Report - paypal-user-help.com/

Report Overview

Submitted URL
paypal-user-help.com/
IP
173.254.229.131
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2022-09-04 05:50:30
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.35
paypal-user-help.com	unknown	2022-08-27T17:21:03Z	2022-09-25T07:52:57Z	778 B	1.6 kB	173.254.229.131
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
www.paypal.com	2583	2012-05-21T15:22:43Z	2023-03-17T05:12:12Z	4.7 kB	38 kB	151.101.1.21
www.paypalobjects.com	1467	2012-05-30T08:40:21Z	2023-03-16T18:51:17Z	9.8 kB	598 kB	192.229.221.25
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.3 kB	6.2 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	61 kB	34.120.237.76
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-17T09:07:14Z	427 B	160 kB	142.250.74.163
paypal.com	806	2012-06-23T23:18:01Z	2023-03-17T06:50:03Z	414 B	362 B	64.4.250.37
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	35.86.38.2
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	993 B	2.1 kB	142.250.74.3
t.paypal.com	3487	2012-06-27T15:49:38Z	2023-03-17T07:29:24Z	4.8 kB	3.6 kB	151.101.1.35
href.li	36866	2012-05-22T14:39:06Z	2023-03-17T05:53:19Z	445 B	235 B	192.0.78.26
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	987 B	2.2 kB	93.184.220.29
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	21869	2020-08-03T07:21:01Z	2023-03-17T10:00:36Z	583 B	39 kB	104.17.208.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-04	medium	paypal-user-help.com/	Phishing
2022-09-04	medium	paypal-user-help.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-03	medium	paypal-user-help.com	Sinkholed
2022-09-03	medium	paypal-user-help.com	Sinkholed

JavaScript (33)

	URL	Size	First Seen	Last Seen
	www.paypalobjects.com/pa/mi/latmconf.js	299 kB	2023-03-07	2023-07-18
Pretty URL www.paypalobjects.com/pa/mi/latmconf.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2023-07-18 13:32:07 Times Seen3 Hash 74afa250e34e76ec7b16f4654bbe127a 1f2d826e03d6a1fa275bbe9223fd6737f2616e36 819759633595b446b5923172274c38889fd6d1f4f87dfac0c71abce9f1f0bb53 Loading...

	www.paypal.com/auth/createchallenge/a5a5977417e21cca/recaptchav3.js?_sessionID=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn	10 kB	2023-03-17	2023-03-17
Pretty URL www.paypal.com/auth/createchallenge/a5a5977417e21cca/recaptchav3.js?_sessionID=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 9221ec893e96ebe349706d6bfc4ce011 b7b72de39a7c95baa22d0726978acbaa7262b7a8 883e0f8140e011cd0208563184c21306da24c4165b6cd5f729fdceef15178c43 Loading...

	www.paypal.com/no/home	231 B	2023-03-07	2024-04-04
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen537 Hash 718d8fda180ddfe6bdd9feb9e4e346c6 d80261d787cd74a03b314ea64c90194af7a8d30d 94c7ef1ae5529ac395e5ae8432272726d807e31b7ae061b3a079284c3a21646e Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm	103 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1133 Hash 5e69aec53e5bb3e0c5b5d240e64b9379 2778ac223bf54bd9a3c188ac5ad484612f6b12e2 ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565 Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=no&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=k83ogun797nt	36 kB	2023-03-17	2023-03-17
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=no&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=k83ogun797nt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 42c5c0e2775e98cdb670a538e0397fd4 3b08c410f9f351d04e2c5338c23b20276f3f19eb 0854b14015266d0a48d47efa1c2d4518c2777d5a930dba17ecdad76d7cc279a3 Loading...

	href.li/?https://paypal.com/	103 B	2023-03-07	2023-03-17
Pretty URL href.li/?https://paypal.com/ IP 192.0.78.26 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 59f6b5800e56863996ce8d436f0a0f6c 3c1b1d8b9ee855c1b80f7b7a6283db5c650d1808 ab3a1e92364becfc33494acc9d328c7b5eb8f511896caf5efa861d7864be6cef Loading...

	www.paypal.com/no/home	41 kB	2023-03-17	2023-03-17
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 5735be0057d3783a78676dd4b5f3b557 5fdc926f58c7796f9b7c8df44867ddf6c65d101e 148a296e3086fd7e819d095dacf1a62677e735fd8dffdf01425fd444e3fd266a Loading...

	www.paypal.com/no/home	1.1 kB	2023-03-17	2023-03-17
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash fb6b023dad3d4ec970b44d892f251501 8b534780f033fceadc965c008f7c2077bfd602f5 83bffb1c6c2687df24caf05dd5e1ac92a9d7cba5ed048e497ff013601d7e5981 Loading...

	www.paypal.com/no/home	604 B	2023-03-07	2024-04-04
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen540 Hash d82c941c792ffb2f2c16af62ba08dae0 6c8a1dd0af434e973e53f29f2817d3595d9699aa a5df9b0e04cb2514f83b2c1b0e978e29d7387b92b1252bdd3a371bf3ffa2250d Loading...

	www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js	135 kB	2023-03-07	2024-04-04
Pretty URL www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:57:05 Last Seen2024-04-04 06:53:33 Times Seen1042 Hash 44c101e617f1e213f946d8fd82832f70 0259af4977425d27d5a042dfd350cbbc7e0a86a7 9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f Loading...

	www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js	1.5 kB	2023-03-07	2024-04-04
Pretty URL www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen1098 Hash e08674d31c1b328ae44b0889fcebed71 102373e654b79a57f036650ce156f68fdb702034 15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8 Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm	2.5 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1081 Hash d637e650892304875d8b6ec268ad9c20 cfb26f0be8b2fac114b39bb26789666ef877203a ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622 Loading...

	www.paypal.com/no/home	258 B	2023-03-07	2024-04-04
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:32 Times Seen526 Hash 954ce892434c74fcf2faf00fcc271ddd 95167685fff1bf8220c7bbc8fde1e3618653d713 e8541532773bd44185f0f6638075a85d4f1fc112df4d9b2ec5a2d1112b226445 Loading...

	www.paypalobjects.com/activation/js/marketingIntentsV2.js	554 B	2023-03-07	2024-04-04
Pretty URL www.paypalobjects.com/activation/js/marketingIntentsV2.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen1124 Hash c9a42008e37bc4f7287fa34295428946 bf3ffb685f469faef9b4573f8824ddf26fa6afac 4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2 Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm	29 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1130 Hash c6f2e7f0c414e5a9eb5750d2c1848dea ffce7cac8d07ae92eeaf641d8808d7e4ae4c07af e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d Loading...

	www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js	23 kB	2023-03-07	2023-07-18
Pretty URL www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:26 Last Seen2023-07-18 13:32:07 Times Seen5 Hash 93abc4e195d3f271410ab352eded9262 a0f9967f505a75dbf628826669647e1f98821714 ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 01:21:45 Times Seen37051963 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm	57 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1183 Hash e1abcd5f1515a118de258cad43ca159a 875f8082158e95fc59f9459e8bb11f8c3b774cd3 9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106 Loading...

	www.paypal.com/auth/recaptcha/grcenterprise_v3.html	3.8 kB	2023-03-07	2023-03-29
Pretty URL www.paypal.com/auth/recaptcha/grcenterprise_v3.html IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2023-03-29 23:30:42 Times Seen10 Hash 58221f9c8c8f99198c6b28184cec30e6 1250bfa21ddcf263dc863f37b1b6490baaa5e1ba 23e79e5171753676ea2df6ace096b9c1a2e183cb8c1ac23fbce8f024aeb882e2 Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm	19 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1133 Hash b46bb1e331a68a566ed5e9cfeaecf5d4 4356f6bc4927c8d24f09c000db039bda426980d2 b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715 Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=no&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=k83ogun797nt	78 B	2023-03-07	2024-04-24
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=no&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=k83ogun797nt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-24 22:58:39 Times Seen2126 Hash 448da244080e4e0ea89e10703010ba71 8c1f7e69138083db28206be2ac8e434a49f381a4 ca21a8ec20b3329036ccc2e1c9166f6a9f3a710473cf7beed37019787e24948f Loading...

	www.paypalobjects.com/pa/js/min/pa.js	57 kB	2023-03-07	2023-03-17
Pretty URL www.paypalobjects.com/pa/js/min/pa.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 64d2488746c41392d32e1b481172b073 60daf47f6c9c6edf2ee6f8901e9cbe38a0a3eb51 328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56 Loading...

	www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=no	977 B	2023-03-07	2023-03-17
Pretty URL www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=no IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-17 10:22:00 Times Seen1 Hash bb45456aa346bf5cb636cb7c40819584 beef0775c45ca0d1f88cbe5d2342183bb22784ad 10067503de874515ad89a1d14015feafef5fc7a6c17575d9d25ebd94e7a2ef74 Loading...

	www.paypal.com/no/home	14 kB	2023-03-07	2023-05-04
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2023-05-04 06:06:51 Times Seen8 Hash 9cbe35d90267d8cd7e5f1a80ae8625d8 d8033dab5d9d9a89167fae1484eae60e98058cf6 6f50608ebdbfa0b26275ea93d559999bd07cefc68a4c0fd46ff6e35639834aa7 Loading...

	www.paypal.com/no/home	699 B	2023-03-07	2023-03-17
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 737182e62950bf4d14730d8c215fd374 754df02cf7c3aef2cbf10391f21b2a3db27700cb e46c57a9b344cd9f09d3e4d1ee8675b189c1333ebbfe4707726f4fbd83e9a327 Loading...

	www.paypal.com/no/home	154 B	2023-03-17	2023-03-17
Pretty URL www.paypal.com/no/home IP 151.101.1.21 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 3730fcda66e5bd2191a2394e0ebe4720 0e3cb11fa1554e57b931e9ae2a78a78dd2bbf2f8 24b511d496c9a3c7f156cbf44b5ac735b2573f078cf117beb98a9add1353ac59 Loading...

	www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js	7.5 kB	2023-03-07	2024-04-17
Pretty URL www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:52 Last Seen2024-04-17 02:58:54 Times Seen1154 Hash b96c26df3a59775a01d5378e1a4cdbfc b3ec796dbea78a8ed396cd010cbbd544c0b6f5f3 8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8 Loading...

	www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__no.js	400 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__no.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-17 10:22:00 Times Seen1 Hash 7503709e437fde390f535f04fd8ede0b 99ced015b85a6520ee2bfcd04f1b2d847f1b4c2b f7945cf44fdf0bec440bc42cbcadcee620eea079649b966ce506d4a7e8c1e193 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f3ba66ef456a3a1de3e7c85c8b83a47d	64 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:16 Last Seen2023-03-17 10:23:18 Times Seen1 Hash f3ba66ef456a3a1de3e7c85c8b83a47d c2d3c853073e8b982bbf2f2a248eeb519433b842 cf6cc726a2f06c63f97c66c8890aba42daf5fd3145f611ce7ef08190fe6662dc Loading...

	#2 Eval - 168c8dbeb8226d81a599e6eb653159d2	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:16 Last Seen2023-03-17 10:23:18 Times Seen1 Hash 168c8dbeb8226d81a599e6eb653159d2 3a0b42cbe3138bd517eebd05657ddec450df012a 68cc119067d619913f54c3e34c6e74876a6869aff04d221d4226b4bfc603b867 Loading...

	#3 Eval - 3288187cf92518d0ea8feb022511ae7b	16 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:16 Last Seen2023-03-17 10:23:17 Times Seen1 Hash 3288187cf92518d0ea8feb022511ae7b 9c7917062f0a44c3333d4d50fb8677b4ff8be62e e9721577f659f0c261158953f146c4ae649f29b0c858af12b6e064a43787d325 Loading...

	#4 Eval - 9fbf0b691334f1afa19577a4c1e68f2d	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:23:16 Last Seen2023-03-17 10:23:18 Times Seen1 Hash 9fbf0b691334f1afa19577a4c1e68f2d 1ec5025266f8d9ca34955bcfb038914370d1750e 060e4deac64e299c5bcde60c4d99191e1f91075fa13a7856a71ffb7d2d1e5377 Loading...

	#5 Eval - ae484f2d4df1486c09be67e218c62a30	15 kB	2023-03-17	2023-03-17
Pretty Observations First Seen2023-03-17 10:22:00 Last Seen2023-03-17 10:22:00 Times Seen1 Hash ae484f2d4df1486c09be67e218c62a30 4b015069807fbf43d3c0db232210756f16838f98 6f99661a9c6f299adbab3acc043e871a81aa7bc10cd4f7d512e3b3d9e1266222 Loading...

HTTP Transactions (61)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14351
Expires: Sun, 04 Sep 2022 09:49:30 GMT
Date: Sun, 04 Sep 2022 05:50:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 05:43:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nriUzlfcZjrMWTMEAUDxETDq7MZHIulbJ7K18wzHiLQfIO-r3Ia4kA==
Age: 384

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kYXnxySZlS2P5MWOKvKHf_8HBqN9sB4LFJOLsDRpK7_Zyiyla33JoQ==
age: 16502
X-Firefox-Spdy: h2

paypal-user-help.com/

173.254.229.131

301 Moved Permanently

707 B

URL HTTP/1.1
paypal-user-help.com/
IP
173.254.229.131:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: paypal-user-help.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 04 Sep 2022 05:50:19 GMT
server: LiteSpeed
location: https://paypal-user-help.com/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 05:50:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 04 Sep 2022 05:38:16 GMT
Expires: Sun, 04 Sep 2022 05:52:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UvHnzGRpCs78aPdvb3Zt_hwAG-rR3zPINx1oi7WvfzmiVBkpr8ZroA==
Age: 723

paypal-user-help.com/

173.254.229.131

302 Found

70 B

URL HTTP/2
paypal-user-help.com/
IP
173.254.229.131:0
ASN
#8100 ASN-QUADRANET-GLOBAL

File type
ASCII text, with no line terminators
Size
70 B (70 bytes)
Hash
467849732d722da9abe571438abafbce
fc9030f822e22272718701a04e51b667afde45e9
7e6c32bf2b1619e4de925a886897ee852eaf1067e3a83a12b92f7ccb3fa970ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: paypal-user-help.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
location: https://href.li/?https://paypal.com/
content-type: text/html; charset=UTF-8
content-length: 70
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 05:50:19 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:19 GMT
Last-Modified: Sun, 04 Sep 2022 05:05:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1c151d1c5e9f78cbc5e9634d8460e372
8750e467dac0ce937408757ab8073986c51b9b47
886f3e9383898531a4b64348fb9b2cae012e12c9935f7cd17f6c8e49746f1333

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "886F3E9383898531A4B64348FB9B2CAE012E12C9935F7CD17F6C8E49746F1333"
Last-Modified: Fri, 02 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19222
Expires: Sun, 04 Sep 2022 11:10:41 GMT
Date: Sun, 04 Sep 2022 05:50:19 GMT
Connection: keep-alive

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a67g668irsK/gAnHaBQDIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 42zuTe4K8+bymfEFijcgIfvI4pw=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
06edab0c8ace0dc0d24bccfc5785eb8b
bea01f48c237a901e620004a98e32fa1b3370a54
8c72cd04c878de1c7410f5d2cbba524336058c0c4db324a52b5f4867c2432b46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:20 GMT
Last-Modified: Sun, 04 Sep 2022 05:38:40 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

paypal.com/

64.4.250.37

302 Moved Temporarily

161 B

URL HTTP/1.1
paypal.com/
IP
64.4.250.37:0
ASN
#17012 PAYPAL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
161 B (161 bytes)
Hash
27775e943b151f4c766eb01f65c2e2ce
0375c990e06d6de794a32b789f8f072fa62f065a
56b5b4ef08ac75cd87bfdbe1b7ec3a171530ced643b622289c9f4a18c7f9bcfa

HTTP Headers

GET / HTTP/1.1
Host: paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 161
Connection: keep-alive
Location: https://www.paypal.com/
Strict-Transport-Security: max-age=31536000; includeSubDomains

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
44fa51b23142d71c735281f2d4cddebe
8948d0f21f5c5fb4f5aca03a43fd87cb989896f4
8aaa251b47b35bcdb87d206fbb94dd6cde266e2f9d0ed295f0d41faa015307f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:20 GMT
Last-Modified: Sun, 04 Sep 2022 04:21:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

www.paypal.com/

151.101.1.21

302 Found

0 B

URL HTTP/2
www.paypal.com/
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: Varnish
retry-after: 0
location: https://www.paypal.com/no/home
accept-ranges: bytes
date: Sun, 04 Sep 2022 05:50:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
X-Firefox-Spdy: h2

www.paypal.com/no/home

151.101.1.21

200 OK

21 kB

URL HTTP/2
www.paypal.com/no/home
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65380)
Size
21 kB (21284 bytes)
Hash
ecbf8dd916352407e3da8a621bbdf84f
448a056fb7530851044de6993c9d2d363e139f16
fe292ef7bcda5c26afad24d55c446b5d3b84261d9e852effec0ecf77712cb47f

HTTP Headers

GET /no/home HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-5AOOtdfJI2WOngM9q9hvrODqxnvA0TClu6zYKClZ4IOu1hdK' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"18b14-OiddNF5B2N/XnhRzKWSiHLNNY48"
paypal-debug-id: f35145669ae5e
set-cookie: enforce_policy=gdpr_v2.1; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 04 Sep 2023 05:50:20 GMT; Secure
cookie_check=yes; Max-Age=315619199; Domain=.paypal.com; Path=/; Expires=Sat, 04 Sep 2032 05:50:19 GMT; HttpOnly; Secure
LANG=no_NO%3BNO; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 04 Sep 2022 14:36:16 GMT; HttpOnly; Secure
tsrce=mppnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Wed, 07 Sep 2022 05:50:19 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2MjI3MDYyMDY1OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
nsid=s%3AFzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn.AQlK0WUHr4YFYthRgd2HDP1pKrF3jpcvdufZTkDstLI; Path=/; HttpOnly; Secure
ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:20 GMT; HttpOnly; Secure
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:20 GMT; Secure
traceparent: 00-0000000000000000000f35145669ae5e-34f7bb26ec1d07c9-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Sep 2022 05:50:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11540-HHN, cache-bma1647-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270620.290019,VS0,VE480
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f35145669ae5e-6e4663c367b9e77e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/js/min/pa.js

192.229.221.25

200 OK

22 kB

URL HTTP/2
www.paypalobjects.com/pa/js/min/pa.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (56537)
Size
22 kB (21559 bytes)
Hash
515a0d667b9a2bada71ec601faefaaa7
c0cba663962292f64be857325b4ab9948740e53c
d63748a487bae67086d3f14c4d8dd4bf70826c834fcc41d3a107943eb293e8cc

HTTP Headers

GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "62fa9eab-dcf5"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
paypal-debug-id: 3d19b3cfeffbe
server: ECAcc (ska/F77F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000003d19b3cfeffbe-5abb5baa94b14e0f-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 21559
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

192.229.221.25

200 OK

18 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format (Version 2), CFF, length 18320, version 1.6553\012- data
Size
18 kB (18320 bytes)
Hash
8a41b4550d23b462af63fc46fabb46a4
50359b7126ed92c33efcbf673c286f105d9ae5e7
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/font-woff2
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66ae4b-4790"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
paypal-debug-id: a12cb907ac34d
server: ECAcc (ska/F737)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a12cb907ac34d-dc98f161303ae178-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18320
X-Firefox-Spdy: h2

www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

192.229.221.25

200 OK

6.7 kB

URL HTTP/2
www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (22848), with no line terminators
Size
6.7 kB (6711 bytes)
Hash
dbbc4ada6d57936a2a6055d10f70b778
abb2b0ea2f77b8d14b8343f1bd8b829a84e71f07
69b0687c1489cf8302bfef3e3d7ee5697077780467a778dc680700d096e9780d

HTTP Headers

GET /webcaptcha/ngrlCaptcha.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "624d6980-5940"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
paypal-debug-id: acc8c66bfdd3e
server: ECAcc (ska/F69F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 6711
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

192.229.221.25

200 OK

18 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format (Version 2), CFF, length 18360, version 1.6553\012- data
Size
18 kB (18360 bytes)
Hash
687b74c9a69af269c66b34ba18d6abd0
2bc090adc07a731f3c13da7969ca0a4409cee081
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/font-woff2
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66a30d-47b8"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
paypal-debug-id: 6c8c2315db2c2
server: ECAcc (ska/F74D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006c8c2315db2c2-3184bfeb12786952-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18360
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing-resources/js/3d/1829fc06adfc966e1bf7b5125892d130add38f.js

192.229.221.25

200 OK

235 kB

URL HTTP/2
www.paypalobjects.com/marketing-resources/js/3d/1829fc06adfc966e1bf7b5125892d130add38f.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65399)
Size
235 kB (234737 bytes)
Hash
ca0bcf430d57ee351246b49ed4136f4b
b0545ec3f936fb6be33d41132663daf9a86d592f
47c45352a430479df4c480e508b50ff0f9d850379b93940079f3b921d098efaa

HTTP Headers

GET /marketing-resources/js/3d/1829fc06adfc966e1bf7b5125892d130add38f.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"629f3b66-102268"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Tue, 07 Jun 2022 11:49:58 GMT
paypal-debug-id: c3c6a6c262f22
server: ECAcc (ska/F68F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 234737
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css

192.229.221.25

200 OK

57 kB

URL HTTP/2
www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65363)
Size
57 kB (57301 bytes)
Hash
9a638d93806388d4c2c072249ad03f23
343afea670e1595b66518275c832de9578acf145
dfa8dbbe97f842bd61f83f5094511a4f62eb961706f812311af4e4d9812408f8

HTTP Headers

GET /marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: text/css
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"62eb9d9e-5dd48"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Thu, 04 Aug 2022 10:21:18 GMT
paypal-debug-id: 8278e48aaeee6
server: ECAcc (ska/F6EB)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000008278e48aaeee6-3fdc043c6bb8a420-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 57301
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

192.229.221.25

200 OK

44 kB

URL HTTP/2
www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (655)
Size
44 kB (44545 bytes)
Hash
7d15ba03b68b9e59d9c31c7f102c6030
10846bd743b584aef38247fe250e2d3563dad060
bef2c7cf7197a403833688bf5fbe1406255a40a8c6755a716c0b7af92988a671

HTTP Headers

GET /marketing-resources/vendors/react-17_0_1-bundle.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"603428fb-20ee8"
expires: Sun, 04 Sep 2022 06:50:20 GMT
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
paypal-debug-id: 1602a843d2c8a
server: ECAcc (ska/F761)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 44545
X-Firefox-Spdy: h2

www.paypalobjects.com/activation/js/marketingIntentsV2.js

192.229.221.25

200 OK

365 B

URL HTTP/2
www.paypalobjects.com/activation/js/marketingIntentsV2.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (469)
Size
365 B (365 bytes)
Hash
305c10d8cc14893fa7f3788f6b26d3b5
4c27a5f9dde9617912bb044e3eeee83607fdf6c8
91ad899e2fdac039958d4790085004f9c45e76f102ba52df10f16d8c672d73bb

HTTP Headers

GET /activation/js/marketingIntentsV2.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:20 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271561-22a"
expires: Mon, 05 Sep 2022 05:50:20 GMT
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
paypal-debug-id: a321bee596ac
server: ECAcc (ska/F6F1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000a321bee596ac-0fba6ed4fecec683-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 365
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg

192.229.221.25

200 OK

3.7 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1715)
Size
3.7 kB (3732 bytes)
Hash
83975b7fb6617e18a1996624e69e415e
da2486fb35f10830d021d281f7878c32badd6deb
fe39a08095bcbde12ab7929ae0439fcb1ec7353916dd0c3773a1852b898745b2

HTTP Headers

GET /digitalassets/c/website/logo/full-text/pp_fc_hl.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/svg+xml
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"56e84b0a-2b4b"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 15 Mar 2016 17:48:58 GMT
paypal-debug-id: a001f73a87829
server: ECAcc (ska/F7B9)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 3732
X-Firefox-Spdy: h2

www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

192.229.221.25

200 OK

25 kB

URL HTTP/2
www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format (Version 2), CFF, length 25368, version 1.6553\012- data
Size
25 kB (25368 bytes)
Hash
186b9e5be0671c3c941a2a4966beb47a
0255bf2f48460eb212c93242740f5bef01e858c4
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

HTTP Headers

GET /paypal-ui/fonts/PayPalSansBig-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/font-woff2
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cda-6318"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
paypal-debug-id: 308109b4950df
server: ECAcc (ska/F744)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache: HIT
x-content-type-options: nosniff
content-length: 25368
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff

192.229.221.25

200 OK

20 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format, CFF, length 19676, version 0.0\012- data
Size
20 kB (19676 bytes)
Hash
e6d6683417c85c5f2ae5f09334c3b2c3
737c02781d985bc6eb81d1c0df837613243e67f6
6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypalobjects.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: font/woff
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66a30d-4cdc"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
paypal-debug-id: 1cc6d6d9b8510
server: ECAcc (ska/F692)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 19676
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff

192.229.221.25

200 OK

20 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format, CFF, length 19988, version 0.0\012- data
Size
20 kB (19988 bytes)
Hash
75920d418c6e4b789a3d204b17553f6c
a9ed80fc5e7979f67eea9585113616a2034d32b5
4db62137dffee2ab0d510197115508b3b7ee0f3d4589c2ac14020e3894819bb1

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypalobjects.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: font/woff
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a7364c2-4e14"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Thu, 01 Feb 2018 19:04:34 GMT
paypal-debug-id: 8566a7cc1f9eb
server: ECAcc (ska/F6B3)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 19988
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/mi/latmconf.js

192.229.221.25

200 OK

35 kB

URL HTTP/2
www.paypalobjects.com/pa/mi/latmconf.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65407)
Size
35 kB (34590 bytes)
Hash
637aee902bd44f2fa8e24b05c041587b
748a202c3e79ab082dc7d9dae0789a64bf45ac12
65b41b8e37a8b469a2914d7128b02c34dc9fbdac000192f4155bbb2a37f82609

HTTP Headers

GET /pa/mi/latmconf.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "63088039-4903f"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Fri, 26 Aug 2022 08:11:37 GMT
paypal-debug-id: 9cf8df9fcecd6
server: ECAcc (ska/F772)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009cf8df9fcecd6-66afa3212064b9e0-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 34590
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14281
Expires: Sun, 04 Sep 2022 09:48:22 GMT
Date: Sun, 04 Sep 2022 05:50:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14281
Expires: Sun, 04 Sep 2022 09:48:22 GMT
Date: Sun, 04 Sep 2022 05:50:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14281
Expires: Sun, 04 Sep 2022 09:48:22 GMT
Date: Sun, 04 Sep 2022 05:50:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14281
Expires: Sun, 04 Sep 2022 09:48:22 GMT
Date: Sun, 04 Sep 2022 05:50:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14281
Expires: Sun, 04 Sep 2022 09:48:22 GMT
Date: Sun, 04 Sep 2022 05:50:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11380 bytes)
Hash
fc4ceb10dd9fcaab21ae58dcf10c401f
6ce530af682094dc5413db9de02565691fab4da7
84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sywGj-wLtW091vZYhx1AbRAgljYQWe6LuffDjwTDhEebqVzxpQuzEQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:58 GMT
age: 7283
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75330c10-c792-473d-a3d2-0529a16f1fc2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6081 bytes)
Hash
ff702bc582048928c5ecab8a6fa55d84
8e125792ea9dde5788e65d6491ba2eceade062d8
0c94940760d4c137f502da7310bc02f04a9adb5c8e2ea3c90370521e8a467e3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75330c10-c792-473d-a3d2-0529a16f1fc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6081
x-amzn-requestid: 030b9f1e-39af-44c8-80fa-23d0fb333fed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wxNEE-IAMFfSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c807-0ba8976b2f8934403cae41fa;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HtqsICZqA65XxVpMrwhlYSvvdqJDPO35wjejUpgwvOpg4VE2_AgWww==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:03:19 GMT
age: 28022
etag: "8e125792ea9dde5788e65d6491ba2eceade062d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09148d75-a4a3-47e6-8d91-01e8dfad4bc7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8931 bytes)
Hash
0eecb70391b63b662d13355e32d95ea1
5d5c724e26af57967b9a132a77d3986ba8d6ed9c
2c7f2aa1c725a5d39daf44ee746bb24b5c15aab41c67cf160814f7f87d1aacdf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09148d75-a4a3-47e6-8d91-01e8dfad4bc7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: cfc0940f-ad6a-4535-91b7-70b200af68d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwGEVEoAMFriw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-5b6e6e5e3401eba533fb63df;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -ASFa6a22qh9wxe5u-hQxXe9R7JSyBVFLZb6291gbrUeftSsYDXAJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:31:42 GMT
etag: "5d5c724e26af57967b9a132a77d3986ba8d6ed9c"
content-type: image/jpeg
age: 26319
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9690 bytes)
Hash
1bdfdf7e36f78f2f0e4d7ede9fdb76a8
babb88202741bbf2d4fd25e0731a4a7a6fcc28f8
949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:26 GMT
age: 28735
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10147 bytes)
Hash
d8aa56bbbb56df10ff381fc5dd250e09
19288de373e2bc69a51c9e0c6f49f5cf4e0d8759
68c4508940b207a3e1d32a38a9f82b1fbabbb97430fe0a5e2ddc75d62c4bdfcc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10147
x-amzn-requestid: 7c2c3756-fc7b-4386-8c88-f1b42beed37a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxLzHEAHoAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631059ad-063448962d443e107716b726;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:05:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZGR4HPl3KOfSdZzialXKeNrH_DzJzUvyLlwFtx0MQOp0VNsOtdC-bg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 08:04:39 GMT
age: 78342
etag: "19288de373e2bc69a51c9e0c6f49f5cf4e0d8759"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8688 bytes)
Hash
6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:48:07 GMT
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
age: 28934
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/pp32.png

192.229.221.25

200 OK

4.0 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/pp32.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3972 bytes)
Hash
8f4dd9ccb66a6485107e80b6e86063f9
fc5220270099d7079a068e5fd3ac5ad248f2e15d
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

HTTP Headers

GET /webstatic/icon/pp32.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "53611ccb-f84"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
paypal-debug-id: fad9686aa8e74
server: ECAcc (ska/F76D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache: HIT
x-content-type-options: nosniff
content-length: 3972
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/pp196.png

192.229.221.25

200 OK

6.3 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/pp196.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Size
6.3 kB (6295 bytes)
Hash
6aee6ff206053b62bf55f6673ae5914f
d21110a6efd1b626d01655db56cae4da1d4c18fd
46314d287f28e8179437f32d1f83abeab9aaf621448642997151055e8b2898d4

HTTP Headers

GET /webstatic/icon/pp196.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "53611ccb-1897"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
paypal-debug-id: 407355cf8bd23
server: ECAcc (ska/F6E5)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 6295
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

192.229.221.25

200 OK

3.3 kB

URL HTTP/2
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (6634)
Size
3.3 kB (3329 bytes)
Hash
390667e5ee9d664f84d4e95a57bc0e6c
dc1ddfccc45f27889df9cca04f1e67fd8bf8288d
df20d35b4f816c1d2ac8ea2fe2213a95be96afcd2b750da848386f2adee927b9

HTTP Headers

GET /pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "61dccd14-1d47"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
paypal-debug-id: ef1030c1a20bb
server: ECAcc (ska/F6EC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ef1030c1a20bb-9ffd91117605d0f3-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 3329
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

192.229.221.25

200 OK

16 kB

URL HTTP/2
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (56506)
Size
16 kB (16285 bytes)
Hash
3f62719f14544a6fa7086ecdf8b0235c
61b91f411669bd18a1c32a9a2ab44b2665a5854d
cf4b36f9dba4efa468855937f6a5659913cb6f38b613bd3305f6a0f2e91513f9

HTTP Headers

GET /pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "61dccd14-e017"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
paypal-debug-id: 7480bc62bd337
server: ECAcc (ska/F6C9)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000007480bc62bd337-f5db19cf51984991-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16285
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86175f387b509e6ca6a3ff8556281e24
c0c0dfa1aaf19def080126b7af80e85cbe6d6a9e
75e2c4e2498af0a856ea82ccdb5f4e6f23afc45ffdb18a2141dbeea7b892d87e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.paypal.com/auth/recaptcha/grcenterprise_v3.html

151.101.1.21

200 OK

2.4 kB

URL HTTP/2
www.paypal.com/auth/recaptcha/grcenterprise_v3.html
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text
Size
2.4 kB (2431 bytes)
Hash
f4dc29c2ac2e3d2f95df5a2f7d1c2b45
9111553f71da964b8000fb96a9a7c84eaf6ac7d6
7e78ac4cbf265b06dd41b2bc9816211a628220155fdda18186ed663b2a6bf46d

HTTP Headers

GET /auth/recaptcha/grcenterprise_v3.html HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/no/home
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=authchallengenodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTA1MSIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AFzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn.AQlK0WUHr4YFYthRgd2HDP1pKrF3jpcvdufZTkDstLI; ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; l7_az=dcg13.slc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
etag: W/W/"fb3-182ea6e08c0"
last-modified: Mon, 29 Aug 2022 16:27:36 GMT
paypal-debug-id: f457112ed4c43
set-cookie: l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Sun, 04 Sep 2022 06:20:21 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756965021%26vteXpYrS%3D1662272421%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; HttpOnly; Secure
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; Secure
traceparent: 00-0000000000000000000f457112ed4c43-298759ae6d7da7ad-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sun, 04 Sep 2022 05:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11569-HHN, cache-bma1647-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270621.190200,VS0,VE167
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86175f387b509e6ca6a3ff8556281e24
c0c0dfa1aaf19def080126b7af80e85cbe6d6a9e
75e2c4e2498af0a856ea82ccdb5f4e6f23afc45ffdb18a2141dbeea7b892d87e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

t.paypal.com/ts?v=1.6.9&t=1662270618173&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=NO&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac

151.101.1.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.6.9&t=1662270618173&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=NO&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac
IP
151.101.1.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.6.9&t=1662270618173&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=NO&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/no/home
Connection: keep-alive
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=authchallengenodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTA1MSIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; l7_az=dcg13.slc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 04 Sep 2022 05:50:21 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f43780fcd51c1
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1756965021%26vteXpYrS%3D1662272421%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Expires=Thu, 04 Sep 2025 05:50:21 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Expires=Thu, 04 Sep 2025 05:50:21 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000f43780fcd51c1-1501eded86fb0766-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Sep 2022 05:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11580-HHN, cache-bma1668-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270621.399167,VS0,VE166
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 05:50:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__no.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__no.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (747)
Size
159 kB (158950 bytes)
Hash
734ad824cfdb7b7df19cc24d324fc6ea
0b1a983fa154182494a6062c501adaf7cf082dcd
63b3e8a2ebd4c9b645a96483eedea413217a8fe44297f9c4af94a8e43f790176

HTTP Headers

GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__no.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158950
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 22:40:48 GMT
expires: Sat, 02 Sep 2023 22:40:48 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 112173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

104.17.208.240

200 OK

38 kB

URL HTTP/2
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs
IP
104.17.208.240:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38333 bytes)
Hash
3822851763e8b0657ca2fd89457623ba
8c5a15424ebccce2dd78350cf8f60bbb5e638952
5876d690bd52f9786b1301e458c582160a3bd01c7995697d65e3ee2a99b0df99

HTTP Headers

POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs HTTP/1.1
Host: zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 54
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Sep 2022 05:50:21 GMT
content-type: application/json
cf-ray: 745472781c6bb506-OSL
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 04a4665e91ddc45f
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

192.229.221.25

200 OK

1.2 kB

URL HTTP/2
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1680)
Size
1.2 kB (1231 bytes)
Hash
1803fdb9c7b273d19d13adcf92aa285d
b88182ce8887df0ea48c51ac79bfe520a37cb44d
343b313bd3a48de565d90c4d1191eb9f5027586f7843cb9a254ebea7ac295b19

HTTP Headers

GET /pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "61dccd14-9ed"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
paypal-debug-id: 1664220bc82f0
server: ECAcc (ska/F75D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001664220bc82f0-f21c6f3466dfcd62-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1231
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

192.229.221.25

200 OK

6.6 kB

URL HTTP/2
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (28410)
Size
6.6 kB (6602 bytes)
Hash
2786ba02aac70f0c2b4a5befa64249bf
b78badb9d384d60747a9df7e9f2d890b25092947
26b520e3599233a0249ca5ba21e06281310fe0c5be088a556c379a7f2c5c924d

HTTP Headers

GET /pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "61dccd14-7257"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
paypal-debug-id: cfd4fa3d5786
server: ECAcc (ska/F6C8)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000cfd4fa3d5786-5c0f6fc0a4fb1387-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 6602
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

192.229.221.25

200 OK

7.8 kB

URL HTTP/2
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (17910)
Size
7.8 kB (7762 bytes)
Hash
de0da1f6f46f2414861b5291dadfcabe
26d55694bf7c0427fc5720e9e13bf56a237c5aae
d42f8c0f84ecc47d75c66194d27d3f7f1bcedd172266c43c0e3fca535c38e180

HTTP Headers

GET /pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "61dccd14-4a99"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
paypal-debug-id: 90056f678e25c
server: ECAcc (ska/F73C)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000090056f678e25c-0126c6ed7a95ddca-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 7762
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing/web/no/home/Checkout_1000x1000_transparent.png

192.229.221.25

200 OK

32 kB

URL HTTP/2
www.paypalobjects.com/marketing/web/no/home/Checkout_1000x1000_transparent.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31540 bytes)
Hash
25f22d25a5ecc173cf33a364a553b4a0
32d36b73bd094dd77ddeb590ff77c2addb86de0d
1e9697067883b78f63355d46210aa68f2a6e99ff5d8043b0c43d2bbd9d6978f0

HTTP Headers

GET /marketing/web/no/home/Checkout_1000x1000_transparent.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271c3e-7b34"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Sat, 13 Feb 2021 00:24:30 GMT
paypal-debug-id: 4e04936c151bf
server: ECAcc (ska/F6BF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 31540
X-Firefox-Spdy: h2

t.paypal.com/ts?v=1.6.9&t=1662270619349&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A2%2C%22t11%22%3A2295%2C%22tcp%22%3A1165%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A627%7D&pt=Betal%2C%20overf%C3%B8r%20og%20ta%20imot%20penger%20p%C3%A5%20nettet%20%E2%80%93%20PayPal%20Norge&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=2&t1c=0&t1d=0&t1s=0&t2=490&t3=1&t4d=0&t4=0&t4e=4&tt=1669&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=316

151.101.1.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.6.9&t=1662270619349&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A2%2C%22t11%22%3A2295%2C%22tcp%22%3A1165%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A627%7D&pt=Betal%2C%20overf%C3%B8r%20og%20ta%20imot%20penger%20p%C3%A5%20nettet%20%E2%80%93%20PayPal%20Norge&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=2&t1c=0&t1d=0&t1s=0&t2=490&t3=1&t4d=0&t4=0&t4e=4&tt=1669&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=316
IP
151.101.1.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.6.9&t=1662270619349&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A2%2C%22t11%22%3A2295%2C%22tcp%22%3A1165%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A627%7D&pt=Betal%2C%20overf%C3%B8r%20og%20ta%20imot%20penger%20p%C3%A5%20nettet%20%E2%80%93%20PayPal%20Norge&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=2&t1c=0&t1d=0&t1s=0&t2=490&t3=1&t4d=0&t4=0&t4e=4&tt=1669&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=316 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/no/home
Connection: keep-alive
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=smartchatnodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTIyMyIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1756965021%26vteXpYrS%3D1662272421%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; l7_az=dcg13.slc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 04 Sep 2022 05:50:22 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 1afd8df33c26
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1756965022%26vteXpYrS%3D1662272422%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Expires=Thu, 04 Sep 2025 05:50:22 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Expires=Thu, 04 Sep 2025 05:50:22 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-000000000000000000001afd8df33c26-e4893a0d13d8b09a-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Sep 2022 05:50:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11543-HHN, cache-bma1668-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270622.436852,VS0,VE175
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

www.paypal.com/auth/verifygrcenterprise

151.101.1.21

200 OK

0 B

URL HTTP/2
www.paypal.com/auth/verifygrcenterprise
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /auth/verifygrcenterprise HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-requested-with: XMLHttpRequest
Content-Length: 1485
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/no/home
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=smartchatnodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTIyMyIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AFzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn.AQlK0WUHr4YFYthRgd2HDP1pKrF3jpcvdufZTkDstLI; ts=vreXpYrS%3D1756965021%26vteXpYrS%3D1662272421%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; l7_az=dcg13.slc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-5rKok/3M5jzcjVpYFn5GnxhJFsnP9rrOF+A8C27KSj2bDGDV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
paypal-debug-id: f359787ab415f
set-cookie: enforce_policy=gdpr_v2.1; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 04 Sep 2023 05:50:22 GMT; Secure
LANG=no_NO%3BNO; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 04 Sep 2022 14:36:18 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2MjI3MDYyMjU4MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=authchallengenodeweb; Domain=.paypal.com; Path=/; Expires=Wed, 07 Sep 2022 05:50:22 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Sun, 04 Sep 2022 06:20:22 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756965022%26vteXpYrS%3D1662272422%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:22 GMT; HttpOnly; Secure
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:22 GMT; Secure
traceparent: 00-0000000000000000000f359787ab415f-7bacd4d9239120ab-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Sep 2022 05:50:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11535-HHN, cache-bma1647-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270622.384653,VS0,VE294
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
X-Firefox-Spdy: h2

t.paypal.com/ts?v=1.6.9&t=1662270620351&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=3&t1c=0&t1d=0&t1s=0&t2=184&t3=1&tt=188&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A3%2C%22t11%22%3A188%2C%22nt%22%3A%22res%22%7D&e=pf

151.101.1.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.6.9&t=1662270620351&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=3&t1c=0&t1d=0&t1s=0&t2=184&t3=1&tt=188&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A3%2C%22t11%22%3A188%2C%22nt%22%3A%22res%22%7D&e=pf
IP
151.101.1.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.6.9&t=1662270620351&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=f35145669ae5e&nsid=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn&rsta=no_NO&pgtf=Nodejs&env=live&s=ci&ccpg=no&csci=95024e31a55541f1b07e5201a8830a55&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=3&t1c=0&t1d=0&t1s=0&t2=184&t3=1&tt=188&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A3%2C%22t11%22%3A188%2C%22nt%22%3A%22res%22%7D&e=pf HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/no/home
Connection: keep-alive
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=authchallengenodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMjU4MCIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1756965022%26vteXpYrS%3D1662272422%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; l7_az=dcg13.slc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 04 Sep 2022 05:50:23 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 40311de1650ca
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1756965023%26vteXpYrS%3D1662272423%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Expires=Thu, 04 Sep 2025 05:50:23 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Expires=Thu, 04 Sep 2025 05:50:23 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-000000000000000000040311de1650ca-a110063bc6d76668-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 04 Sep 2022 05:50:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4059-HHN, cache-bma1668-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270623.439077,VS0,VE187
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

href.li/?https://paypal.com/

192.0.78.26

200 OK

0 B

URL HTTP/2
href.li/?https://paypal.com/
IP
192.0.78.26:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?https://paypal.com/ HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 05:50:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca
X-Firefox-Spdy: h2

www.paypal.com/auth/createchallenge/a5a5977417e21cca/recaptchav3.js?_sessionID=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn

151.101.1.21

200 OK

0 B

URL HTTP/2
www.paypal.com/auth/createchallenge/a5a5977417e21cca/recaptchav3.js?_sessionID=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /auth/createchallenge/a5a5977417e21cca/recaptchav3.js?_sessionID=FzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/no/home
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=mppnodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMDY1OSIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AFzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn.AQlK0WUHr4YFYthRgd2HDP1pKrF3jpcvdufZTkDstLI; ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-0FsXVP5LTZZSkGKbSOEIGbz7qdxmWbRP6ZfQQFOkfvrN+3C8' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
content-type: text/javascript; charset=utf-8
etag: W/W/"27c0-t7ct45p8lbqiLQcml4rLqnJit6g"
paypal-debug-id: f457112315bdf
set-cookie: enforce_policy=gdpr_v2.1; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 04 Sep 2023 05:50:21 GMT; Secure
LANG=no_NO%3BNO; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 04 Sep 2022 14:36:17 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTA1MSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=authchallengenodeweb; Domain=.paypal.com; Path=/; Expires=Wed, 07 Sep 2022 05:50:21 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Sun, 04 Sep 2022 06:20:21 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; HttpOnly; Secure
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; Secure
traceparent: 00-0000000000000000000f457112315bdf-d4ef962257e285f8-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Sun, 04 Sep 2022 05:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11538-HHN, cache-bma1647-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270621.819014,VS0,VE321
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/no/home

151.101.1.21

200 OK

0 B

URL HTTP/2
www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/no/home
IP
151.101.1.21:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartchat/open/eligibility?intent=SALESCHAT&page=/no/home HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.paypal.com/no/home
Cookie: enforce_policy=gdpr_v2.1; cookie_check=yes; LANG=no_NO%3BNO; tsrce=mppnodeweb; x-pp-s=eyJ0IjoiMTY2MjI3MDYyMDY1OSIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AFzrIU6kT0--rI8T-o0rHicLAm5ZhKJtn.AQlK0WUHr4YFYthRgd2HDP1pKrF3jpcvdufZTkDstLI; ts=vreXpYrS%3D1756965020%26vteXpYrS%3D1662272420%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-HzoPQ5Gaz3+cTUygoBIgktDioNWqk5Idoi+DMfCYOowHyRKY' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
content-type: application/json; charset=utf-8
etag: W/W/"54a-OgK1dchG3QR4sDP9KToqm5TE93s"
paypal-debug-id: f457112a911b4
set-cookie: enforce_policy=gdpr_v2.1; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Mon, 04 Sep 2023 05:50:21 GMT; Secure
LANG=no_NO%3BNO; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 04 Sep 2022 14:36:17 GMT; HttpOnly; Secure
tsrce=smartchatnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Wed, 07 Sep 2022 05:50:20 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2MjI3MDYyMTIyMyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sun, 04 Sep 2022 06:20:21 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1756965021%26vteXpYrS%3D1662272421%26vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; HttpOnly; Secure
ts_c=vr%3D070cc2d21830a7a082828184fe6f1dec%26vt%3D070cc2d31830a7a082828184fe6f1deb; Path=/; Domain=paypal.com; Expires=Wed, 03 Sep 2025 05:50:21 GMT; Secure
traceparent: 00-0000000000000000000f457112a911b4-b39d1ee2646dca89-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sun, 04 Sep 2022 05:50:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4040-HHN, cache-bma1647-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662270621.078427,VS0,VE237
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing/web/no/home/PP_EE_LP_Header_Output_NO_1600x1400.mp4

192.229.221.25

206 Partial Content

0 B

URL HTTP/2
www.paypalobjects.com/marketing/web/no/home/PP_EE_LP_Header_Output_NO_1600x1400.mp4
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /marketing/web/no/home/PP_EE_LP_Header_Output_NO_1600x1400.mp4 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.paypal.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-range: bytes 0-1637381/1637382
content-type: video/mp4
date: Sun, 04 Sep 2022 05:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271c3e-18fc06"
expires: Sun, 04 Sep 2022 06:50:21 GMT
last-modified: Sat, 13 Feb 2021 00:24:30 GMT
paypal-debug-id: 7ebc1071f6b6d
server: ECAcc (ska/F79F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 1637382
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations