{"report_id":"dace742f-1092-4f63-9164-fc29341c57ff","version":6,"status":"done","tags":[],"date":"2026-03-28T07:38:49Z","url":{"schema":"http","addr":"pp-info.com","fqdn":"pp-info.com","domain":"pp-info.com","tld":"com"},"ip":{"addr":"217.160.0.167","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"info-pp.serveousercontent.com/DE/user.html","fqdn":"info-pp.serveousercontent.com","domain":"serveousercontent.com","tld":"com"},"title":"Loggen Sie sich bei PayPaI ein","dom":{"size":5972,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0ac9a2db70f112b25f55f265c25a3991","sha1":"0459ccad91c441e64f751c931e4e6580a9cbdefb","sha256":"31cb54e02059fc2c1a4f08211dd3ac9821413c393ce65741afd48ad99516bcb0","sha512":"d78e4d0859a401dc585c186c84c7acd9d1cfc01f8a1dcd13281354f9afe64734be23d42b26ee122ab39226b40b8752ba9c1f71e0c19f4dd2c2ae33160eb40575","ssdeep":"96:cbrNxdVw/sYTJgC1rTqXLO+EWeraMHQsuXuemdI+toZVQqzqwsyx3h:cbrN7esOJgC13qXLO+qrbcu7I+aZP2o/","tlshash":"9cc1852524f9a823a243c0a476e1b90a7ba6d50bcd0dc80079fc8aed1fd3ed78d9705d","dom_hash":"domhash0c977e988356ad4a6e3b3e15e94c66bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pp-info.com","fqdn":"pp-info.com","domain":"pp-info.com","tld":"com"},"ip":{"addr":"217.160.0.167","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T07:38:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"info-pp.serveousercontent.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"pp-info.com","ip":{"addr":"217.160.0.167","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"domain_registered":"2026-03-27","domain_rank":0,"first_seen":"2026-03-28T07:38:50.122259Z","last_seen":"2026-03-28T07:38:50.122259Z","alert_count":0,"request_count":1,"received_data":6293,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-22T23:23:48.195369Z","alert_count":0,"request_count":1,"received_data":90650,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.paypalobjects.com","ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-05-12","domain_rank":19317,"first_seen":"2012-05-30T06:40:21Z","last_seen":"2026-03-25T17:43:41.300261Z","alert_count":0,"request_count":8,"received_data":242416,"sent_data":4086,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"info-pp.serveousercontent.com","ip":{"addr":"5.255.123.12","port":443,"asn":60404,"as":"The Infrastructure Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-11-02","domain_rank":0,"first_seen":"2026-03-28T07:38:50.119786Z","last_seen":"2026-03-28T07:38:50.119786Z","alert_count":6,"request_count":2,"received_data":12480,"sent_data":1011,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.6.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PayPal","description":"PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders.","website":"https://paypal.com","common_platform_enumeration":"cpe:2.3:a:paypal:paypal:*:*:*:*:*:*:*:*","icon":"PayPal.svg","categories":["Payment processors"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.paypalobjects.com/pa/mi/paypal/latmconf.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"631863ab8ed6c50daa1fd703d197a625","sha1":"9339b4de99a2e6703f5c94968ff48e96f762ffee","sha256":"cb38f20a4d9397b82dd2aeb0f432491c1eaead25cac7f197b6862d5066454cac","sha512":"664ed7ac392efa3cbf3bc225a025465c83c2c1b4e9d85e197f61307b2d21910cfb549117b52f6c1e6acfdbbe254e85208758ec88c774ea85999a188ff5a32e56","ssdeep":"384:xCLoqKvmwdkvwnxr4ux4Yv/z0odof69JtG:xCLo7vmwdkwxMux4o/Amof69JU","tlshash":"2d62fb4e6bfc9af61d7a52e693da3e0f58c451c3784393d975e8c82f20d64d6092703a","size":14979,"data":"","first_seen":"2026-02-14T01:01:19.032052Z","last_seen":"2026-04-22T14:48:41.640402Z","times_seen":267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"info-pp.serveousercontent.com/DE/user.html","fqdn":"info-pp.serveousercontent.com","domain":"serveousercontent.com","tld":"com"},"ip":{"addr":"5.255.123.12","port":443,"asn":60404,"as":"The Infrastructure Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0be788587ee1f6ddd3c3045fb8428f9","sha1":"a016630521fc85b46cd6dc9bbae9772f24ff2711","sha256":"cad72d877116c53d6a26559422d88a5db084d36ab21607dec5a220a774fd3482","sha512":"9a983e6f473be47de6b2c5c82e75a10a821b9e4520a09a8334c43b3e80294907670c606c575c560c9c39792ceaeedc6aa64d216e7026d2aaa31dc33a593a2928","ssdeep":"","tlshash":"dbe0edaf70d230303583383d062910b4343e0c9324999aa0bc0d91b08f02ca903e76ac","size":404,"data":"","first_seen":"2026-02-15T16:38:38.33328Z","last_seen":"2026-06-05T02:04:16.008783Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/web/res/350/f4a321c8c19f3b89757031eacebff/js/lib/modernizr-2.6.1.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a635a55ddb6339a3d0d01c641f670753","sha1":"a6dee4a1df6c51b82ce2e67323514e7de4e165d4","sha256":"a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44","sha512":"2562ca35be37bfe0b984ec288e23678bc97ba7a881764044e65914ea013742a5310a5c12839cb8a501a464791bc67868fe6a02ae149df9329e40562569eba42d","ssdeep":"","tlshash":"a77175c474e1f15e539b20bb107fa34ef2b85a65596a8510e0a8c4bdbcb0c64867bf2d","size":3807,"data":"","first_seen":"2023-03-07T01:03:30Z","last_seen":"2026-06-05T02:04:16.000751Z","times_seen":1048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"info-pp.serveousercontent.com/DE/user.html","fqdn":"info-pp.serveousercontent.com","domain":"serveousercontent.com","tld":"com"},"ip":{"addr":"5.255.123.12","port":443,"asn":60404,"as":"The Infrastructure Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"7da6e956d49aedebf4b51186ef83c99e","sha1":"9ab82ad3732e976ca598ff4f90c0e2a72953f269","sha256":"337c94a5eb5d02f9796ea28d4957f527f09c2c80eaf2c46b698c9046ca395939","sha512":"97ba8865f2331b8e6c5c380460d511a1796b57ba89eb9b5020af00650eb05e38045c19045c66533d592caa9df33b1e76760c0b44ad76d05685f069d75f8b5055","ssdeep":"","tlshash":"71a0010975a59a44e03b70994a7fa2941a2a061b24459e95ba4c8ac2af1002aee66589","size":78,"data":"","first_seen":"2025-07-30T17:53:02.864553Z","last_seen":"2026-06-05T02:04:16.010888Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","size":89664,"data":"","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-06-08T11:02:18.62185Z","times_seen":31530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"243eda4543153156c0ae9df9e8c5833d","sha1":"dfa372f408889fa3f4a6ca29847f4a379ed246a8","sha256":"d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b","sha512":"bc2e170a94bb45624ed4392b2049fa017411c244dc765b5e862093e2264ec9580752a29a86e6739e2ecba2f16b6880fdbf9ab1ecb6647e739b391b46a5bf9aa9","ssdeep":"384:v0Ap5n5P9Nxf4hfWGwR+EkE+n4QnZ/X2NWKW4BCCMHxDkZbaXpweyGobcUWfgMcC:J5n51f4hfWGwR+Tnn4QnZ/b3J7yGQMUE","tlshash":"faa2c6d9378074b30bdb22ba712fa247f1b2459aac4dd050a614dcf12c7ceda8516fad","size":23125,"data":"","first_seen":"2024-06-05T17:44:09Z","last_seen":"2026-06-07T20:24:04.996399Z","times_seen":1160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:31.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:40 GMT","end":"Mon, 01 Jun 2026 08:37:39 GMT"},"fingerprint":{"sha1":"5F:99:6E:26:2A:3A:DA:FF:7F:0D:EE:C5:8B:2A:01:AE:28:26:AD:C4","sha256":"2B:88:E7:79:70:E5:E9:DE:0E:A9:0A:B8:F1:F5:C6:D6:10:77:F0:C9:0F:E6:2A:13:A3:D6:08:F9:89:A3:60:E8"}}},"request":{"raw":"GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31100\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Mar 2026 17:57:49 GMT\r\nexpires: Thu, 25 Mar 2027 17:57:49 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Thu, 08 Sep 2022 18:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 222042\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89664,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-06-08T11:02:18.62185Z","times_seen":31530,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":60,"dns":1,"connect":8,"send":0,"wait":12,"receive":9,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:31.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /webcaptcha/ngrlCaptcha.min.js HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 17 Jul 2024 16:51:14 GMT\r\ntraceparent: 00-00000000000000000006b2f13490e41b-6252366e521d59ae-01\r\ncontent-encoding: br\r\ndc: ccg11-origin-www-1.paypal.com\r\npaypal-debug-id: 6b2f13490e41b\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\naccess-control-allow-headers: x-csrf-token\r\naccess-control-allow-methods: GET\r\ncache-control: s-maxage=31536000, public,max-age=3600\r\netag: W/\"6697f682-5a55\"\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:31 GMT\r\nx-served-by: cache-sjc1000125-SJC, cache-sjc10023-SJC, cache-hel1410032-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 42, 11945\r\nx-timer: S1774683512.845070,VS0,VE0\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 6477\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23125,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23125), with no line terminators","md5":"243eda4543153156c0ae9df9e8c5833d","sha1":"dfa372f408889fa3f4a6ca29847f4a379ed246a8","sha256":"d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b","sha512":"bc2e170a94bb45624ed4392b2049fa017411c244dc765b5e862093e2264ec9580752a29a86e6739e2ecba2f16b6880fdbf9ab1ecb6647e739b391b46a5bf9aa9","ssdeep":"384:v0Ap5n5P9Nxf4hfWGwR+EkE+n4QnZ/X2NWKW4BCCMHxDkZbaXpweyGobcUWfgMcC:J5n51f4hfWGwR+Tnn4QnZ/b3J7yGQMUE","tlshash":"faa2c6d9378074b30bdb22ba712fa247f1b2459aac4dd050a614dcf12c7ceda8516fad","first_seen":"2024-06-05T17:44:09Z","last_seen":"2026-06-07T20:24:04.996399Z","times_seen":1160,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":79,"dns":38,"connect":17,"send":0,"wait":14,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/web/res/350/f4a321c8c19f3b89757031eacebff/css/contextualLoginElementalUIv2.css","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:31.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /web/res/350/f4a321c8c19f3b89757031eacebff/css/contextualLoginElementalUIv2.css HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npaypal-debug-id: 3ab5bd6447820\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ncontent-type: text/css\r\netag: W/\"63c980db-23ebc\"\r\naccess-control-allow-headers: x-csrf-token\r\ndc: ccg11-origin-www-1.paypal.com\r\nexpires: Sun, 14 Mar 2027 21:50:15 GMT\r\nlast-modified: Thu, 19 Jan 2023 17:41:47 GMT\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:31 GMT\r\nx-served-by: cache-sjc1000104-SJC, cache-sjc1000104-SJC, cache-hel1410032-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 189, 0\r\nx-timer: S1774683512.864469,VS0,VE1\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 20900\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":147132,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4b482617d5e8dc5d288bdbe5ca66d104","sha1":"d5689b5c8c977752b839f3b9210b7a12c05c55f6","sha256":"2827993895add14d69b3ff4763817e189ba6ce8bb7d83084a4a1534e8c825381","sha512":"c7e0c62d327a1b3cf7e77ab9d41bd11f3e0b69e7549726e113ca2ff50ca39b6c50eb2242335d3c94e442efafbbbb6b247ec664295a73e41002dcdf315d1f07a7","ssdeep":"1536:NnKjhOLExoXSvXXebLnPo0sNvhqVyL1SrEGVK1PzTymiNbhj/jMWJ1R:NnKjh08nAbK13ymiNbhj/jMG1R","tlshash":"a0e30a7695881029f72bc512f0d2b9c8b122c017d9b38ebef95aa57dcac61db137270d","first_seen":"2023-04-29T07:13:43Z","last_seen":"2026-06-05T02:04:16.0039Z","times_seen":24,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":97,"dns":33,"connect":30,"send":0,"wait":14,"receive":2,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/web/res/350/f4a321c8c19f3b89757031eacebff/js/lib/modernizr-2.6.1.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:31.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /web/res/350/f4a321c8c19f3b89757031eacebff/js/lib/modernizr-2.6.1.js HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: W/\"63c980dc-edf\"\r\npaypal-debug-id: 7203586198805\r\nlast-modified: Thu, 19 Jan 2023 17:41:48 GMT\r\ndc: ccg11-origin-www-1.paypal.com\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\nexpires: Tue, 09 Feb 2027 09:19:01 GMT\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:32 GMT\r\nx-served-by: cache-sjc1000136-SJC, cache-sjc1000105-SJC, cache-hel1410032-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 58, 0\r\nx-timer: S1774683512.859788,VS0,VE158\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: x-csrf-token\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 1635\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3807), with no line terminators","md5":"a635a55ddb6339a3d0d01c641f670753","sha1":"a6dee4a1df6c51b82ce2e67323514e7de4e165d4","sha256":"a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44","sha512":"2562ca35be37bfe0b984ec288e23678bc97ba7a881764044e65914ea013742a5310a5c12839cb8a501a464791bc67868fe6a02ae149df9329e40562569eba42d","ssdeep":"","tlshash":"a77175c474e1f15e539b20bb107fa34ef2b85a65596a8510e0a8c4bdbcb0c64867bf2d","first_seen":"2023-03-07T01:03:30Z","last_seen":"2026-06-05T02:04:16.000751Z","times_seen":1048,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":91,"dns":33,"connect":26,"send":0,"wait":171,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:32.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /paypal-ui/logos/svg/paypal-mark-color.svg HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.paypalobjects.com/web/res/350/f4a321c8c19f3b89757031eacebff/css/contextualLoginElementalUIv2.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: s-maxage=31536000, public,max-age=3600\r\netag: W/\"67da3cd6-2c5\"\r\ncontent-type: image/svg+xml\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ntraceparent: 00-0000000000000000000ffc264c1c42c7-d196537215206cf0-01\r\npaypal-debug-id: ffc264c1c42c7\r\ndc: ccg11-origin-www-1.paypal.com\r\nlast-modified: Wed, 19 Mar 2025 03:41:10 GMT\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:32 GMT\r\nx-served-by: cache-sjc10044-SJC, cache-sjc10044-SJC, cache-hel1410032-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 92, 4865\r\nx-timer: S1774683512.059300,VS0,VE0\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 396\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":709,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4e4d21de34f5bac1de81cb884467fdb6","sha1":"8dedf28944bd5492bd2a3a6951f9b218541cae38","sha256":"8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027","sha512":"172279c1b157433f85d5466b177d1dcc95ace3547c00b77f414627bf47f182013d24f40e830a700da740ce2099173ea53a00ef1ec52677edcc4f1dca38c0de19","ssdeep":"","tlshash":"d201dcf732b8328c9d560ba0aab860c0c0377cbc93454498f1886fa5a1d42bf5a41d19","first_seen":"2024-09-07T15:19:02Z","last_seen":"2026-06-07T20:24:05.000578Z","times_seen":1171,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:32.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /paypal-ui/fonts/PayPalSansBig-Regular.woff2 HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://info-pp.serveousercontent.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.paypalobjects.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"60271cda-6318\"\r\nlast-modified: Sat, 13 Feb 2021 00:27:06 GMT\r\npaypal-debug-id: 84fe675ebbe82\r\ndc: ccg11-origin-www-1.paypal.com\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ncache-control: s-maxage=31536000, public,max-age=31536000\r\naccess-control-allow-methods: GET\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:32 GMT\r\nx-served-by: cache-sjc10063-SJC, cache-sjc1000146-SJC, cache-hel1410028-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 1244, 0\r\nx-timer: S1774683512.067765,VS0,VE1\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\ncontent-type: application/font-woff2\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 25368\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":25368,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), CFF, length 25368, version 1.6553","md5":"186b9e5be0671c3c941a2a4966beb47a","sha1":"0255bf2f48460eb212c93242740f5bef01e858c4","sha256":"1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be","sha512":"800337ffe081fabac76979140a60c8a8cfcc1b6b0dea559e444904acc9cbd34f066168a658afb7348f3dd7f621ac7444a91773e3b3ec68bfe23ae8f78ade622b","ssdeep":"768:C6oeBPhOo72gZ8QfhVeOCysw6OvQ5ipIg/55p5Wk:DoeZcy5FfmOCysw6wE7ghn5b","tlshash":"ecb2e15b15473bbbca6be620e57388c8147684bfca0e5f0314e92ec790e4e8d39a1735","first_seen":"2023-04-05T13:56:49Z","last_seen":"2026-06-05T02:04:16.005234Z","times_seen":1232,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"info-pp.serveousercontent.com/DE/","fqdn":"info-pp.serveousercontent.com","domain":"serveousercontent.com","tld":"com"},"ip":{"addr":"5.255.123.12","port":443,"asn":60404,"as":"The Infrastructure Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T07:38:28.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serveousercontent.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 31 Jan 2026 00:00:00 GMT","end":"Fri, 01 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DB:25:E5:4B:48:F3:0B:67:2C:04:C0:07:65:8E:8D:EF:DA:03:C4:A4","sha256":"82:7A:2D:F9:9E:0A:09:69:07:C9:63:B7:C6:00:C7:56:22:78:D4:0B:65:3F:1C:F8:DB:38:DD:5B:34:4E:97:4B"}}},"request":{"raw":"GET /DE/ HTTP/1.1\r\nHost: info-pp.serveousercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 28 Mar 2026 07:38:28 GMT\r\nlocation: user.html\r\nserver: Apache/2.4.52 (Ubuntu)\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5995,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T11:34:21.534624Z","times_seen":16238222,"resource_available":true,"data":null}},"time_used":2921,"timings":{"blocked":167,"dns":62,"connect":19,"send":0,"wait":2586,"receive":0,"ssl":84},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"info-pp.serveousercontent.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"info-pp.serveousercontent.com/DE/user.html","fqdn":"info-pp.serveousercontent.com","domain":"serveousercontent.com","tld":"com"},"ip":{"addr":"5.255.123.12","port":443,"asn":60404,"as":"The Infrastructure Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T07:38:31.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"serveousercontent.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sat, 31 Jan 2026 00:00:00 GMT","end":"Fri, 01 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DB:25:E5:4B:48:F3:0B:67:2C:04:C0:07:65:8E:8D:EF:DA:03:C4:A4","sha256":"82:7A:2D:F9:9E:0A:09:69:07:C9:63:B7:C6:00:C7:56:22:78:D4:0B:65:3F:1C:F8:DB:38:DD:5B:34:4E:97:4B"}}},"request":{"raw":"GET /DE/user.html HTTP/1.1\r\nHost: info-pp.serveousercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Sat, 28 Mar 2026 07:38:31 GMT\r\netag: \"176b-6490a6444e040-gzip\"\r\nlast-modified: Fri, 23 Jan 2026 09:00:41 GMT\r\nserver: Apache/2.4.52 (Ubuntu)\r\nvary: Accept-Encoding\r\ncontent-length: 2203\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.6.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PayPal","description":"PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders.","website":"https://paypal.com","common_platform_enumeration":"cpe:2.3:a:paypal:paypal:*:*:*:*:*:*:*:*","icon":"PayPal.svg","categories":["Payment processors"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5995,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"31276b6ec434c2cb7d2e8d31695d87c3","sha1":"f2ca94dcc042394a9fe1bdc85104ddf6325735f3","sha256":"c7804afadb692ed11450a5ae94d5b3bff9470ba806031231dd54473c17fb525a","sha512":"156def580d5f3b1f5f144c49f3e0f63309e2df78d6df538ddbcdc3c2b000df8bd88ebde90dad2c311e12cd38d984deef4302b60f39263d227ff22b8dd516f52d","ssdeep":"96:zb2NxdVw/sYTJgC1rTqXLO+EWeraMHQsuXuemdI+tdZCQaqwsyx3F:zb2N7esOJgC13qXLO+qrbcu7I+rZPoj","tlshash":"e0c1a62524f9a823a203c1a476e1b90a7ba6d50bcd4dc80079fc8aed1fd3ed78d9705d","first_seen":"2026-02-15T16:38:38.323199Z","last_seen":"2026-06-05T02:04:16.007204Z","times_seen":16,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"info-pp.serveousercontent.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"info-pp.serveousercontent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/pa/mi/paypal/latmconf.js","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:31.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /pa/mi/paypal/latmconf.js HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://info-pp.serveousercontent.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: W/\"698c0d52-3a83\"\r\npaypal-debug-id: c070eb74bc895\r\nlast-modified: Wed, 11 Feb 2026 05:02:10 GMT\r\ndc: ccg11-origin-www-1.paypal.com\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ncontent-type: application/javascript\r\ncontent-encoding: br\r\ncache-control: s-maxage=31536000, public,max-age=3600\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:31 GMT\r\nx-served-by: cache-sjc1000117-SJC, cache-sjc1000117-SJC, cache-hel1410028-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 123, 24685\r\nx-timer: S1774683512.844274,VS0,VE0\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: x-csrf-token\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 4179\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":14979,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14933)","md5":"631863ab8ed6c50daa1fd703d197a625","sha1":"9339b4de99a2e6703f5c94968ff48e96f762ffee","sha256":"cb38f20a4d9397b82dd2aeb0f432491c1eaead25cac7f197b6862d5066454cac","sha512":"664ed7ac392efa3cbf3bc225a025465c83c2c1b4e9d85e197f61307b2d21910cfb549117b52f6c1e6acfdbbe254e85208758ec88c774ea85999a188ff5a32e56","ssdeep":"384:xCLoqKvmwdkvwnxr4ux4Yv/z0odof69JtG:xCLo7vmwdkwxMux4o/Amof69JU","tlshash":"2d62fb4e6bfc9af61d7a52e693da3e0f58c451c3784393d975e8c82f20d64d6092703a","first_seen":"2026-02-14T01:01:19.032052Z","last_seen":"2026-04-22T14:48:41.640402Z","times_seen":267,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":80,"dns":40,"connect":13,"send":0,"wait":14,"receive":1,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:32.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /paypal-ui/fonts/PayPalSansBig-Medium.woff2 HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://info-pp.serveousercontent.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.paypalobjects.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-methods: GET\r\ndc: ccg11-origin-www-1.paypal.com\r\nlast-modified: Sat, 13 Feb 2021 00:27:06 GMT\r\netag: \"60271cda-484c\"\r\ncache-control: s-maxage=31536000, public,max-age=31536000\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ntraceparent: 00-00000000000000000000db6232dade43-47ecb18924d1a554-01\r\npaypal-debug-id: 0db6232dade43\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:32 GMT\r\nx-served-by: cache-sjc10046-SJC, cache-sjc1000128-SJC, cache-hel1410028-HEL\r\nx-cache: MISS, HIT, HIT\r\nx-cache-hits: 0, 1901, 13\r\nx-timer: S1774683512.077702,VS0,VE0\r\nvary: Accept-Encoding, Accept-Encoding\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\ncontent-type: application/font-woff2\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 18508\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18508,"size_decoded":0,"mime_type":"application/font-woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18508, version 1.6553","md5":"57518c06c06d691bd2def8d51db1f1c2","sha1":"dab349042885997d8d08db8dc38d0b4907635e2e","sha256":"2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1","sha512":"add8194e17bd226fb59146d9b179eee489ed4d28f33547bd2bd4b12111dc23f6ffa643095ea634e5ff0d7a34741e1629ae923cb22a46be713c0cb48dd6292c65","ssdeep":"384:2CwThU2DOoa0qtlhF8LswGpdJQl2/5UV3DkIIiLddV9NBQXNo0H:dwVzOoahl38LJG3GI6YGuec","tlshash":"c382d07cc58be139d808c3e85caf2d4b00e70dd08756e3966669e9c67e831306595ffa","first_seen":"2023-04-06T18:27:49Z","last_seen":"2026-06-05T02:04:16.001499Z","times_seen":1007,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.paypalobjects.com/webstatic/icon/pp64.png","fqdn":"www.paypalobjects.com","domain":"paypalobjects.com","tld":"com"},"ip":{"addr":"151.101.67.1","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://info-pp.serveousercontent.com/DE/user.html","date":"2026-03-28T07:38:32.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.paypalobjects.com","organization":"PayPal, Inc."},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C5:00:18:97:B9:56:2D:A2:02:A9:4D:5F:A6:BD:CF:EE:71:7F:9C:70","sha256":"64:BB:91:23:34:C5:83:1C:FA:85:2C:6D:1A:14:E6:E1:AB:9D:84:06:AE:2E:45:D4:68:B7:F4:BD:6B:F2:50:A2"}}},"request":{"raw":"GET /webstatic/icon/pp64.png HTTP/1.1\r\nHost: www.paypalobjects.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://info-pp.serveousercontent.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: s-maxage=31536000, public,max-age=3600\r\ncontent-type: image/png\r\ndc: ccg11-origin-www-1.paypal.com\r\netag: \"BBNvPbdpaauRT+iiW9NBzqhT2loQNLSTf5XNX6l5j+0\"\r\nfastly-io-info: ifsz=4518 idim=64x64 ifmt=png ofsz=1745 odim=64x64 ofmt=png\r\nfastly-io-served-by: vpop-haf2300710\r\nfastly-stats: io=1\r\npaypal-debug-id: 0f5f6e993c8b0\r\ntiming-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com\r\ntraceparent: 00-00000000000000000000f5f6e993c8b0-650e241dd9d14c9b-01\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 28 Mar 2026 07:38:32 GMT\r\nx-served-by: cache-sjc10060-SJC, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 2628, 1746\r\nx-timer: S1774683512.102486,VS0,VE0\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\nstrict-transport-security: max-age=31557600\r\ncontent-length: 1745\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced","md5":"de1ba89339f0a1addf3aaa930cd3e461","sha1":"d29ffd216b865aa95798758aaccbed3a654139c3","sha256":"af0887bb94e12e0bfc49f20335693e68b43c993885d6f1cf95d3830ce88565c0","sha512":"f8312fbcec0f22a952d1d2f8d22f092c993bb5126cb5545f11300b8322574828554510de05be9226a2ea174066f89bc84bea0a89ba42290a3004d2281742fe49","ssdeep":"","tlshash":"80310830b0f9301003518879956fab4f95772e9243535711aad9eb40316c17dde997e2","first_seen":"2023-05-08T19:27:30Z","last_seen":"2026-06-05T02:04:16.00654Z","times_seen":378,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pp-info.com/","fqdn":"pp-info.com","domain":"pp-info.com","tld":"com"},"ip":{"addr":"217.160.0.167","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T07:38:28.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pp-info.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 28 Mar 2026 00:00:00 GMT","end":"Thu, 24 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"FA:A3:ED:79:05:BB:31:84:D7:90:17:36:E9:5E:5D:7D:C9:3F:6C:B2","sha256":"13:3B:16:7D:AF:E0:CC:7E:23:1F:95:4D:D9:30:65:46:AD:64:CF:A8:E5:3D:2C:45:25:7A:D0:34:DE:DB:83:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pp-info.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html\r\ncontent-length: 0\r\nlocation: https://info-pp.serveousercontent.com/DE/\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 999\r\ndate: Sat, 28 Mar 2026 07:38:28 GMT\r\nserver: Apache\r\ncache-control: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5995,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T11:34:21.534624Z","times_seen":16238222,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":235,"dns":61,"connect":33,"send":0,"wait":60,"receive":0,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}