b12f0d2483cd69982a0a17d3b3312c37f087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
98a62597b6952
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
61446
last-modified
Tue, 23 Mar 2021 11:26:23 GMT
etag
W/"6059d05f-3e935"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-headers
x-csrf-token
expires
Thu, 14 Apr 2022 17:23:38 GMT
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
b4482227adc99
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
42976
last-modified
Sat, 13 Feb 2021 00:27:05 GMT
etag
W/"60271cd9-1e7b4"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Apr 2021 18:23:38 GMT
ts
t.paypal.com/ 		42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.33&t=1618421018767&g=-120&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgst=1618421017862&calc=cedc321dd70be&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=8b14e6ab8a934ab998ec0a1791c6fcc0&comp=settingsnodeweb&tsrce=settingsnodeweb&cu=0&pxpguid=d168ecfb1780ad0468e1dd7ffd620971&ef_policy=ccpa&cust=AEAYLQLLAJFEL&acnt=anon&aver=unverified&rstr=unrestricted&xe=100226%2C100229%2C100613%2C101004%2C100323%2C100326%2C100134%2C100904%2C100328%2C101096%2C100719%2C100272%2C103298%2C102405%2C102501%2C102285%2C101228%2C100172%2C101843%2C100146%2C103543%2C102809%2C102621%2C103520%2C102652%2C100865%2C103232%2C101065%2C100170%2C101965%2C100175%2C102297%2C101849%2C101791%2C101036%2C101615%2C102830%2C100659%2C101236%2C100663%2C101815%2C100091%2C102913%2C102677%2C100513%2C100401%2C100737%2C100551%2C100617%2C100827%2C100378%2C101324%2C100783%2C101219%2C102787%2C101218%2C100999%2C103436%2C102158%2C102805%2C102308%2C100314%2C100225%2C102467%2C102147%2C102212%2C101576%2C101194%2C100818%2C102366%2C102054%2C102056%2C102717%2C101628%2C100223%2C100802%2C100825&xt=100541%2C100549%2C101615%2C102918%2C100814%2C100820%2C100316%2C102612%2C100824%2C103272%2C101917%2C100651%2C113076%2C108915%2C109330%2C108399%2C103944%2C100417%2C106431%2C100343%2C114156%2C110808%2C109914%2C114057%2C110120%2C102464%2C112816%2C103106%2C100413%2C107028%2C100423%2C108430%2C106446%2C106175%2C105193%2C105339%2C110981%2C103023%2C103967%2C103028%2C106278%2C100217%2C111351%2C110185%2C101360%2C101006%2C101972%2C101466%2C101625%2C102296%2C100957%2C104292%2C102175%2C103871%2C110683%2C103869%2C102906%2C113694%2C107861%2C110795%2C108480%2C100764%2C100539%2C109166%2C107815%2C108450%2C105088%2C103745%2C102272%2C109336%2C107358%2C107362%2C110353%2C105369%2C100533%2C102228%2C102292&e=im&cdn=fastly&pt=PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Apr 2021 17:23:38 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1618421019.787875,VS0,VE162
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slcb.slc
expires
Wed, 14 Apr 2021 17:23:38 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4035-HHN, cache-fra19154-FRA
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
2071ccc110319
dc
ccg11-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
3212
last-modified
Sat, 13 Feb 2021 00:27:05 GMT
etag
W/"60271cd9-235d"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Apr 2021 18:23:38 GMT
tealeaftarget
www.paypal.com/platform/ 		40 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8abc1c589883918af5ab4affa65d626282aaf28e93224dd0555f6c6b036ed7b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-Tealeaf
device (UIC) Lib/5.6.0.1875
X-Tealeaf-SyncXHR
false
X-Tealeaf-MessageTypes
1,2,5,12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=4Y930455LX038813U&EID=ABcU.jM1.9sV9mLvXkdEaNWtbH.c5TgOucshrNhAhuY7t1EZXw-iHtZHlZBp9KLPVe0&cat=pnp&mplx=119940287260355
X-PageId
P.YX8R4H4BYRASNTXNQSFQM5J3UVMF
X-Requested-With
fetch
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/myaccount/settings/marketing-preferences

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
982db88ab6067
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-hhn4047-HHN, cache-fra19123-FRA
x-timer
S1618421019.975072,VS0,VE156
x-frame-options
SAMEORIGIN
date
Wed, 14 Apr 2021 17:23:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"28-FcH3R8rzTs+TPB/I+xWecEmzvzs"
accept-ranges
none
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| webpackJsonp object| _REQJS_ object| Backbone object| dust object| PPVX object| dataLayer function| $ function| jQuery object| miconfig object| laDataLayer object| pako object| TLT

9 Cookies

Domain/Path Name / Value
.paypal.com/ Name: x-cdn
Value: fastly:FRA
.paypal.com/ Name: ts_c
Value: vr%3Dd168ecfb1780ad0468e1dd7ffd620971%26vt%3Dd168ecfb1780ad0468e1dd7ffd620970
.paypal.com/ Name: l7_az
Value: dcg15.slc
www.paypal.com/ Name: nsid
Value: s%3AYRkSI6_f9NB8ui4oCLe-QEpX1rxoJvzz.UtBdH2RREyZ0XL%2FrYi5xyayshiG3v4%2Bo6ULcB2kXwrI
.paypal.com/ Name: ts
Value: vreXpYrS%3D1713115418%26vteXpYrS%3D1618422818%26vr%3Dd168ecfb1780ad0468e1dd7ffd620971%26vt%3Dd168ecfb1780ad0468e1dd7ffd620970%26vtyp%3Dnew
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYxODQyMTAxODM4NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: settingsnodeweb
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: enforce_policy
Value: ccpa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2xniUd4MWL9PrjTvAFFCMeZS5czfWQxLmXaXIfw2N4PMFwlp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epl.paypal-communication.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
151.101.1.21
151.101.129.35
159.127.187.100
1fc978067430d2bf5d50d4adebd57ec8cb847f63cb8925fddb76fb5825071e85
219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8
243a1c7c64da6f60be60db0fe8603cf6a3ba4b30245ce3e3df312229c85ee40c
387028e330931d380283f5271e711d1cc12a5dd09c7fd80accfed3afd72d6a3f
3a22069fdf72709159f8864b3b709924d760a9d1457ea35133884f0fc2815cb2
44fe5c91142133e98306bcbedf45b12f0d2483cd69982a0a17d3b3312c37f087
47becca749c820dc8fc7c37f6d0c4b9314499a381d09ba6619ec04ae8e69a055
61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9529205603a16cc8a7359af6a57a6a593583b5977c58fcf4a07a3a09ae63f606
a8abc1c589883918af5ab4affa65d626282aaf28e93224dd0555f6c6b036ed7b
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b206371c157afc5c0e6275809df6a5ad604f74c112f9ddb48a8fea466b207d93
b82ad7c257db89d82292e31541cc5c5b98e7eab5369d6c3ea742478f2cf4694d
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
bf457a5b74e7e1b8f31704fe22cc98a9caff4901d1e6bd4c2919e6d1ad5ccf88
bf609b1367bb77f80074b0f0c1ada209249210a295223f45801320fceb4d9836
c130e32be5fc8988a3075c62e61ed24103ca35da7ef9a0b1172fd5deaa41a443
d525e71888740eac089e734850355ddc0b0dd5c07ed2a880ed716f24b8a60217
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
e8d2b9c6a5198807e471d48f9561f8e41c55ba17a99b66dab858b93f500ed56d