www.paypal.com Open in urlscan Pro
104.111.228.123  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.billmelater.com/cm/paypal/landers/18ppcTERMS.html?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=b8c56aca-b5c6-11ec-ab71-3cfdfef08bad&ppid=RT000238&cnac=US&rsta=en_US%28en-US%29&cust=FSL7UVFJ66Q5L&unptid=b8c56aca-b5c6-11ec-ab71-3cfdfef08bad&calc=f501198f02362&unp_tpcid=invoice-buyer-notification&page=main%3Aemail%3ART000238&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.82.0&xt=104038 Page URL
2. https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	18ppcTERMS.html Show response www.billmelater.com/cm/paypal/landers/	181 B 574 B	734ms 152ms	Document text/html	208.76.140.143 BMLCORP
General Check archive.org Show headers Download Go to Full URL https://www.billmelater.com/cm/paypal/landers/18ppcTERMS.html?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=b8c56aca-b5c6-11ec-ab71-3cfdfef08bad&ppid=RT000238&cnac=US&rsta=en_US%28en-US%29&cust=FSL7UVFJ66Q5L&unptid=b8c56aca-b5c6-11ec-ab71-3cfdfef08bad&calc=f501198f02362&unp_tpcid=invoice-buyer-notification&page=main%3Aemail%3ART000238&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.82.0&xt=104038 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.76.140.143 , United States, ASN30393 (BMLCORP, US), Reverse DNS Software Apache / Resource Hash c76564555c7629829c5a301788e3db5753608b83feac5304e897d133727ec983 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 158 Content-Type text/html Date Sat, 09 Apr 2022 21:08:22 GMT Keep-Alive timeout=15, max=100 Last-Modified Mon, 26 Aug 2019 14:13:55 GMT Server Apache Strict-Transport-Security max-age=15552000; includeSubDomains Vary Accept-Encoding X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H2	200	Primary Request paypal-credit Show response www.paypal.com/us/webapps/mpp/terms/	93 KB 21 KB	834ms 805ms	Document text/html	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash f93444f4e22b3a07dabbb010894d69831e0f07df269ab1999a9d6278ec1bb34f Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-eP4wuNM+yxgGXcD6D+/P85S3qRwj8A0LR0cPzfy+oFSAcdHs' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.billmelater.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding gzip content-length 18789 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-eP4wuNM+yxgGXcD6D+/P85S3qRwj8A0LR0cPzfy+oFSAcdHs' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-type text/html; charset=utf-8 date Sat, 09 Apr 2022 21:08:23 GMT dc ccg11-origin-www-1.paypal.com etag W/"171b8-K94/CP14TggxhYwQQSNdNZ9riUI" paypal-debug-id ac58ffc3cf946 server-timing content-encoding;desc="",x-cdn;desc="akamai" strict-transport-security max-age=63072000 vary Accept-Encoding x-content-type-options nosniff x-edgeconnect-midmile-rtt 141 x-edgeconnect-origin-mex-latency 478 x-xss-protection 1; mode=block
GET H2	200	ngrlCaptcha.min.js Show response www.paypalobjects.com/webcaptcha/	22 KB 7 KB	18ms 17ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 06 Apr 2022 10:20:48 GMT etag W/"624d6980-5940" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 79a9c99493c57 cache-control s-maxage=31536000, public,max-age=3600 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 6711
GET H2	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	32ms 7ms	Font application/font-woff2	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sat, 09 Apr 2022 21:08:23 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 03:38:51 GMT cache-control s-maxage=31536000, public,max-age=3600 etag "5a66ae4b-4790" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id 9b05cf6fc13a3 strict-transport-security max-age=31536000 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 18320
GET H2	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	38ms 13ms	Font application/font-woff2	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 02:50:53 GMT cache-control public,max-age=3600 etag "5a66a30d-47b8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id b24478a9fb000 strict-transport-security max-age=31536000 accept-ranges bytes dc slc-b-origin-www-1.paypal.com content-length 18360
GET H2	200	83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css www.paypalobjects.com/marketing-resources/css/b6/	330 KB 52 KB	8ms 7ms	Stylesheet text/css	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 18 Nov 2021 13:50:46 GMT etag W/"61965a36-528df" vary Accept-Encoding content-type text/css paypal-debug-id 7619f4ba8050f cache-control public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 52621
GET H2	200	react-17_0_1-bundle.js Show response www.paypalobjects.com/marketing-resources/vendors/	132 KB 44 KB	15ms 15ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Feb 2021 21:58:19 GMT etag W/"603428fb-20ee8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id acb44d8c9d3c0 cache-control public,max-age=3600 strict-transport-security max-age=31536000 dc slc-b-origin-www-2.paypal.com content-length 44545
GET H2	200	pa.js Show response www.paypalobjects.com/pa/js/min/	54 KB 21 KB	14ms 14ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/js/min/pa.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id f2108a7e8f1c dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 21236 last-modified Tue, 05 Apr 2022 03:09:40 GMT etag W/"624bb2f4-d8fc" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	open-chat.js Show response www.paypalobjects.com/helpcenter/smartchat/sales/v1/	1 KB 1 KB	7ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:19:40 GMT cache-control public,max-age=3600 etag W/"60271b1c-5bf" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript access-control-allow-origin * paypal-debug-id a03bdbb9fac55 strict-transport-security max-age=31536000 dc slc-b-origin-www-3.paypal.com content-length 779
GET H2	200	marketingIntentsV2.js Show response www.paypalobjects.com/activation/js/	554 B 667 B	8ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/activation/js/marketingIntentsV2.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 12 Feb 2021 23:55:13 GMT etag W/"60271561-22a" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id d68b9535cb136 cache-control public, max-age=86400 strict-transport-security max-age=31536000 dc ccg11-origin-www-2.paypal.com content-length 365 expires Sun, 10 Apr 2022 21:08:23 GMT
GET H2	200	recaptchav3.js Show response www.paypal.com/auth/createchallenge/656eba42a5e72d6a/	10 KB 12 KB	278ms 278ms	Script text/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/auth/createchallenge/656eba42a5e72d6a/recaptchav3.js?_sessionID=qyRRyDqCZfAVntNO1ryrDZugraQNdRww Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash fdbb6915c8e243dcabad46e30d54f1aaf7b374390cf310e55c5945ba0a0a70dc Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-iRuoMmMzhlf42Uj7/xA48igRGYnIRA+yCU1IAzcEWFKV82xZ' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 109 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-iRuoMmMzhlf42Uj7/xA48igRGYnIRA+yCU1IAzcEWFKV82xZ' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; x-content-type-options nosniff x-edgeconnect-midmile-rtt 141 etag W/"2712-WngkIuDPdgG8wJGfKsF4UpM4Uzk" strict-transport-security max-age=63072000 content-type text/javascript; charset=utf-8 paypal-debug-id aa53e2e3c12b0 cache-control max-age=0, no-cache, no-store, must-revalidate date Sat, 09 Apr 2022 21:08:23 GMT server-timing content-encoding;desc="",x-cdn;desc="akamai" dc ccg11-origin-www-1.paypal.com content-length 10002 x-xss-protection 1; mode=block
GET H2	200	latmconf.js Show response www.paypalobjects.com/pa/mi/	134 KB 26 KB	8ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/mi/latmconf.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 7e7b4b501d068e088552d6d8863ac9bc876928912e6cf074e18762d2866d6da5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 10dc8604f17f6 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 26313 last-modified Tue, 05 Apr 2022 03:09:40 GMT etag W/"624bb2f4-216f7" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	eligibility Show response www.paypal.com/smartchat/open/	1 KB 3 KB	277ms 276ms	XHR application/json	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/webapps/mpp/terms/paypal-credit Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 8219a62ad61edcc965536b9c5583355eec82d222ca96d5d5b931412bcb11dd79 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-FY4HILPeRrrzEQvz3LnSH9DacxtUjBs18ytV7Duf0tjKgT0a' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com; Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 102 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-FY4HILPeRrrzEQvz3LnSH9DacxtUjBs18ytV7Duf0tjKgT0a' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com; x-content-type-options nosniff x-edgeconnect-midmile-rtt 141 etag W/"561-hCvF2v0Bbka18jDT7CZ/m2m4BAc" strict-transport-security max-age=63072000 content-type application/json; charset=utf-8 paypal-debug-id a97165397877b cache-control max-age=0, no-cache, no-store, must-revalidate date Sat, 09 Apr 2022 21:08:23 GMT server-timing content-encoding;desc="",x-cdn;desc="akamai" dc ccg11-origin-www-1.paypal.com content-length 1377 x-xss-protection 1; mode=block
GET H2	200	paypal_credit_151x39.png www.paypalobjects.com/webstatic/mktg/bml/	1 KB 2 KB	12ms 12ms	Image image/png	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/bml/paypal_credit_151x39.png Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 820337bc88625d830f30cf33df8f6db9355714867ba209ce89cdf559abe7b905 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT x-content-type-options nosniff x-check-cacheable YES x-serial 1304 etag "53c55d4a-bc9" strict-transport-security max-age=31536000 content-type image/png cache-control private, no-transform, max-age=43200 last-modified Mon, 04 Apr 2022 04:44:10 GMT content-length 1460 server Akamai Image Manager expires Sun, 10 Apr 2022 09:08:23 GMT
GET H2	200	blue-bg.jpg www.paypalobjects.com/digitalassets/c/NA/web/canvas/terms/paypal-credit/	4 KB 5 KB	13ms 13ms	Image image/webp	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/digitalassets/c/NA/web/canvas/terms/paypal-credit/blue-bg.jpg Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash b402446bdab1a13ab90c5eb0d8aa47a15cf9e42cfe67e15358c0d45f4d8a03b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT x-content-type-options nosniff x-check-cacheable YES x-serial 591 etag "AWKxJ1fv4gUzL0GkiFc2nPsQ43+9YvlBhRulgwGl6gg" strict-transport-security max-age=31536000 content-type image/webp cache-control private, no-transform, max-age=43200 last-modified Sat, 26 Feb 2022 04:25:23 GMT content-length 4364 server Akamai Image Manager expires Sun, 10 Apr 2022 09:08:23 GMT
GET H2	200	OrchestratorMain.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	7 KB 4 KB	7ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id c8f16ea4b97d0 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 3329 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-1d47" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	12.2e4d3453d92fa382c1f6.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	56 KB 16 KB	7ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 8e8c6612c5f02 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 16285 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-e017" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
POST H2	200	Targeting.php Show response zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/	100 KB 8 KB	300ms 265ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b3f7de6fe3b20997b723e5ed699b0fb31dbc3c660b7655a628b55ae098355f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * referrer-policy strict-origin-when-cross-origin server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://www.paypal.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true trace-id 5461c49a25b4fcf1 cf-ray 6f9637c089219a2f-FRA
GET H2	200	ts t.paypal.com/	42 B 769 B	206ms 175ms	Image image/gif	151.101.193.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649538503761&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=ac58ffc3cf946&nsid=qyRRyDqCZfAVntNO1ryrDZugraQNdRww&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=d7737044936d49dbb4632e0a67459ac2&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104759%2C104406%2C104407&xt=120840%2C119036%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v3a&bannersource=ConsentNodeServ&eligibility_reason=false&is_native=false&cookie_disabled=false&e=ac Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id debeb2ea3a1b9 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4025-HHN pragma no-cache x-timer S1649538504.797086,VS0,VE167 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sat, 09 Apr 2022 21:08:23 GMT
GET H2	200	grcenterprise_v3.html Show response www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/ Frame 7140	4 KB 2 KB	8ms 7ms	Document text/html	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html Requested by Host: www.paypal.com URL: https://www.paypal.com/auth/createchallenge/656eba42a5e72d6a/recaptchav3.js?_sessionID=qyRRyDqCZfAVntNO1ryrDZugraQNdRww Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=31536000, s-maxage=31536000 content-encoding gzip content-length 1555 content-type text/html date Sat, 09 Apr 2022 21:08:23 GMT dc ccg11-origin-www-1.paypal.com etag W/"62298aca-fb6" expires Sun, 09 Apr 2023 21:08:23 GMT last-modified Thu, 10 Mar 2022 05:21:14 GMT paypal-debug-id 6b65492dcf01b strict-transport-security max-age=31536000 surrogate-control max-age=31536000 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com vary Accept-Encoding x-content-type-options nosniff
GET H2	200	enterprise.js Show response www.recaptcha.net/recaptcha/ Frame 7140	977 B 1 KB	135ms 48ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 37a96388d229b4876d498e49cf6f3700810bfdcefc383aa58dcc26ed55a45c69 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypalobjects.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 619 x-xss-protection 1; mode=block expires Sat, 09 Apr 2022 21:08:23 GMT
GET H2	200	8a8b1b936f8eafc2b260434d8e8b442df66eac.js Show response www.paypalobjects.com/marketing-resources/js/80/	463 KB 126 KB	9ms 9ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/js/80/8a8b1b936f8eafc2b260434d8e8b442df66eac.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash bd94117222940d1e271088d2330c929d3c20bf73a3267abf7eb9e6803ae0b7b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sat, 09 Apr 2022 21:08:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 31 Mar 2022 12:20:57 GMT etag W/"62459ca9-73ad0" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 25aa7eb7952b9 cache-control s-maxage=31536000, public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 128196
GET H2	200	CoreModule.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	100 KB 30 KB	8ms 8ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id fdfc59d43ee6b dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 30223 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-190b6" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 7140	359 KB 142 KB	119ms 37ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paypalobjects.com/ Origin https://www.paypalobjects.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 04 Apr 2022 18:44:31 GMT content-encoding gzip x-content-type-options nosniff age 440633 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144472 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Apr 2023 18:44:31 GMT
GET H2	200	4.bee7caf079144a7b9980.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	2 KB 2 KB	7ms 7ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id fbe92a6a1e8f7 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 1231 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-9ed" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	1.1303dc17a61da0f506d3.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	29 KB 7 KB	8ms 8ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 5dada05555734 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 6602 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-7257" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	17.0e47ac923c1fa85e46cf.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	19 KB 8 KB	9ms 9ms	Script application/javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id ce25f6f2d3865 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 7762 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-4a99" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	anchor Show response www.recaptcha.net/recaptcha/enterprise/ Frame 0119	42 KB 22 KB	56ms 55ms	Document text/html	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash aeec0dafec0a15eed1dd7e8f449807963dd5078f6cd51f0229b15f1ea27fe2a5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2V3QZwcni8t5U92WSIZagg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypalobjects.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22055 content-security-policy script-src 'report-sample' 'nonce-2V3QZwcni8t5U92WSIZagg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 09 Apr 2022 21:08:24 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 0119	51 KB 24 KB	87ms 39ms	Stylesheet text/css	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 13:37:12 GMT content-encoding gzip x-content-type-options nosniff age 113472 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 08 Apr 2023 13:37:12 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 0119	359 KB 141 KB	105ms 58ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 04 Apr 2022 18:44:31 GMT content-encoding gzip x-content-type-options nosniff age 440633 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144472 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 04 Apr 2023 18:44:31 GMT
GET H2	200	ts t.paypal.com/	42 B 494 B	211ms 211ms	Image image/gif	151.101.193.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649538504527&g=0&pgrp=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&page=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit%3A%3A%3A&pgst=Unknown&calc=ac58ffc3cf946&nsid=qyRRyDqCZfAVntNO1ryrDZugraQNdRww&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=d7737044936d49dbb4632e0a67459ac2&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A29%2C%22t11%22%3A1570%2C%22tcp%22%3A931%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A329%7D&pt=PayPal%20Credit&ru=https%3A%2F%2Fwww.billmelater.com%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=29&t1c=29&t1d=7&t1s=15&t2=805&t3=1&t4d=0&t4=0&t4e=2&tt=1240&rdc=0&protocol=h2&cdn=akamai&res=%7B%7D&rtt=207 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT via 1.1 varnish fastly-original-body-size 0 x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id f3d0b0e041d59 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4025-HHN pragma no-cache x-timer S1649538505.531494,VS0,VE199 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sat, 09 Apr 2022 21:08:24 GMT
GET H3	200	webworker.js www.recaptcha.net/recaptcha/enterprise/ Frame 0119	102 B 132 B	49ms 48ms	Other text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110 x-xss-protection 1; mode=block expires Sat, 09 Apr 2022 21:08:24 GMT
POST H3	200	reload Show response www.recaptcha.net/recaptcha/enterprise/ Frame 0119	32 KB 18 KB	78ms 78ms	XHR application/json	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 83175e04da365463f0cb12107b7f00b00ec2c156c301f95fc83f63095f64c7f3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=dhxurmfwhzfb accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-protobuffer Response headers date Sat, 09 Apr 2022 21:08:24 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18891 x-xss-protection 1; mode=block expires Sat, 09 Apr 2022 21:08:24 GMT
POST H2	200	verifygrcenterprise Show response www.paypal.com/auth/	0 2 KB	240ms 239ms	XHR text/plain	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/auth/verifygrcenterprise Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-W8kBvTpCvmbFmJHWmyk+AlWnCwVf8St52rKjhpvCE277AsOy' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-edgeconnect-origin-mex-latency 81 content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-W8kBvTpCvmbFmJHWmyk+AlWnCwVf8St52rKjhpvCE277AsOy' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; x-content-type-options nosniff x-edgeconnect-midmile-rtt 141 date Sat, 09 Apr 2022 21:08:25 GMT strict-transport-security max-age=63072000 paypal-debug-id a29b709dcc76f cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="",x-cdn;desc="akamai" dc ccg11-origin-www-1.paypal.com content-length 0 x-xss-protection 1; mode=block
GET H2	200	ts t.paypal.com/	42 B 472 B	165ms 165ms	Image image/gif	151.101.193.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649538505528&g=0&pgrp=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&page=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit%3A%3A%3A&pgst=Unknown&calc=ac58ffc3cf946&nsid=qyRRyDqCZfAVntNO1ryrDZugraQNdRww&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=d7737044936d49dbb4632e0a67459ac2&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=211&t3=1&tt=212&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A0%2C%22t11%22%3A212%2C%22nt%22%3A%22res%22%7D&e=pf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 21:08:25 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 46f28f579b63b x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4025-HHN pragma no-cache x-timer S1649538506.536971,VS0,VE154 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sat, 09 Apr 2022 21:08:25 GMT

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| antiClickjack object| modelData function| bindGdprEvents object| dataLayer boolean| paypalADSInterceptorInjected object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| React object| ReactDOM function| t object| latmconf object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.64.1 function| hideGdprBanner function| showGdprBanner function| _0x4961 function| _0x1f11 function| openSalesChat object| PageBundle function| _ object| _qsie

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.recaptcha.net/recaptcha	1970-01-20 06:31:30	Name: _GRECAPTCHA Value: 09AGOGor9Ga2jFPeFGIIqhsGUXMTXyTUItufYtxktMOt0Um6rP6fg6C9RdGXNNxrSjT0XiLZgWNL7NfZqyxnJ9IvQ
			.paypal.com/	1970-01-20 10:57:54	Name: enforce_policy Value: ccpa
			.paypal.com/	1970-01-23 17:52:37	Name: cookie_check Value: yes
			.paypal.com/	1970-01-20 02:12:50	Name: LANG Value: en_US%3BUS
			www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AqyRRyDqCZfAVntNO1ryrDZugraQNdRww.VCns2pMVRT5Ih95U4F%2BRGz0i%2B3yj%2BDEe%2BQ4cADT%2FJjg
			.paypal.com/	1970-01-21 04:30:32	Name: ts_c Value: vr%3D102810c31800a7806070f883fd5ed47e%26vt%3D102810c31800a7806070f883fd5ed47d
			.paypal.com/	1970-01-20 02:12:20	Name: l7_az Value: dcg13.slc
			.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0OTUzODUwNTAyMyIsImwiOiIwIiwibSI6IjAifQ
			.paypal.com/	1970-01-20 02:16:37	Name: tsrce Value: authchallengenodeweb
			.paypal.com/	1970-01-21 04:30:32	Name: ts Value: vreXpYrS%3D1744232905%26vteXpYrS%3D1649540305%26vr%3D102810c31800a7806070f883fd5ed47e%26vt%3D102810c31800a7806070f883fd5ed47d%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.billmelater.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.111.228.123
104.17.209.240
151.101.193.35
208.76.140.143
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::2003
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21
37a96388d229b4876d498e49cf6f3700810bfdcefc383aa58dcc26ed55a45c69
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7e7b4b501d068e088552d6d8863ac9bc876928912e6cf074e18762d2866d6da5
820337bc88625d830f30cf33df8f6db9355714867ba209ce89cdf559abe7b905
8219a62ad61edcc965536b9c5583355eec82d222ca96d5d5b931412bcb11dd79
83175e04da365463f0cb12107b7f00b00ec2c156c301f95fc83f63095f64c7f3
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
92b3f7de6fe3b20997b723e5ed699b0fb31dbc3c660b7655a628b55ae098355f
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
aeec0dafec0a15eed1dd7e8f449807963dd5078f6cd51f0229b15f1ea27fe2a5
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b402446bdab1a13ab90c5eb0d8aa47a15cf9e42cfe67e15358c0d45f4d8a03b1
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
bd94117222940d1e271088d2330c929d3c20bf73a3267abf7eb9e6803ae0b7b3
c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584
c76564555c7629829c5a301788e3db5753608b83feac5304e897d133727ec983
d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a
dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f93444f4e22b3a07dabbb010894d69831e0f07df269ab1999a9d6278ec1bb34f
fdbb6915c8e243dcabad46e30d54f1aaf7b374390cf310e55c5945ba0a0a70dc