www.paypal.com Open in urlscan Pro
104.111.228.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Submission: On February 25 via api (February 25th 2021, 3:33:26 pm UTC) from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 5 domains to perform 47 HTTP transactions. The main IP is 104.111.228.123, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 13th 2021. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
21	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
5	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	23.79.143.246 23.79.143.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::291	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
47	10

7 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.79.143.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-246.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	paypalobjects.com www.paypalobjects.com	598 KB
18	paypal.com 1 redirects www.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com c6.paypal.com	592 KB
4	google.com www.google.com	24 KB
3	gstatic.com www.gstatic.com	283 KB
1	recaptcha.net www.recaptcha.net	1 KB
47	5

	Domain	Requested by
21	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
7	www.paypal.com	www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.google.com	www.gstatic.com www.google.com
3	www.gstatic.com	www.recaptcha.net www.google.com
3	t.paypal.com	www.paypal.com
1	www.recaptcha.net	www.paypalobjects.com
1	c6.paypal.com	www.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
47	10

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-13` - `2022-01-11`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-18` - `2021-11-22`	a year	crt.sh
misc.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Frame ID: F591013DB6E42FB96AA7BF2DD556A01E
Requests: 31 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: DEACD544E05F71AACAD935F599751ACF
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing
Frame ID: 2B93A53728B99116355C91620EEFA642
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Frame ID: B871A5A06748C4F2693BCB15F489B737
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
Frame ID: 278F30ECF572881DA8B70DE7D7AFF772
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

47
Requests

98 %
HTTPS

44 %
IPv6

5
Domains

10
Subdomains

10
IPs

2
Countries

1497 kB
Transfer

4069 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://b.stats.paypal.com/v2/counter.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing

47 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.paypal.com/donate/ 226 KB
53 KB 997ms
910ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a8778b5fc50096ea48973004ae2d23b283a0088caeee5014a4f69c8a944313c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-OvVdq7j6HdEhANL30B6/w30QURFcRcmB6U4qIfVKYNoqNCVN' 'self' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-OvVdq7j6HdEhANL30B6/w30QURFcRcmB6U4qIfVKYNoqNCVN' 'self' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: text/html; charset=utf-8
etag: W/"386ba-55p756X5pe7xMG/AJ3ymsL3IFJo"
paypal-debug-id: 22558ced4f1b2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: phx-origin-www-2.paypal.com
x-edgeconnect-midmile-rtt: 144
x-edgeconnect-origin-mex-latency: 728
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 25 Feb 2021 15:33:02 GMT
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 25 Feb 2022 15:33:02 GMT; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 26 Feb 2021 00:18:58 GMT; HttpOnly; Secure; SameSite=None tsrce=donatenodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Sun, 28 Feb 2021 15:33:01 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNDI2NzE4MjM0NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3AsnORWlYxIDwMEeewBfR8S748NdFj6m4M.xlfDb%2BO%2Ff%2BaoMaifClAAHzYDrxpz5rfFxd3VvRTexm0; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Thu, 25 Feb 2021 16:03:02 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1708875181%26vteXpYrS%3D1614268981%26vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 25 Feb 2024 15:33:02 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8; Path=/; Domain=paypal.com; Expires=Sun, 25 Feb 2024 15:33:02 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1614267782~id=e3c2c41e6f520236153731b4edd1b37e; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 112ms
21ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 9804971
x-cache: HIT, HIT
paypal-debug-id: 3486f09c9ada6
dc: ccg11-origin-www-1.paypal.com
content-length: 18320
x-served-by: cache-sjc10030-SJC, cache-hhn4046-HHN
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
x-timer: S1614267183.782488,VS0,VE0
etag: "5f7654f7-4790"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1038, 63

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 125ms
33ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 10220354
x-cache: HIT, HIT
paypal-debug-id: 39e5904d527a7
dc: phx-origin-www-3.paypal.com
content-length: 18360
x-served-by: cache-sjc10081-SJC, cache-hhn4046-HHN
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
x-timer: S1614267183.782972,VS0,VE0
etag: "5f7654f7-47b8"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 392, 10

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
6 KB 112ms
21ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 24963011
x-cache: HIT, HIT, HIT
content-encoding: gzip
vary: Accept-Encoding
content-length: 6222
x-served-by: cache-dfw18650-DFW, cache-sjc10026-SJC, cache-hhn4069-HHN
last-modified: Mon, 11 May 2020 09:43:19 GMT
server: Apache
x-timer: S1614267183.782209,VS0,VE0
strict-transport-security: max-age=31557600
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 418, 57657, 34470

GET
H2 200 fonts-and-normalize.min.css
www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/ 4 KB
1 KB 110ms
20ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 18198371
x-cache: HIT, HIT, HIT
content-encoding: gzip
vary: Accept-Encoding
content-length: 1034
x-served-by: cache-lax8620-LAX, cache-sjc10038-SJC, cache-hhn4069-HHN
last-modified: Thu, 30 Jul 2020 00:20:50 GMT
server: Apache
x-timer: S1614267183.782098,VS0,VE0
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 11860, 66084, 15275

GET
H2 200 ppvx.css
www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ 80 KB
10 KB 134ms
44ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ppvx.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69059
x-cache: MISS, HIT
paypal-debug-id: eb4604b1fbae0
x-cache-hits: 0, 23
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9834
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10042-SJC, cache-hhn4069-HHN
last-modified: Tue, 23 Feb 2021 22:45:36 GMT
x-timer: S1614267183.782260,VS0,VE0
etag: W/"60358590-13f6d"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 18:33:31 GMT

GET
H2 200 router.css
www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ 128 KB
16 KB 111ms
21ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/router.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26213849f88ffe06aa64c9662330f4220dcdde5b8e8d32eb9cd37b38dd3e9eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69059
x-cache: MISS, HIT
paypal-debug-id: 2be720b49712
x-cache-hits: 0, 21
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 15887
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10020-SJC, cache-hhn4069-HHN
last-modified: Tue, 23 Feb 2021 22:45:36 GMT
x-timer: S1614267183.782239,VS0,VE0
etag: W/"60358590-20195"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 18:43:42 GMT

GET
H2 200 internalServerError.css
www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ 23 KB
4 KB 110ms
20ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/internalServerError.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7cfe3113a1f47629ca180c6c28864284e81b79f06fddfe4742ae7469e4a63960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69059
x-cache: MISS, HIT
paypal-debug-id: 224a0aa3e9943
x-cache-hits: 0, 21
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 3719
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10061-SJC, cache-hhn4069-HHN
last-modified: Tue, 23 Feb 2021 22:45:36 GMT
x-timer: S1614267183.782222,VS0,VE0
etag: W/"60358590-5bc1"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 18:43:42 GMT

GET
H2 200 ppvx-app.css
www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ 52 KB
10 KB 133ms
44ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ppvx-app.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71315
x-cache: MISS, HIT
paypal-debug-id: 83b68bd6d3872
x-cache-hits: 0, 23
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9585
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10047-SJC, cache-hhn4069-HHN
last-modified: Tue, 23 Feb 2021 22:45:36 GMT
x-timer: S1614267183.782220,VS0,VE0
etag: W/"60358590-d131"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 18:33:31 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/staging/pa/js/min/ 52 KB
20 KB 138ms
49ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/staging/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635035
x-cache: HIT, HIT
paypal-debug-id: 79f6b9c21776a
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 20178
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10077-SJC, cache-hhn4069-HHN
last-modified: Thu, 18 Feb 2021 06:52:33 GMT
x-timer: S1614267183.782367,VS0,VE1
etag: W/"602e0eb1-d060"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 57, 1

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 52 KB
20 KB 110ms
21ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635150
x-cache: HIT, HIT
paypal-debug-id: 2d5956ef1bd8d
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 20130
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10044-SJC, cache-hhn4069-HHN
last-modified: Thu, 18 Feb 2021 06:57:36 GMT
x-timer: S1614267183.782330,VS0,VE0
etag: W/"602e0fe0-cfcb"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 109383, 159

GET
H2 200 ic_arrow.svg
www.paypalobjects.com/images/Cause/CampaignPage/ 1 KB
730 B 21ms
21ms Image
image/svg+xml 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/Cause/CampaignPage/ic_arrow.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1912569
x-cache: HIT, HIT
paypal-debug-id: 348b1dca86f2d
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 528
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10047-SJC, cache-hhn4069-HHN
last-modified: Thu, 01 Oct 2020 22:14:08 GMT
x-timer: S1614267183.838833,VS0,VE1
etag: W/"5f7654b0-4e4"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 17, 1

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 61 KB
21 KB 74ms
25ms Script
application/x-javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish
age: 396291
x-cache: HIT
content-encoding: gzip
content-length: 21347
x-served-by: cache-ams21076-AMS
last-modified: Tue, 26 Jan 2021 03:41:11 GMT
server: Apache
x-timer: S1614267183.882422,VS0,VE2
vary: Accept-Encoding
content-type: application/x-javascript
expires: Fri, 26 Feb 2021 15:33:02 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 61665

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/staging/pa/mi/ 244 KB
25 KB 21ms
21ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/staging/pa/mi/miconfig.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/staging/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095863
x-cache: HIT, HIT
paypal-debug-id: e576914da4c5
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 25727
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10071-SJC, cache-hhn4046-HHN
last-modified: Fri, 12 Feb 2021 22:44:08 GMT
x-timer: S1614267183.842877,VS0,VE1
etag: W/"602704b8-3ce2f"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 256, 1

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/pa/mi/ 110 KB
21 KB 26ms
25ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/miconfig.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095852
x-cache: HIT, HIT
paypal-debug-id: 597d3859034df
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 20779
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10039-SJC, cache-hhn4046-HHN
last-modified: Fri, 12 Feb 2021 22:44:08 GMT
x-timer: S1614267183.843958,VS0,VE0
etag: W/"602704b8-1b9c2"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 140645, 481

GET
H2 200 logo_paypal_106x27.png
www.paypalobjects.com/webstatic/logo/ 3 KB
3 KB 22ms
22ms Image
image/png 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/logo/logo_paypal_106x27.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ppvx-app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5b4b06879f67d270c16984685854fffa267be3e05db4d025761676ddd46a1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/ppvx-app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 216118
x-cache: HIT, HIT
paypal-debug-id: 272703021a8d5
dc: slc-b-origin-www-2.paypal.com
content-length: 2787
x-served-by: cache-sjc10050-SJC, cache-hhn4069-HHN
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
x-timer: S1614267183.851455,VS0,VE1
etag: "53611ccb-ae3"
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 435, 1

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 23ms
22ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 12693241
x-cache: HIT, HIT
paypal-debug-id: 3562e46b970d7
dc: ccg11-origin-www-1.paypal.com
content-length: 18508
x-served-by: cache-sjc10045-SJC, cache-hhn4046-HHN
last-modified: Wed, 26 Aug 2020 18:33:55 GMT
x-timer: S1614267183.852840,VS0,VE0
etag: "5f46ab13-484c"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 33742, 457577

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 30ms
30ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/paypal-ui/web/fonts-and-normalize/1-1-0/fonts-and-normalize.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 13284571
x-cache: HIT, HIT
paypal-debug-id: 742f6aadee256
dc: ccg11-origin-www-3.paypal.com
content-length: 25368
x-served-by: cache-sjc10028-SJC, cache-hhn4046-HHN
last-modified: Wed, 26 Aug 2020 18:33:55 GMT
x-timer: S1614267183.852996,VS0,VE0
etag: "5f46ab13-6318"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 124890, 490920

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 26ms
26ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 13326501
x-cache: HIT, HIT
paypal-debug-id: 4430072ed4be7
dc: slc-b-origin-www-2.paypal.com
content-length: 18320
x-served-by: cache-sjc10062-SJC, cache-hhn4046-HHN
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
x-timer: S1614267183.852968,VS0,VE0
etag: "5a66ae4b-4790"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 121508, 680119

GET
H2 200 router.js Show response
www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/ 1 MB
321 KB 23ms
22ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/router.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee2fa9fb1cbbb50e3015025832af555b5ff356f0e97e54ddcec7a97304f71328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65201
x-cache: HIT, HIT
paypal-debug-id: 492a03535af9b
x-cache-hits: 1, 1
dc: ccg11-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 327806
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10059-SJC, cache-hhn4046-HHN
last-modified: Tue, 23 Feb 2021 22:45:38 GMT
x-timer: S1614267183.914234,VS0,VE1
etag: W/"60358592-17eed7"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 21:18:24 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/26c946e131f605fd/ 11 KB
13 KB 440ms
439ms Script
text/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/26c946e131f605fd/recaptchav3.js?_sessionID=snORWlYxIDwMEeewBfR8S748NdFj6m4M

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

eafbd20c5580aa443f9baf9f96a79f4dcf3d82f44e97a2ee9c3162972e593b11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-sWFWk6NBKmMurZwJ+heZQz9wWyKUvY3bJWqWnqfmDBQR8ySe' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 245
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-sWFWk6NBKmMurZwJ+heZQz9wWyKUvY3bJWqWnqfmDBQR8ySe' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 153
etag: W/"2b35-Rr1SDuJO6Ev80dvwPp8pKApWWNk"
strict-transport-security: max-age=63072000
content-type: text/javascript; charset=utf-8
paypal-debug-id: 7ff3de6a2928a
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 25 Feb 2021 15:33:03 GMT
dc: phx-origin-www-2.paypal.com
content-length: 11061
x-xss-protection: 1; mode=block

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/ 55 KB
16 KB 25ms
24ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.37.0/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3323636
x-cache: HIT, HIT
paypal-debug-id: 477fb0cb11bb3
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 16301
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10038-SJC, cache-hhn4046-HHN
last-modified: Thu, 19 Nov 2020 00:00:22 GMT
x-timer: S1614267183.937833,VS0,VE0
etag: W/"5fb5b596-dc08"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 99774, 17

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame DEAC 160 B
937 B 182ms
181ms Document
text/html 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=donatenodeweb; x-pp-s=eyJ0IjoiMTYxNDI2NzE4MjM0NSIsImwiOiIwIiwibSI6IjAifQ; l7_az=dcg13.slc; ts=vreXpYrS%3D1708875181%26vteXpYrS%3D1614268981%26vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8%26vtyp%3Dnew; ts_c=vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8; x-cdn=akamai
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Response headers

correlation-id: c90ac46e10f3f
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: c90ac46e10f3f
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 Feb 2021 15:33:03 GMT
x-served-by: cache-hhn4034-HHN, cache-ams21076-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1614267183.954343,VS0,VE158
vary: Accept-Encoding
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 2B93
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing
https://dub.stats.paypal.com/v2/counter2.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing

42 B
299 B

144ms
49ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 15:33:03 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing
Date: Thu, 25 Feb 2021 15:33:03 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 vendors~bodymovin.bundle.js Show response
www.paypal.com/donate/js/apps/ 247 KB
249 KB 357ms
356ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/vendors~bodymovin.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

85d9c54e09ab8b5b8fd6c19fce7b171d1a0323779e61ba605ef3c71ae55e2dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 95
date: Thu, 25 Feb 2021 15:33:03 GMT
last-modified: Tue, 23 Feb 2021 19:09:55 GMT
x-edgeconnect-midmile-rtt: 147
etag: W/"3dd31-177d04c43b8"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
paypal-debug-id: 8fca9a15d0dd1
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 253233

GET
H2 200 hearts.bundle.js Show response
www.paypal.com/donate/js/apps/ 15 KB
16 KB 317ms
317ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/hearts.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 107
date: Thu, 25 Feb 2021 15:33:03 GMT
last-modified: Tue, 23 Feb 2021 19:09:55 GMT
x-edgeconnect-midmile-rtt: 144
etag: W/"3c9b-177d04c43b8"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
paypal-debug-id: 6076baef40df1
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 15515

GET
H2 200 17.bundle.js Show response
www.paypal.com/donate/js/apps/ 34 KB
35 KB 334ms
333ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/17.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

6ac20c5dde498989b3f227d84a117106390ac6abfcef51edf93feb0601f404d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 102
date: Thu, 25 Feb 2021 15:33:03 GMT
last-modified: Tue, 23 Feb 2021 19:09:55 GMT
x-edgeconnect-midmile-rtt: 152
etag: W/"866f-177d04c43b8"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
paypal-debug-id: ad8a705daa5f4
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 34415

GET
H2 200 18.bundle.js Show response
www.paypal.com/donate/js/apps/ 176 KB
177 KB 385ms
384ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/donate/js/apps/18.bundle.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/js/apps/router.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

8257dd7ad8e1a9ee1b2fe0a1ac84179064ff811069206969c4aec67d246a0e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 90
date: Thu, 25 Feb 2021 15:33:03 GMT
last-modified: Tue, 23 Feb 2021 19:09:55 GMT
x-edgeconnect-midmile-rtt: 148
etag: W/"2be1c-177d04c43b8"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
paypal-debug-id: df89481456542
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 179740

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
859 B 238ms
177ms Image
image/gif 23.79.143.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1614267183223&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1614267181717&calc=22558ced4f1b2&nsid=snORWlYxIDwMEeewBfR8S748NdFj6m4M&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=e270509af15c43b78e9c29a028a3d930&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=ccpa&context_id=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&token=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=url&entry_point=url&button_id=EGDAP5V29QZ3Q&hosted_button_id=EGDAP5V29QZ3Q&bn_code=5NYTQ8JLU653W%3APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=MERCHANT_RECOMMENDED&autord=false&rdtyp=GET&gstalwd=false&mrid=5NYTQ8JLU653W&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&displayPage=main%3Adonate%3Awps%3Aguest%3Aguestform&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&bannerSource=ConsentNodeServ&e=ac
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-246.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 15:33:03 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 25 Feb 2021 15:33:03 GMT

GET
H2 200 PPUI-Icons.woff2
www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-26/ 25 KB
25 KB 22ms
22ms Font
application/font-woff2 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/icons/font_icon/0-0-26/PPUI-Icons.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/router.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a9bb075815e05cc60879612de0b3f8174a4eb93e4a2da339333b502e3515d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/50f/196a8fe8ca632f5e9f25125bbf2d5/css/router.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 3293615
x-cache: HIT, HIT
paypal-debug-id: 472d5b46cbd0e
dc: slc-b-origin-www-1.paypal.com
content-length: 25476
x-served-by: cache-sjc10043-SJC, cache-hhn4046-HHN
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
x-timer: S1614267183.236189,VS0,VE0
etag: "5f7654f7-6384"
strict-transport-security: max-age=31557600
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 21, 56

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame DEAC 61 KB
21 KB 24ms
23ms Script
application/x-javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
via: 1.1 varnish
age: 396291
x-cache: HIT
content-encoding: gzip
content-length: 21347
x-served-by: cache-ams21076-AMS
last-modified: Tue, 26 Jan 2021 03:41:11 GMT
server: Apache
x-timer: S1614267183.279526,VS0,VE1
vary: Accept-Encoding
content-type: application/x-javascript
expires: Fri, 26 Feb 2021 15:33:03 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 61666

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame DEAC 125 B
647 B 215ms
215ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p1
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce73f886772a9719f866b6b7a1cf6a54190e3b0e55732a1e57ab1cebcf9d4a33

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 47d4effc26fc5
x-served-by: cache-hhn11526-HHN, cache-ams21076-AMS
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 47d4effc26fc5
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ Frame DEAC 125 B
395 B 217ms
216ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p2
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e1f031c99abff10455cd2ab69da2833fa800612c7dd71f05c2d323510fb2bb66

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 75eb5659f2e2f
x-served-by: cache-hhn11557-HHN, cache-ams21076-AMS
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 75eb5659f2e2f
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame DEAC 0
254 B 249ms
215ms Image
text/plain 2a04:4e42:200::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c6.paypal.com/v1/r/d/b/p3?f=snORWlYxIDwMEeewBfR8S748NdFj6m4M&s=donatenodeweb_landing
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 647ce6ea722d1
x-timer: S1614267183.368330,VS0,VE203
x-served-by: cache-hhn4052-HHN, cache-fra19162-FRA
x-cache: MISS, MISS
paypal-debug-id: 647ce6ea722d1
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0, 0

GET
H2 200 grcenterprise_v3.html Show response
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame B871 4 KB
2 KB 22ms
21ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/26c946e131f605fd/recaptchav3.js?_sessionID=snORWlYxIDwMEeewBfR8S748NdFj6m4M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"5f527c11-fae"
expires: Fri, 01 Oct 2021 13:14:19 GMT
last-modified: Fri, 04 Sep 2020 17:40:33 GMT
paypal-debug-id: 9231e59229c9
dc: slc-b-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Feb 2021 15:33:03 GMT
age: 12709125
x-served-by: cache-sjc10068-SJC, cache-hhn4069-HHN
x-cache: HIT, HIT
x-cache-hits: 6363, 11024
x-timer: S1614267183.360385,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
strict-transport-security: max-age=31557600
content-length: 1625

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame B871 974 B
1 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf10e756f9346a7cbca8802dbb18f593f07f7c7b026cac4bc58b37be2b07ccbf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 15:33:03 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame B871 331 KB
129 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.paypalobjects.com
Referer: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 15:30:05 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 278F 19 KB
10 KB 26ms
26ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb3e419647c67086c39b7fa7712a5ff5108b9a642a9bb14162f860eb43c53f31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-76BmD/g560yY3pkP9d9aSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Feb 2021 15:33:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-76BmD/g560yY3pkP9d9aSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10318
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 278F 50 KB
25 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 326
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:27:37 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 278F 331 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 15:30:05 GMT

GET
H3-Q050 200 LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js Show response
www.google.com/js/bg/ Frame 278F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 13:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 6013
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6282
x-xss-protection: 0
expires: Fri, 25 Feb 2022 13:52:50 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 278F 102 B
184 B 15ms
15ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 15:33:03 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 278F 9 KB
7 KB 36ms
36ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93bb4de26e675916bc917dc55425d8af236435c04f2bd9e3c25f1f6e67e5b977

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=agb3quu0sb0r
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 25 Feb 2021 15:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7157
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 15:33:03 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
859 B 182ms
182ms Image
image/gif 23.79.143.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1614267183804&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3A%3Alanding%3AlandingPageComponent%3Aweb%3A%3A&pgst=1614267181717&calc=22558ced4f1b2&nsid=snORWlYxIDwMEeewBfR8S748NdFj6m4M&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=e270509af15c43b78e9c29a028a3d930&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=ccpa&context_id=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&token=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=url&entry_point=url&button_id=EGDAP5V29QZ3Q&hosted_button_id=EGDAP5V29QZ3Q&bn_code=5NYTQ8JLU653W%3APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=MERCHANT_RECOMMENDED&autord=false&rdtyp=GET&gstalwd=false&mrid=5NYTQ8JLU653W&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=pf&cdn=akamai&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&action=landing_page_loaded&uicomp=landingPageComponent&uitype=page&tt=2312&view=%7B%22t11%22%3A2335%2C%22et%22%3A%224g%22%2C%22pt%22%3A%22Donate%22%2C%22ru%22%3A%22%22%2C%22cd%22%3A24%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-246.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 15:33:03 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 25 Feb 2021 15:33:03 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 400ms
399ms XHR
text/plain 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-I7IahX2vpR5zwr3Imq6aX59zsmzcr3JwD82G08mRr/Q7lRKO' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-edgeconnect-origin-mex-latency: 185
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-I7IahX2vpR5zwr3Imq6aX59zsmzcr3JwD82G08mRr/Q7lRKO' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 145
date: Thu, 25 Feb 2021 15:33:04 GMT
strict-transport-security: max-age=63072000
paypal-debug-id: bbd972b5f2845
cache-control: max-age=0, no-cache, no-store, must-revalidate
dc: phx-origin-www-2.paypal.com
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
859 B 180ms
180ms Image
image/gif 23.79.143.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1614267184057&g=-60&pgrp=main%3Adonate%3Awps%3Aguest%3Aguestform&page=main%3Adonate%3Awps%3Aguest%3Aguestform%3Aweb%3A%3A&pgst=1614267181717&calc=22558ced4f1b2&nsid=snORWlYxIDwMEeewBfR8S748NdFj6m4M&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=e270509af15c43b78e9c29a028a3d930&comp=donatenodeweb&tsrce=donatenodeweb&cu=0&ef_policy=ccpa&context_id=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&token=oqTlHdpUDJLj0PQAFz0qQq_lq9_dY0-eV3Dn_cVPwX3FQ4Cl_BjxX0d7qgHPc21KJlcy5dN2Jpi0B5St&xe=100560%2C101561%2C103160&xt=101484%2C105030%2C112531&ccd=US&source=url&entry_point=url&button_id=EGDAP5V29QZ3Q&hosted_button_id=EGDAP5V29QZ3Q&bn_code=5NYTQ8JLU653W%3APP-DonationsBF&tmpl=main%3Adonate%3Awps%3Aguest%3Aguestform&ckusr=false&charitylogo=false&amttyp=MERCHANT_RECOMMENDED&autord=false&rdtyp=GET&gstalwd=false&mrid=5NYTQ8JLU653W&pp_flow=Donate&one_touch_enabled=false&integration_type=in_screen&e=im&cdn=akamai&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&imsrc=setup&view=%7B%22t10%22%3A87%2C%22t11%22%3A2363%2C%22tcp%22%3A1425%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=Donate&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=87&t1c=87&t1d=7&t1s=67&t2=910&t3=403&t4d=1305&t4=1313&t4e=8&tt=2312&rdc=0&res=%7B%7D&rtt=184
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-246.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=EGDAP5V29QZ3Q&source=url
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 15:33:04 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 25 Feb 2021 15:33:04 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.c.paypal.com/	1970-01-21 12:12:27	Name: sc_f Value: k1em5kFdtWraszc0Jz90RZ3w7gaq5bGkIGtv9trCNmaXkSj0mHXHGAMbaH6yW6qKeD1dp0EBblVTw4na04EFrYCo5WkwLeeIl3s86W
.paypal.com/	1970-01-20 18:41:15	Name: ts Value: vreXpYrS%3D1708875183%26vteXpYrS%3D1614268983%26vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYxNDI2NzE4MzIyMCIsImwiOiIxIiwibSI6IjAifQ
.paypal.com/	1970-01-19 16:24:58	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 01:10:03	Name: cookie_prefs Value: P%3D1%2CF%3D1%2Ctype%3Dimplicit
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AsnORWlYxIDwMEeewBfR8S748NdFj6m4M.xlfDb%2BO%2Ff%2BaoMaifClAAHzYDrxpz5rfFxd3VvRTexm0
.paypal.com/	1970-01-19 16:28:46	Name: tsrce Value: authchallengenodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-cdn Value: akamai
.www.paypal.com/	1969-12-31 23:59:59	Name: akavpau_ppsd Value: 1614267783~id=10568d2e2d0d422dc33c1d244bd18ddb
.paypal.com/	1970-01-19 16:24:28	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 18:41:15	Name: ts_c Value: vr%3Dd9d26a5d1770a275925000a9ffaa87f9%26vt%3Dd9d26a5d1770a275925000a9ffaa87f8
.paypal.com/	1970-01-26 23:36:27	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: TvGeh7S63MIAH_VP3zD2NjLYKqZY6ts1oMEwsOrD3uVFo0gdSY7HU9h5GAiVUMgkcCjI0kvMk_l2Rp1u
.paypal.com/	1970-01-20 01:10:03	Name: enforce_policy Value: ccpa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-OvVdq7j6HdEhANL30B6/w30QURFcRcmB6U4qIfVKYNoqNCVN' 'self' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src 'self' * data:; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
104.111.228.123
151.101.114.133
151.101.129.35
23.79.143.246
2a00:1450:4001:811::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a04:4e42:200::291
64.4.245.84
02d93cd01d48255d3004291a13442782cd44194a19db63b5185f4ed3e12bc689
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
1a8778b5fc50096ea48973004ae2d23b283a0088caeee5014a4f69c8a944313c
1a9bb075815e05cc60879612de0b3f8174a4eb93e4a2da339333b502e3515d17
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
26213849f88ffe06aa64c9662330f4220dcdde5b8e8d32eb9cd37b38dd3e9eb1
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df
3a752933d47733e28ec1f0e478af45addf350f513f71b449cc992c1068278e46
3d62ff4f3aaf34ad571ba65f6753985d54ad949fa4c05a2d1a9b832ea761ffbd
44047b4ab586fe0be9cc39524ea80b6480ce5846c0515bcc6ba0ec8e1021348e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
478f3315b208bf6324bd30a65d69d757b81a1ce99f924cbbc89fdaf0d14576d5
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
6ac20c5dde498989b3f227d84a117106390ac6abfcef51edf93feb0601f404d1
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7cfe3113a1f47629ca180c6c28864284e81b79f06fddfe4742ae7469e4a63960
81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0
8257dd7ad8e1a9ee1b2fe0a1ac84179064ff811069206969c4aec67d246a0e49
85d9c54e09ab8b5b8fd6c19fce7b171d1a0323779e61ba605ef3c71ae55e2dd2
8b44cd75a82736d375eb652d3d6508a13aaca236acc19a3e82bdccd274d573e4
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
93bb4de26e675916bc917dc55425d8af236435c04f2bd9e3c25f1f6e67e5b977
a542fcb21ca393aa098d494dfcf7f08822e1dda0f80021bfa064b96dc70bb902
a57d9156941c9e6a2f3b46623b169a11638bc604a2f9b45aa8a656ea02f09209
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b25cbff26f5d1f20ba847d0d1859fc28649a42540e27c1feac6039e29012b9b5
b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f
ce73f886772a9719f866b6b7a1cf6a54190e3b0e55732a1e57ab1cebcf9d4a33
cf10e756f9346a7cbca8802dbb18f593f07f7c7b026cac4bc58b37be2b07ccbf
d0be61776464d3b49e890d3c2bec9aaf079c98cdf6427563a9ee82a8766b8dd2
d5b4b06879f67d270c16984685854fffa267be3e05db4d025761676ddd46a1c9
e1f031c99abff10455cd2ab69da2833fa800612c7dd71f05c2d323510fb2bb66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafbd20c5580aa443f9baf9f96a79f4dcf3d82f44e97a2ee9c3162972e593b11
ee2fa9fb1cbbb50e3015025832af555b5ff356f0e97e54ddcec7a97304f71328
fb3e419647c67086c39b7fa7712a5ff5108b9a642a9bb14162f860eb43c53f31
ffde4fbd5df6ec69cd661bcfe6bdca5e9e5543c0b059cde5c0a189f85985b09d

www.paypal.com Open in urlscan Pro 104.111.228.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

47 Requests

98 %HTTPS

44 %IPv6

5 Domains

10 Subdomains

10 IPs

2 Countries

1497 kBTransfer

4069 kBSize

13 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
104.111.228.123 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

44 %
IPv6

5
Domains

10
Subdomains

10
IPs

2
Countries

1497 kB
Transfer

4069 kB
Size

13
Cookies

47 HTTP transactions
-1 data transactions