Submitted URL: https://epl.paypal-communication.com/T/v60000018047ca2319c247b2f4bbe5be68/40f58905eaee43b60000021ef3a0bcd6/40f58905-eaee-43b6-bdb4-96...
Effective URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.d...
Submission: On April 20 via api from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 104.111.228.123, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2500.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 4th 2022. Valid for: 9 months.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 159.127.187.100 19137 (EPSILON-I...)
2 104.111.228.123 16625 (AKAMAI-AS)
24 192.229.221.25 15133 (EDGECAST)
26 2
Apex Domain
Subdomains
Transfer
19 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1886
406 KB
7 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2500
t.paypal.com — Cisco Umbrella Rank: 3392
12 KB
1 paypal-communication.com
epl.paypal-communication.com — Cisco Umbrella Rank: 108572
318 B
26 3
Domain Requested by
19 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
5 t.paypal.com www.paypal.com
2 www.paypal.com www.paypalobjects.com
1 epl.paypal-communication.com 1 redirects
26 4
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2022-02-04 -
2022-10-31
9 months crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Frame ID: 73618FEE53883ACBF73CD4D9DACC0D04
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

PayPal

Page URL History Show full URLs

  1. https://epl.paypal-communication.com/T/v60000018047ca2319c247b2f4bbe5be68/40f58905eaee43b60000021ef3a0bcd6/40f589... HTTP 302
    https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

419 kB
Transfer

1629 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://epl.paypal-communication.com/T/v60000018047ca2319c247b2f4bbe5be68/40f58905eaee43b60000021ef3a0bcd6/40f58905-eaee-43b6-bdb4-96957dc1f399?__dU__=v0oQlZ2XmHtXgxjjiWvqAt6oUbloqyA_uK HTTP 302
    https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request marketing-preferences
www.paypal.com/myaccount/settings/
Redirect Chain
  • https://epl.paypal-communication.com/T/v60000018047ca2319c247b2f4bbe5be68/40f58905eaee43b60000021ef3a0bcd6/40f58905-eaee-43b6-bdb4-96957dc1f399?__dU__=v0oQlZ2XmHtXgxjjiWvqAt6oUbloqyA_uK
  • https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=1532...
35 KB
9 KB
Document
General
Full URL
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08bcb12f167c5f5c03a24606b3474a98f3e221a5302ad671df1802a519574e39
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; script-src 'nonce-VTcZG0dejAIHEFbLGpQvt7AYR8Yt36bx0ateA6W+eT36sDy5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
7036
content-security-policy
base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; script-src 'nonce-VTcZG0dejAIHEFbLGpQvt7AYR8Yt36bx0ateA6W+eT36sDy5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 20 Apr 2022 17:32:34 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"8d83-6JPZNRiClnwLlEPtD0RBO/yPRU4"
paypal-debug-id
a315694eb0bfe
server-timing
content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
144
x-edgeconnect-origin-mex-latency
467
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 20 Apr 2022 17:32:33 GMT
location
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
app.ltr.css
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/
278 KB
46 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/app.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F3A) /
Resource Hash
4c9b9015bb11c5986bd371deff7685da513252559c64f4f928641ff80d6a1921
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
f980247c54ab8
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
47024
last-modified
Mon, 04 Apr 2022 07:33:01 GMT
server
ECAcc (frc/8F3A)
etag
W/"624a9f2d-457dd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:34 GMT
style.css
www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/
136 KB
20 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF9) /
Resource Hash
b9dd8d4dcb4a86022530fdc91ed9ede393cc0c5023cff24ff90d6a753a6ef16a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d716ecff61147
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
20109
last-modified
Tue, 05 Oct 2021 11:24:46 GMT
server
ECAcc (frc/8FF9)
etag
W/"615c35fe-21fcd"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 18:32:34 GMT
settings.ltr.css
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/
198 KB
33 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/settings.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F46) /
Resource Hash
3f8a501bb88a96bf1ea70a0e0ca0ea8d2b782f3242d0c87f21c430270c0c790c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
f7cc7a1919b51
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
33479
last-modified
Mon, 04 Apr 2022 07:33:01 GMT
server
ECAcc (frc/8F46)
etag
W/"624a9f2d-31697"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:34 GMT
unAuth.ltr.css
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/
283 B
278 B
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/unAuth.ltr.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E99) /
Resource Hash
b206371c157afc5c0e6275809df6a5ad604f74c112f9ddb48a8fea466b207d93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d8c585e7dbd53
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
193
last-modified
Mon, 04 Apr 2022 07:33:01 GMT
server
ECAcc (frc/8E99)
etag
W/"624a9f2d-11b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:34 GMT
pa.js
www.paypalobjects.com/pa/js/min/
54 KB
21 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F58) /
Resource Hash
a1f784afe7066cad9fbdd63479511fa529c5d14fbe26de7b1076aa29dc7c2f94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
4819f97072b04
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
21254
last-modified
Fri, 15 Apr 2022 23:50:27 GMT
server
ECAcc (frc/8F58)
etag
"625a04c3-d921"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 20 Apr 2022 18:32:34 GMT
app.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/
262 KB
81 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/app.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F16) /
Resource Hash
7ebe2fcd7d9d1b854e3e4ab4384346519f73782fba7087d0f53e98eefc9c52c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
a715bae91297d
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
82934
last-modified
Mon, 04 Apr 2022 07:33:02 GMT
server
ECAcc (frc/8F16)
etag
W/"624a9f2e-41647"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:34 GMT
bootstrap.js
www.paypalobjects.com/tagmgmt/
19 B
121 B
Script
General
Full URL
https://www.paypalobjects.com/tagmgmt/bootstrap.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDF) /
Resource Hash
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
38720a0ce4fe9
dc
ccg11-origin-www-1.paypal.com
content-length
19
last-modified
Sat, 13 Feb 2021 00:28:58 GMT
server
ECAcc (frc/8FDF)
etag
"60271d4a-13"
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Wed, 20 Apr 2022 18:32:34 GMT
xhr-ads.min.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/
16 KB
5 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/xhr-ads.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6F) /
Resource Hash
c130e32be5fc8988a3075c62e61ed24103ca35da7ef9a0b1172fd5deaa41a443
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
26ef94a841b6f
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
4889
last-modified
Mon, 04 Apr 2022 07:33:01 GMT
server
ECAcc (frc/8F6F)
etag
W/"624a9f2d-3ffc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:34 GMT
jquery-3.2.1.min.js
www.paypalobjects.com/digitalassets/c/website/marketing/global/scripts/
85 KB
30 KB
Script
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/scripts/jquery-3.2.1.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD5) /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
7c46dfbe8f4cd
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
30388
last-modified
Thu, 21 Sep 2017 21:15:05 GMT
server
ECAcc (frc/8FD5)
etag
W/"59c42bd9-15283"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 18:32:34 GMT
header.js
www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/js/
7 KB
2 KB
Script
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/js/header.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDD) /
Resource Hash
3a22069fdf72709159f8864b3b709924d760a9d1457ea35133884f0fc2815cb2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
a2fa33d20a156
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1495
last-modified
Tue, 09 Jan 2018 05:03:56 GMT
server
ECAcc (frc/8FDD)
etag
W/"5a544d3c-1caf"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 18:32:34 GMT
pp_fc_hl.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/
11 KB
4 KB
Image
General
Full URL
https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FEE) /
Resource Hash
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/mppglobalcomponents/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
a001f73a87829
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
3732
last-modified
Tue, 15 Mar 2016 17:48:58 GMT
server
ECAcc (frc/8FEE)
etag
W/"56e84b0a-2b4b"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
expires
Wed, 20 Apr 2022 18:32:34 GMT
ConsumerIcons-Regular.woff
www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/
35 KB
35 KB
Font
General
Full URL
https://www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ConsumerIcons-Regular.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/app.ltr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7F) /
Resource Hash
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/css/app.ltr.css
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:35 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:29:23 GMT
server
ECAcc (frc/8F7F)
etag
"60271d63-8b5c"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
paypal-debug-id
7be84b1fb9bce
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
35676
expires
Wed, 20 Apr 2022 18:32:35 GMT
latmconf.js
www.paypalobjects.com/pa/mi/
136 KB
26 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/mi/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFB) /
Resource Hash
d6589df4cf2ba51eaef84efb65209b51d178e8010e6c375c32dc348e9367caf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
cf237c6fc925e
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
26807
last-modified
Fri, 15 Apr 2022 23:50:27 GMT
server
ECAcc (frc/8FFB)
etag
"625a04c3-22125"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 20 Apr 2022 18:32:35 GMT
1.1.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/
243 KB
59 KB
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/1.1.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F94) /
Resource Hash
5268042b9ef3382eaa2614a7e74d5b62d67f985a75043efaebd00cbad6895c2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
af5c46193e345
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
60161
last-modified
Mon, 04 Apr 2022 07:33:01 GMT
server
ECAcc (frc/8F94)
etag
W/"624a9f2d-3ccde"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 20 Apr 2023 17:32:35 GMT
dust-templates.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/
0
0
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/dust-templates.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

languagepack.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/locales/US/de/
0
0
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/locales/US/de/languagepack.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/
128 KB
42 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F3D) /
Resource Hash
8b1da8f8b8cfef3ab25d01ef99eeca9a590a39c9d084a70cce7c1fb795a9f28a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
4c532b38b37f7
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
42889
last-modified
Fri, 04 Feb 2022 17:30:49 GMT
server
ECAcc (frc/8F3D)
etag
"61fd62c9-1fe33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 20 Apr 2022 18:32:35 GMT
ts
t.paypal.com/
42 B
624 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650475954453&g=0&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgst=1650475954331&calc=a315694eb0bfe&nsid=8jCeZr5mX_nWrOpAyDFu17xWZLN3ybBK&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=32ed8e6b29ae472f99fa396217c158bc&comp=settingsnodeweb&tsrce=settingsnodeweb&cu=0&ef_policy=gdpr_v2.1&cust=KUNG2C7682KCA&acnt=anon&aver=unverified&rstr=unrestricted&cnac=US&xe=100226%2C100229%2C100326%2C100719%2C101414%2C105246%2C102212%2C102056%2C102256%2C102717%2C100825&xt=100541%2C100549%2C100820%2C101917%2C104594%2C123049%2C108450%2C107362%2C120208%2C110353%2C102292&status=%7B%7D&e=im&pt=PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2F) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 17:32:35 GMT
content-type
image/gif
server
ECAcc (frc/8F2F)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
7a1672d816f54
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=161
timing-allow-origin
*
content-length
42
expires
Wed, 20 Apr 2022 17:32:35 GMT
alertMsg.js
www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/widgets/
0
0
Script
General
Full URL
https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/widgets/alertMsg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/js/apps/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/
5 KB
3 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA3) /
Resource Hash
de08a17239ff8dd61d236d4cb5e994bd588a12c2d4f1d0431ffb9683a2734908
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
69047366277dd
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
2478
last-modified
Fri, 04 Feb 2022 17:30:49 GMT
server
ECAcc (frc/8FA3)
etag
"61fd62c9-1556"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 20 Apr 2022 18:32:35 GMT
ts
t.paypal.com/
42 B
449 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650475954673&g=0&e=err&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&comp=settingsnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2F) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 17:32:35 GMT
content-type
image/gif
server
ECAcc (frc/8F2F)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2a2d56132b4db
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=160
timing-allow-origin
*
content-length
42
expires
Wed, 20 Apr 2022 17:32:35 GMT
ts
t.paypal.com/
42 B
400 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650475955037&g=0&e=err&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&comp=settingsnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2F) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 17:32:35 GMT
content-type
image/gif
server
ECAcc (frc/8F2F)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
15187ed3064ea
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=161
timing-allow-origin
*
content-length
42
expires
Wed, 20 Apr 2022 17:32:35 GMT
ts
t.paypal.com/
42 B
448 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650475955040&g=0&e=err&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&comp=settingsnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2F) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 17:32:35 GMT
content-type
image/gif
server
ECAcc (frc/8F2F)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5d97bb9dfc1a7
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=176
timing-allow-origin
*
content-length
42
expires
Wed, 20 Apr 2022 17:32:35 GMT
ts
t.paypal.com/
42 B
494 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650475955454&g=0&pgrp=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3A&page=main%3Aconsumer%3Asettingsnodeweb%3Anotifications%3Amktgprefsloggedout%3A%3A%3A&pgst=1650475954331&calc=a315694eb0bfe&nsid=8jCeZr5mX_nWrOpAyDFu17xWZLN3ybBK&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=32ed8e6b29ae472f99fa396217c158bc&comp=settingsnodeweb&tsrce=settingsnodeweb&cu=0&ef_policy=gdpr_v2.1&cust=KUNG2C7682KCA&acnt=anon&aver=unverified&rstr=unrestricted&cnac=US&xe=100226%2C100229%2C100326%2C100719%2C101414%2C105246%2C102212%2C102056%2C102256%2C102717%2C100825&xt=100541%2C100549%2C100820%2C101917%2C104594%2C123049%2C108450%2C107362%2C120208%2C110353%2C102292&status=%7B%7D&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=212&t3=1&tt=213&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A213%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2F) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 17:32:36 GMT
content-type
image/gif
server
ECAcc (frc/8F2F)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2ea93ababd524
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=165
timing-allow-origin
*
content-length
42
expires
Wed, 20 Apr 2022 17:32:36 GMT
tealeaftarget
www.paypal.com/platform/
40 B
1 KB
Fetch
General
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patleaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e1a9287bf938fcfb89363638204d4eb3f3fce956e3ea041daf174aefd9e3a3c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-PageId
P.2R3U62KRRU33HUYDKSHPXDQHWTBU
X-Tealeaf
device (UIC) Lib/6.1.0.1989
X-Tealeaf-SyncXHR
false
accept-language
de-DE,de;q=0.9
X-Tealeaf-MessageTypes
1,2,5,6,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
90070485620323277928089701483760
X-Requested-With
fetch
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/myaccount/settings/marketing-preferences
Referer
https://www.paypal.com/myaccount/settings/marketing-preferences?ID=8KX18101YD3634705&EID=ABcU.jP-.90V9dDXOd1xM4Rmr9f4.dlTCQd9U5rJCnP.oJNT7vr1hLIyzyRscpYvUft3Q2evZ.2r6mmCmMv2tli4ww&cat=pnp&mplx=153295287265390

Response headers

x-edgeconnect-origin-mex-latency
35
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-edgeconnect-midmile-rtt
143
etag
W/"28-YUhs5msLXmcoa1m87H2YRfHJCzU"
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
paypal-debug-id
ae7707009c69c
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 20 Apr 2022 17:32:36 GMT
server-timing
content-encoding;desc="",x-cdn;desc="akamai"
dc
ccg11-origin-www-1.paypal.com
content-length
40
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| webpackJsonp object| _REQJS_ object| Backbone object| dust object| PPVX object| dataLayer function| $ function| jQuery object| latmconf object| laDataLayer object| pako object| TLT

9 Cookies

Domain/Path Name / Value
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: tsrce
Value: settingsnodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY1MDQ3NTk1NDY5OCIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3A8jCeZr5mX_nWrOpAyDFu17xWZLN3ybBK.LbakFZXNMuQhi%2BZer3xaMkBh%2FixrEtaQhHc7iI32pOQ
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: ts_c
Value: vr%3D480870601800a2801014496ffff89bd4%26vt%3D480870601800a2801014496ffff89bd3
.paypal.com/ Name: TLTSID
Value: 90070485620323277928089701483760
.paypal.com/ Name: ts
Value: vreXpYrS%3D1745170356%26vteXpYrS%3D1650477756%26vr%3D480870601800a2801014496ffff89bd4%26vt%3D480870601800a2801014496ffff89bd3%26vtyp%3Dnew

3 Console Messages

Source Level URL
Text
network error URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/locales/US/de/languagepack.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/dust-templates.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.paypalobjects.com/web/res/01f/b2e43f76ac33c04e8a047d026b0b7/templates/US/de/widgets/alertMsg.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self' https://*.paypal.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://nexus.ensighten.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; script-src 'nonce-VTcZG0dejAIHEFbLGpQvt7AYR8Yt36bx0ateA6W+eT36sDy5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; form-action 'self' https://*.paypal.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; child-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epl.paypal-communication.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
159.127.187.100
192.229.221.25
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
08bcb12f167c5f5c03a24606b3474a98f3e221a5302ad671df1802a519574e39
3a22069fdf72709159f8864b3b709924d760a9d1457ea35133884f0fc2815cb2
3f8a501bb88a96bf1ea70a0e0ca0ea8d2b782f3242d0c87f21c430270c0c790c
4c9b9015bb11c5986bd371deff7685da513252559c64f4f928641ff80d6a1921
5268042b9ef3382eaa2614a7e74d5b62d67f985a75043efaebd00cbad6895c2d
5e1a9287bf938fcfb89363638204d4eb3f3fce956e3ea041daf174aefd9e3a3c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7ebe2fcd7d9d1b854e3e4ab4384346519f73782fba7087d0f53e98eefc9c52c9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b1da8f8b8cfef3ab25d01ef99eeca9a590a39c9d084a70cce7c1fb795a9f28a
a1f784afe7066cad9fbdd63479511fa529c5d14fbe26de7b1076aa29dc7c2f94
b206371c157afc5c0e6275809df6a5ad604f74c112f9ddb48a8fea466b207d93
b9dd8d4dcb4a86022530fdc91ed9ede393cc0c5023cff24ff90d6a753a6ef16a
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
c130e32be5fc8988a3075c62e61ed24103ca35da7ef9a0b1172fd5deaa41a443
d6589df4cf2ba51eaef84efb65209b51d178e8010e6c375c32dc348e9367caf6
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
de08a17239ff8dd61d236d4cb5e994bd588a12c2d4f1d0431ffb9683a2734908