urlscan.io logo urlscan.io
SecurityTrails logo

usf.conferences.zone Open in urlscan Pro
151.106.35.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Submission: On October 13 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 151.106.35.98, located in Roubaix, France and belongs to GDY-FRANCE, DE. The main domain is usf.conferences.zone.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 12th 2022. Valid for: 3 months.
This is the only time usf.conferences.zone was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 151.106.35.98 34088 (GDY-FRANCE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 192.229.221.25 15133 (EDGECAST)
10 151.101.129.21 54113 (FASTLY)
2 151.101.65.35 54113 (FASTLY)
20 7
2    151.106.35.98 (Roubaix, France)

ASN34088 (GDY-FRANCE, DE)
PTR: ns3164095.ip-151-106-35.eu
usf.conferences.zone
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
10    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
12 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2528
t.paypal.com — Cisco Umbrella Rank: 3306
36 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2248
546 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
31 KB
2 conferences.zone
usf.conferences.zone
57 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
30 KB
20 5
Domain Requested by
10 www.paypal.com www.paypalobjects.com
3 www.paypalobjects.com usf.conferences.zone
www.paypal.com
2 t.paypal.com usf.conferences.zone
2 maxcdn.bootstrapcdn.com usf.conferences.zone
2 usf.conferences.zone usf.conferences.zone
1 ajax.googleapis.com usf.conferences.zone
20 6

This site contains no links.

Subject Issuer Validity Valid
usf.conferences.zone
cPanel, Inc. Certification Authority		 2022-08-12 -
2022-11-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-25 -
2023-04-25		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh

This page contains 3 frames:

Primary Page: https://usf.conferences.zone/payments/custom/?rid=Nw==
Frame ID: 3D639FD87E48E20E7EE99DDAC4CF5F02
Requests: 11 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
Frame ID: 4AAB8F2C8E257B9AB6F5A1E7D96FA351
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: F32FEB9CF4BD4D756953E3B650539E06
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

699 kB
Transfer

3754 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
usf.conferences.zone/payments/custom/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.106.35.98 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS
ns3164095.ip-151-106-35.eu
Software
Apache /
Resource Hash
5afd90ffa3ee90f0e673e59d11e2307f65daf6fc00adb2e0284c4fd6ea6d99b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 13:57:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
946
age
726978
cdn-cachedat
07/16/2022 17:19:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e3c6ae324943bba7ed619b25cd1777c5
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
759895f3ee8ef0ec-CDG
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 12:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 12:06:34 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
602
age
724175
cdn-cachedat
09/26/2021 20:53:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1c57f0c2fc94ef1cf256fbb4d9a5c2a2
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
759895f3ee8ff0ec-CDG
cdn-requestpullsuccess
True
logo1.jpeg
usf.conferences.zone/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usf.conferences.zone/images/logo1.jpeg
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.106.35.98 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS
ns3164095.ip-151-106-35.eu
Software
Apache /
Resource Hash
c002e4ff41159a023210a49624ae6026ef7070de33a07738f6a934dc8b7f5852

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/payments/custom/?rid=Nw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 13:57:41 GMT
Last-Modified
Fri, 16 Sep 2022 09:29:28 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
52333
checkout.js
www.paypalobjects.com/api/ 		1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F5B) /
Resource Hash
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
b7659809ebfef
dc
ccg11-origin-www-1.paypal.com
content-length
239948
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
server
ECAcc (paa/6F5B)
etag
"6266d4b0-16d23e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 14 Oct 2022 13:57:41 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=usf.conferences.zone&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-py1da952VRwjLu9Ecf8l5EuahmxK1V4KCOOPT+yCTyKXfZSD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-py1da952VRwjLu9Ecf8l5EuahmxK1V4KCOOPT+yCTyKXfZSD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 13:57:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
57090
x-cache
MISS, HIT
paypal-debug-id
f466795790647
server-timing
"traceparent;desc="00-0000000000000000000f466795790647-f47cfb2629a154f5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-lhr7372-LHR, cache-cdg20745-CDG
traceparent
00-0000000000000000000f466795790647-61b703e0c875db42-01
x-timer
S1665669461.415078,VS0,VE17
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
0, 1
button
www.paypal.com/smart/ Frame 4AAB 		63 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6815fc7d1723bcac168ee954c0e88ff0e2f7254a353426a014e50feda31c8811
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://usf.conferences.zone/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 13:57:41 GMT
dc
ccg11-origin-www-1.paypal.com
p3p
true
paypal-debug-id
f5632634d5081
server-timing
"traceparent;desc="00-0000000000000000000f5632634d5081-07ed9cc486f535dd-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5632634d5081-d1e9af289623ebeb-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-lhr7360-LHR, cache-cdg20745-CDG
x-timer
S1665669461.425521,VS0,VE263
x-xss-protection
1; mode=block
truncated
/ Frame F32F 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F32F 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ 		1004 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2ccf05b8716889f32c36b245a5361444f0e21c2ef381a6a398dd6b5131b69c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://usf.conferences.zone/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f768796463a70
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7352-LHR, cache-cdg20790-CDG
traceparent
00-0000000000000000000f768796463a70-117373bcd5c1887a-01
x-timer
S1665669462.682042,VS0,VE181
etag
W/W/"3ec-5xZFgdpeIyZ45y1UF/uiwfwt4Ro"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://usf.conferences.zone
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with
Access-Control-Request-Method
POST
Origin
https://usf.conferences.zone
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-app-name,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://usf.conferences.zone
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 13 Oct 2022 13:57:41 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f5632634ade4e
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5632634ade4e-63d0bdaa4bee8278-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr7336-LHR, cache-cdg20790-CDG
x-timer
S1665669461.468734,VS0,VE175
ts
t.paypal.com/ 		42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Payment%20Page&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1665669461446&g=0&completeurl=https%3A%2F%2Fusf.conferences.zone%2Fpayments%2Fcustom%2F%3Frid%3DNw%3D%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 13 Oct 2022 13:57:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
60e4d203317de
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7353-LHR, cache-cdg20747-CDG
pragma
no-cache
traceparent
00-000000000000000000060e4d203317de-79714ecf82787dc9-01
x-timer
S1665669462.509038,VS0,VE151
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Oct 2022 13:57:41 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?client_id=ARxtsrZfu7hp3gaQXbOhjZyWS5hJkF36Snt118jxnnttsvx9p98TZQQkY8CsfhM38qKc58u7EpLM9W2E&id=usf.conferences.zone&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/Ksbb3gT4+5QQS0toBiPd8WS1cNZsN6f3iSNUDHI6AgMlhNR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/Ksbb3gT4+5QQS0toBiPd8WS1cNZsN6f3iSNUDHI6AgMlhNR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 13:57:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
57090
x-cache
HIT, HIT
paypal-debug-id
f3308017c9e44
server-timing
"traceparent;desc="00-0000000000000000000f3308017c9e44-2299d849f045b9ee-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-lhr7364-LHR, cache-cdg20745-CDG
traceparent
00-0000000000000000000f3308017c9e44-11627100ee945cde-01
x-timer
S1665669461.455115,VS0,VE2
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1, 1
ts
t.paypal.com/ 		42 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Payment%20Page&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1665669461471&g=0&completeurl=https%3A%2F%2Fusf.conferences.zone%2Fpayments%2Fcustom%2F%3Frid%3DNw%3D%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: usf.conferences.zone
URL: https://usf.conferences.zone/payments/custom/?rid=Nw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://usf.conferences.zone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 13 Oct 2022 13:57:41 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8219fa82c09ad
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-lhr7381-LHR, cache-cdg20747-CDG
pragma
no-cache
traceparent
00-00000000000000000008219fa82c09ad-f1b17398d87b3e81-01
x-timer
S1665669462.509164,VS0,VE170
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Oct 2022 13:57:41 GMT
checkout.js
www.paypalobjects.com/api/ Frame 4AAB 		1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F5B) /
Resource Hash
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
b7659809ebfef
dc
ccg11-origin-www-1.paypal.com
content-length
239948
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
server
ECAcc (paa/6F5B)
etag
"6266d4b0-16d23e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 14 Oct 2022 13:57:41 GMT
button.js
www.paypalobjects.com/api/xo/ Frame 4AAB 		435 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/xo/button.js?date=2022-9-13
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F1E) /
Resource Hash
f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 13:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
edacc4ba8fb53
dc
ccg11-origin-www-1.paypal.com
content-length
77971
last-modified
Tue, 15 Feb 2022 20:45:55 GMT
server
ECAcc (paa/6F1E)
etag
"620c1103-6cd65"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
expires
Fri, 14 Oct 2022 13:57:41 GMT
truncated
/ Frame 4AAB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4AAB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
token
www.paypal.com/v1/oauth2/ Frame 4AAB 		456 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/v1/oauth2/token
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-9-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54fdb417607422eed729eb27a821061ebe3386678c369ab918b7580ca8c0913a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
accept-language
fr-FR,fr;q=0.9
authorization
Basic QVJ4dHNyWmZ1N2hwM2dhUVhiT2hqWnlXUzVoSmtGMzZTbnQxMThqeG5udHRzdng5cDk4VFpRUWtZOENzZmhNMzhxS2M1OHU3RXBMTTlXMkU6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Oct 2022 13:57:42 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f768796162b20
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7360-LHR, cache-cdg20745-CDG
pragma
no-cache
traceparent
00-0000000000000000000f768796162b20-ef592106a944badd-01
x-timer
S1665669462.873692,VS0,VE185
x-paypal-token-service
IAAS
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
funding
www.paypal.com/smart/api/button/ Frame 4AAB 		576 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/api/button/funding?buttonLabel=checkout&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&country=US&disallowed=venmo&domain=usf.conferences.zone&lang=en&renderedButtons=paypal
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-9-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3969d75ecb70efd13db184bbbbd5613f47ebed51e3a5b3387954d4ab5d2728a
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
x-requested-by
smart-payment-buttons
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
x-csrf-jwt
__blank__
Accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
X-Requested-With
XMLHttpRequest
x-cookies
{}

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 13:57:42 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f768796b28ce6
server-timing
"traceparent;desc="00-0000000000000000000f768796b28ce6-d3f6d803b4caf7db-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7347-LHR, cache-cdg20745-CDG
pragma
no-cache
traceparent
00-0000000000000000000f768796b28ce6-d319e61708b2816e-01
x-timer
S1665669462.880910,VS0,VE267
etag
W/W/"240-Uj52raH+xNjiqG15XS6KLjwRKoY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-csrf-jwt
__blank__
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 4AAB 		1015 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f984fc3e5544270b265ef8d7bbe2d7db9995da8cea4308e23abf2f1ab511a920
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Oct 2022 13:57:42 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f768796de1758
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7353-LHR, cache-cdg20745-CDG
traceparent
00-0000000000000000000f768796de1758-8dd1cbeca6796ae7-01
x-timer
S1665669462.894876,VS0,VE187
etag
W/W/"3f7-jZD0DXySYdmhRpZoPpwaXm7LHRA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
graphql
www.paypal.com/ Frame 4AAB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/graphql?GetNativeEligibility
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-9-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a86a3fa0d459fee080a87e83f6d40713d13f819e4365cf24b3475edace72a0b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-wvBE3iFZt/bim0OS1itBAON+5z5wKwwriWqhqLDGV2Wv43td' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-app-name
smart-payment-buttons
accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-wvBE3iFZt/bim0OS1itBAON+5z5wKwwriWqhqLDGV2Wv43td' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 13:57:42 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f768796395947
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-lhr7358-LHR, cache-cdg20745-CDG
traceparent
00-0000000000000000000f768796395947-6f324fda2a767f1a-01
x-timer
S1665669462.087674,VS0,VE323
etag
W/W/"673-Yhi59+zWofwLohpDOGcnvV/pLgw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 4AAB 		1002 B
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-9-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96693c343448fab21974d44e0c1052d2d0a790d91f44a64d669e1a9b69e34e0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/button?env=production&style.shape=rect&style.size=large&style.tagline=false&style.label=checkout&commit=true&domain=usf.conferences.zone&sessionID=uid_30a09b0d05_mtm6ntc6nde&buttonSessionID=uid_3df0e9b6d8_mtm6ntc6nde&renderedButtons=paypal&storageID=uid_9c177fcf83_mtm6ntc6nde&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=7a4a94b29f&version=4&xcomponent=1
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 13:57:42 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f768796cbedd8
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7348-LHR, cache-cdg20745-CDG
traceparent
00-0000000000000000000f768796cbedd8-40f68987ce236c04-01
x-timer
S1665669462.138072,VS0,VE206
etag
W/W/"3ea-QdZOPi2W5A+qy6YdSopvxuyk2sM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| paypalDDL object| __paypal_global__

9 Cookies

Domain/Path Name / Value
usf.conferences.zone/ Name: PHPSESSID
Value: gu64u76bict18m15tq89s2de94
.paypal.com/ Name: l7_az
Value: dcg15.slc
.paypal.com/ Name: ts_c
Value: vr%3Dd1a2f5ff1830a7a0a3cf5e12fe98b009%26vt%3Dd1a2f5ff1830a7a0a3cf5e12fe98b008
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: fr_FR%3BFR
.paypal.com/ Name: ts
Value: vreXpYrS%3D1760363862%26vteXpYrS%3D1665671262%26vr%3Dd1a2f5ff1830a7a0a3cf5e12fe98b009%26vt%3Dd1a2f5ff1830a7a0a3cf5e12fe98b008%26vtyp%3Dnew
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY2NTY2OTQ2MjMzMSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: graphqlnodeweb
www.paypal.com/ Name: nsid
Value: s%3AeTXzYKvZ-Tw4OR1NBA-eX9zT7tqUZEMV.8yXXN23Qr4%2FlRkVk3M1OkKCKYDAYYZVmhheBQE1BUek

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
maxcdn.bootstrapcdn.com
t.paypal.com
usf.conferences.zone
www.paypal.com
www.paypalobjects.com
151.101.129.21
151.101.65.35
151.106.35.98
192.229.221.25
2606:4700::6812:bcf
2a00:1450:4001:806::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54fdb417607422eed729eb27a821061ebe3386678c369ab918b7580ca8c0913a
5afd90ffa3ee90f0e673e59d11e2307f65daf6fc00adb2e0284c4fd6ea6d99b4
6815fc7d1723bcac168ee954c0e88ff0e2f7254a353426a014e50feda31c8811
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
96693c343448fab21974d44e0c1052d2d0a790d91f44a64d669e1a9b69e34e0a
a86a3fa0d459fee080a87e83f6d40713d13f819e4365cf24b3475edace72a0b7
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
c002e4ff41159a023210a49624ae6026ef7070de33a07738f6a934dc8b7f5852
c3969d75ecb70efd13db184bbbbd5613f47ebed51e3a5b3387954d4ab5d2728a
d2ccf05b8716889f32c36b245a5361444f0e21c2ef381a6a398dd6b5131b69c0
f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f984fc3e5544270b265ef8d7bbe2d7db9995da8cea4308e23abf2f1ab511a920
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378