urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.1.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.paypal.com/policydashboard/process/compliance/pid/yyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwU...
Effective URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2Fy...
Submission: On September 30 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 5 domains to perform 75 HTTP transactions. The main IP is 151.101.1.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2907.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 10th 2025. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 151.101.1.21 54113 (FASTLY)
3 18.65.207.90 16509 (AMAZON-02)
1 27 151.101.3.1 54113 (FASTLY)
3 2600:1901:0:c... 396982 (GOOGLE-CL...)
1 151.101.131.1 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
4 151.101.129.21 54113 (FASTLY)
1 2a04:4e42:600... 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
1 2 34.84.160.32 396982 (GOOGLE-CL...)
3 172.217.175.3 15169 (GOOGLE)
2 142.251.222.3 15169 (GOOGLE)
3 142.250.196.131 15169 (GOOGLE)
1 34.149.66.134 396982 (GOOGLE-CL...)
75 15
24    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
c.paypal.com
3    18.65.207.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-90.nrt57.r.cloudfront.net
ddbm2.paypal.com
27    151.101.3.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
paypalobjects.com
t.paypal.com
3    2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
browser-intake-us5-datadoghq.com
1    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
c.paypal.com
1    2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
1    2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    34.84.160.32 (Tokyo, Japan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.160.84.34.bc.googleusercontent.com
b.stats.paypal.com
hnd.stats.paypal.com
3    172.217.175.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f3.1e100.net
www.gstatic.com
2    142.251.222.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f3.1e100.net
fonts.gstatic.com
3    142.250.196.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f3.1e100.net
www.recaptcha.net
1    34.149.66.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.66.149.34.bc.googleusercontent.com
browser-intake-us5-datadoghq.com
Apex Domain
Subdomains		 Transfer
38 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2907
ddbm2.paypal.com — Cisco Umbrella Rank: 20336
t.paypal.com — Cisco Umbrella Rank: 10799
c.paypal.com — Cisco Umbrella Rank: 8489
c6.paypal.com — Cisco Umbrella Rank: 10775
b.stats.paypal.com — Cisco Umbrella Rank: 6614
hnd.stats.paypal.com — Cisco Umbrella Rank: 149107
170 KB
24 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 3052
paypalobjects.com — Cisco Umbrella Rank: 3027
480 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
756 KB
5 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1200
66 KB
4 browser-intake-us5-datadoghq.com
browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6996
686 B
75 5
Domain Requested by
23 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
c.paypal.com
19 www.paypal.com 1 redirects ddbm2.paypal.com
9 c.paypal.com www.paypalobjects.com
ddbm2.paypal.com
5 www.recaptcha.net www.paypalobjects.com
www.gstatic.com
4 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 browser-intake-us5-datadoghq.com ddbm2.paypal.com
4 t.paypal.com www.paypalobjects.com
ddbm2.paypal.com
3 ddbm2.paypal.com www.paypal.com
ddbm2.paypal.com
2 fonts.gstatic.com www.recaptcha.net
1 hnd.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 c6.paypal.com
1 paypalobjects.com 1 redirects
75 13

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2025-01-10 -
2026-01-09		 a year crt.sh
ddbm.paypal.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-07-14 -
2026-08-14		 a year crt.sh
www.paypalobjects.com
DigiCert EV RSA CA G2		 2025-06-17 -
2026-06-16		 a year crt.sh
t.paypal.com
DigiCert EV RSA CA G2		 2025-05-13 -
2026-05-12		 a year crt.sh
*.browser-intake-us5-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-28 -
2026-05-03		 a year crt.sh
misc.google.com
WR2		 2025-09-08 -
2025-12-01		 3 months crt.sh
*.gstatic.com
WR2		 2025-09-08 -
2025-12-01		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Frame ID: 237EC4A3F96EA982CE39C0C57AA86D1C
Requests: 56 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 10B64183F2E184308197BD7629F8405C
Requests: 4 HTTP requests in this frame

Frame: https://hnd.stats.paypal.com/v1/counter2.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg
Frame ID: EAAD09022E31C1F9837CE5614104FC67
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Frame ID: 879BA650F09E4E236CCC5089FF89841C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPalアカウントへのログイン

Page URL History Show full URLs

  1. https://www.paypal.com/policydashboard/process/compliance/pid/yyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQ... HTTP 302
    https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

75
Requests

96 %
HTTPS

29 %
IPv6

5
Domains

13
Subdomains

15
IPs

3
Countries

1467 kB
Transfer

4014 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.paypal.com/policydashboard/process/compliance/pid/yyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT003103&utm_unptid=4d8aa4e0-9596-11f0-859a-012211cc238c&ppid=RT003103&cnac=JP&rsta=ja_JP%28ja-JP%29&cust=MWRY6CZTB4Y52&unptid=4d8aa4e0-9596-11f0-859a-012211cc238c&calc=dc20bca53eec8&unp_tpcid=jp_mdc_enforcement_email&page=main%3Aemail%3ART003103&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.357.0&tenant_name=PAYPAL&xt=145585%2C154413%2C104038&link_ref=pid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a HTTP 302
    https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js HTTP 301
  • https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
Request Chain 49
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg HTTP 302
  • https://hnd.stats.paypal.com/v1/counter2.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
www.paypal.com/
Redirect Chain
  • https://www.paypal.com/policydashboard/process/compliance/pid/yyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A?v=1&utm_source=unp&utm_medium=email&utm_campaign...
  • https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N...
40 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cfe487d5bf15c2087e4081762fe78765230046f40a0f35e913246b21b59221e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xaG5MOTbnGAPSE9HmBrHYHO3hNvvGYCj4Zm7r84t48zG+/jG' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xaG5MOTbnGAPSE9HmBrHYHO3hNvvGYCj4Zm7r84t48zG+/jG' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Tue, 30 Sep 2025 02:58:29 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"9b37-+G6QC6oHpmJXMPf8fpUgR/ADVoA"
fastly-restarts
1
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f885748c1cdad
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f885748c1cdad-760ef8179e0437c0-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
x-content-type-options
nosniff
x-datadome
protected
x-frame-options
SAMEORIGIN
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-timer
S1759201109.222939,VS0,VS0,VE462
x-xss-protection
1; mode=block

Redirect headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
853
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EJOoxSiKy73LSTRsdOhqOG177ANR6EhZYWqZU6zjBOd9Cw0H' 'self' 'wasm-unsafe-eval' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src 'self' * data:; object-src 'none'; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com https://browser-intake-us5-datadoghq.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; report-uri https://browser-intake-us5-datadoghq.com/api/v2/logs?dd-api-key=pub76aa9605f2f8e0615d36b1980b2fb9b9&dd-evp-origin=content-security-policy&ddsource=csp-report; worker-src 'self' blob:; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Tue, 30 Sep 2025 02:58:29 GMT
dc
ccg11-origin-www-1.paypal.com
location
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f8857486620c6
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f8857486620c6-180f4c45e9b76415-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-timer
S1759201109.037565,VS0,VE181
x-xss-protection
1; mode=block
tags.js
ddbm2.paypal.com/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddbm2.paypal.com/tags.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-90.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5fc6078f600457f7fc9c8d6847b6a950015293a1e9523714d24b80d9fdf615
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

content-encoding
br
x-amz-version-id
pFEQE0vd4tlhXNoORmHNYa7QMf1.ZzFq
etag
W/"6435cfc530bc255d7f90d849b476632b"
age
1363
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ZPGcYgYhNddd47SyLVdV_oQNFjgi7w-DMv69L8F3SFyXA8QUCyfnxA==
date
Tue, 30 Sep 2025 02:35:47 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Mon, 25 Aug 2025 14:22:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 d4169a37b01a6f9ada4a6214a01dbdb2.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
6b2f13490e41b
content-encoding
br
etag
W/"6697f682-5a55"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-00000000000000000006b2f13490e41b-6252366e521d59ae-01
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 17 Jul 2024 16:51:14 GMT
content-type
application/javascript
x-served-by
cache-sjc1000125-SJC, cache-sjc10023-SJC, cache-tyo11960-TYO
x-cache-hits
0, 49, 5463
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
vary
Accept-Encoding, Accept-Encoding
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.746882,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6477
contextualLoginElementalUIv5_1.css
www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/ 		213 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
63fa8b5450ae0f8dc175f82b324edc0f8826b4d606baa82986e5bc40984dc169
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
901a738516656
content-encoding
br
etag
W/"68d385a7-3550a"
x-content-type-options
nosniff
access-control-allow-methods
GET
expires
Thu, 24 Sep 2026 06:11:13 GMT
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
text/css
last-modified
Wed, 24 Sep 2025 05:46:15 GMT
x-served-by
cache-sjc10063-SJC, cache-sjc10033-SJC, cache-tyo11960-TYO
x-cache-hits
0, 14, 2424
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
vary
Accept-Encoding, Accept-Encoding
cache-control
max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.746903,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
31443
modernizr-2.6.1.js
www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/lib/modernizr-2.6.1.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
23662314eb7ef
content-encoding
br
etag
W/"68d385bd-edf"
x-content-type-options
nosniff
access-control-allow-methods
GET
expires
Thu, 24 Sep 2026 06:11:13 GMT
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
application/javascript
last-modified
Wed, 24 Sep 2025 05:46:37 GMT
x-served-by
cache-sjc1000142-SJC, cache-sjc1000142-SJC, cache-tyo11960-TYO
x-cache-hits
0, 21, 2412
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.746755,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1635
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

fastly-io-info
ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
paypal-debug-id
21ccfda19d674
etag
"juRbjo28Q9q7Ca+T2l9coQ3XNXGGGPrTLd30UBTHy+M"
x-content-type-options
nosniff
traceparent
00-000000000000000000021ccfda19d674-94cdccbf21580c30-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
image/png
x-served-by
cache-sjc10049-SJC, cache-tyo11960-TYO
x-cache-hits
6287, 3294
fastly-stats
io=1
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.746773,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1238
fastly-io-served-by
vpop-haf2300710
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

fastly-io-info
ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
paypal-debug-id
016e0ab1747d7
etag
"06e7g2A2uh9gOtrAR/AAX1pvXevadwBfhbhh/bNOQEI"
x-content-type-options
nosniff
traceparent
00-0000000000000000000016e0ab1747d7-a53362588b87ad4b-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
image/png
x-served-by
cache-sjc1000122-SJC, cache-tyo11960-TYO
x-cache-hits
816, 3294
fastly-stats
io=1
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.747413,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1709
fastly-io-served-by
vpop-haf2300707
index.js
www.paypalobjects.com/ae/0.16.0/atomic-events-dom/
Redirect Chain
  • https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
  • https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
4ec5db9f5bb7f
content-encoding
br
etag
W/"67044f43-695c"
x-content-type-options
nosniff
traceparent
00-00000000000000000004ec5db9f5bb7f-2e90af2e2d7562a4-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 21:14:43 GMT
x-served-by
cache-sjc1000136-SJC, cache-tyo11960-TYO
x-cache-hits
122, 4648
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.801920,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
7699

Redirect headers

strict-transport-security
max-age=300
cache-control
max-age=86400
retry-after
0
location
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
x-timer
S1759201110.775807,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
0
date
Tue, 30 Sep 2025 02:58:29 GMT
x-served-by
cache-tyo11966-TYO
server
Varnish
x-cache-hits
0
fn-sync-telemetry-min.js
www.paypalobjects.com/rdaAssets/fraudnet/sync/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/rdaAssets/fraudnet/sync/fn-sync-telemetry-min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f3802a3a58d849d9b0950c807ac3705131bf34d647be4f61d5679b93402ca2d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
4ce925b21631c
content-encoding
br
etag
W/"6786ddcf-1e1f"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-00000000000000000004ce925b21631c-e24d800f1a80d3f6-01
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Tue, 14 Jan 2025 21:57:35 GMT
content-type
application/javascript
x-served-by
cache-sjc10070-SJC, cache-sjc10059-SJC, cache-tyo11960-TYO
x-cache-hits
0, 64, 4542
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.757610,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
3157
signin-split.js
www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/ 		539 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/signin-split.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a78a03e5edb717100c8d821973c15f75391f2177a14ee46921e86f276dba720
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
676c74aea17b9
content-encoding
br
etag
W/"68d385b8-86aac"
x-content-type-options
nosniff
access-control-allow-methods
GET
expires
Thu, 24 Sep 2026 06:11:49 GMT
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 24 Sep 2025 05:46:32 GMT
content-type
application/javascript
x-served-by
cache-sjc1000098-SJC, cache-sjc1000134-SJC, cache-tyo11960-TYO
x-cache-hits
0, 9, 82
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.767367,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98638
pa.js
www.paypalobjects.com/pa/js/min/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fae4b858a4efba7ef920a6fda59d4207224ec488e49e16c73ec013b8daf89370
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
4b5b5cccc08c1
content-encoding
br
etag
W/"68ca9d13-1169e"
x-content-type-options
nosniff
access-control-allow-methods
GET
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 17 Sep 2025 11:35:47 GMT
content-type
application/javascript
x-served-by
cache-sjc10061-SJC, cache-sjc1000121-SJC, cache-tyo11960-TYO
x-cache-hits
0, 45, 10659
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.767642,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
25091
datadog-rum.js
www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/lib/ 		159 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/lib/datadog-rum.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
9b4dfae6d4842
content-encoding
br
etag
W/"68d385bd-27b83"
x-content-type-options
nosniff
access-control-allow-methods
GET
expires
Thu, 24 Sep 2026 06:11:49 GMT
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 24 Sep 2025 05:46:37 GMT
content-type
application/javascript
x-served-by
cache-sjc10033-SJC, cache-sjc10063-SJC, cache-tyo11960-TYO
x-cache-hits
0, 54, 121
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.767639,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
51008
grcenterprise_v3_static.js
www.paypalobjects.com/webcaptcha/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3628ea791958b87da4e82ac9a0f85295b784ea0b3da83c160d70d0375474e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
c0e78701b71e3
content-encoding
br
etag
W/"68517ed9-186c"
x-content-type-options
nosniff
traceparent
00-0000000000000000000c0e78701b71e3-c2d86de52b49b1f0-01
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
application/javascript
last-modified
Tue, 17 Jun 2025 14:42:33 GMT
x-served-by
cache-sjc10072-SJC, cache-sjc10072-SJC, cache-tyo11960-TYO
x-cache-hits
0, 23, 5163
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.768320,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1697
paypal-wordmark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-wordmark-color.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f766ba6d9471acc787c0808b8c30f38494d12b287ccfb2ff610fd617cfa2a432
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css

Response headers

paypal-debug-id
780ca39fb8a76
content-encoding
br
etag
W/"67da3cd6-8f3"
x-content-type-options
nosniff
traceparent
00-0000000000000000000780ca39fb8a76-4f8218932f6ef34b-01
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
image/svg+xml
last-modified
Wed, 19 Mar 2025 03:41:10 GMT
x-served-by
cache-sjc10072-SJC, cache-sjc10041-SJC, cache-tyo11960-TYO
x-cache-hits
0, 49, 3503
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.770668,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
756
PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css

Response headers

paypal-debug-id
8fbad4c92aa14
content-encoding
br
etag
W/"6298f2c0-6b41"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-00000000000000000008fbad4c92aa14-48aed997ab0f15f6-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
x-served-by
cache-sjc1000091-SJC, cache-tyo11944-TYO
x-cache-hits
53, 3709
content-type
application/font-woff2
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.796482,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27453
PayPalOpen-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/css/contextualLoginElementalUIv5_1.css

Response headers

paypal-debug-id
c090d0cdf4d88
etag
"65a04ab6-6bf1"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-0000000000000000000c090d0cdf4d88-ac9f9210efafd7ee-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Thu, 11 Jan 2024 20:08:22 GMT
x-served-by
cache-sjc1000099-SJC, cache-tyo11944-TYO
x-cache-hits
667, 2623
content-type
application/font-woff2
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.796203,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27633
mktgtagmanager.js
www.paypalobjects.com/martech/tm/paypal/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21dac7841ff8ec6064185eed4ad7ccfb8396a393c7cf07cd2aea86962a4d43ae
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
9e83f7d32f114
content-encoding
br
etag
W/"68427e47-3e8b"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-00000000000000000009e83f7d32f114-e2ba6f3d8cc00338-01
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Fri, 06 Jun 2025 05:36:07 GMT
content-type
application/javascript
x-served-by
cache-sjc10061-SJC, cache-sjc10061-SJC, cache-tyo11944-TYO
x-cache-hits
0, 4, 5170
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
vary
Accept-Encoding, Accept-Encoding
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.841900,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6233
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9da4fa1be691c9a8b169563a5417d750b59488b7f0dcd72e4ec8335a32e6127
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
f9f36d256a62b
content-encoding
br
etag
W/"68ca9d13-3cc2"
x-content-type-options
nosniff
access-control-allow-methods
GET
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 17 Sep 2025 11:35:47 GMT
content-type
application/javascript
x-served-by
cache-sjc1000117-SJC, cache-sjc1000117-SJC, cache-tyo11944-TYO
x-cache-hits
0, 34, 9586
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.841794,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
4225
ts
t.paypal.com/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/ts?v=1.10.0&t=1759201109843&g=-540&e=ac&tsrce=unp&ppid=RT003103&space_key=SKCPAD&state=%3Fv%3D1&utm_source=unp&utm_medium=email&utm_campaign=RT003103&utm_unptid=4d8aa4e0-9596-11f0-859a-012211cc238c&cnac=JP&rsta=ja_JP(ja-JP)&cust=MWRY6CZTB4Y52&unptid=4d8aa4e0-9596-11f0-859a-012211cc238c&calc=dc20bca53eec8&unp_tpcid=jp_mdc_enforcement_email&page=main%3Aemail%3ART003103&pgrp=main%3Aemail&s=ci&mail=sys&appVersion=1.357.0&tenant_name=PAYPAL&xt=145585%2C154413%2C104038&link_ref=pid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a&event_name=external_deep_link_processed
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
aec6c6387f53c
correlation-id
aec6c6387f53c
expires
Tue, 30 Sep 2025 02:58:30 GMT
server-timing
"traceparent;desc="00-0000000000000000000aec6c6387f53c-b8f4152d3315f941-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
image/gif
x-served-by
cache-nrt-rjtt7900085-NRT, cache-nrt-rjtt7900085-NRT, cache-tyo11926-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1759201110.914878,VS0,VE157
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=fd46098e-4fef-4d98-9c1a-be331d6150e0&batch_time=1759201109922
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
698810259f72a824738856c9f7d25961b732d6f506b1d2da215c08f13127f55e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
application/json
dd-request-id
fd46098e-4fef-4d98-9c1a-be331d6150e0
grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame 10B6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1de7dce113e00547082b160c7e6e08e329e081d6afc572ee8cce1105b05f2645
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
br
content-length
1880
content-type
text/html
date
Tue, 30 Sep 2025 02:58:29 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6633898b-19bd"
last-modified
Thu, 02 May 2024 12:39:39 GMT
paypal-debug-id
8332d960ede6a
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000008332d960ede6a-9230739c4c911c0b-01
vary
Accept-Encoding, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1620, 3812
x-content-type-options
nosniff
x-served-by
cache-sjc10035-SJC, cache-tyo11956-TYO
x-timer
S1759201110.936305,VS0,VE0
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.4.157/ 		213 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.157/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cad00b23e87443394c87f7d997cceb4ab5124c19f1aa6e3c54538a8b674f7add
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
3037312c6e4e9
content-encoding
br
etag
W/"68ca9d13-355be"
x-content-type-options
nosniff
access-control-allow-methods
GET
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:29 GMT
last-modified
Wed, 17 Sep 2025 11:35:47 GMT
content-type
application/javascript
x-served-by
cache-sjc10063-SJC, cache-sjc1000143-SJC, cache-tyo11944-TYO
x-cache-hits
0, 46, 7929
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.934776,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
61231
mktconf.js
www.paypalobjects.com/martech/tm/paypal/ 		357 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/paypal/mktconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97f59fffdbf2aef7775e8a5b923fbf814f031b65d320a508d87e0a4b893cf42f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
65379aa95560a
content-encoding
br
etag
W/"68d221fc-593aa"
access-control-allow-methods
GET
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT
date
Tue, 30 Sep 2025 02:58:29 GMT
content-type
application/javascript
last-modified
Tue, 23 Sep 2025 04:28:44 GMT
x-served-by
cache-sjc1000142-SJC, cache-sjc1000113-SJC, cache-tyo11944-TYO
x-cache-hits
0, 41, 5383
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
vary
Accept-Encoding, Accept-Encoding
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.937068,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
32746
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=a2430a90-e62c-43a7-9369-01df883fea9e&batch_time=1759201109989
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
f229e930ec135f03fce5b69d7c3a1116eefa93e17b6ff570d3425a4072c1cc28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json
dd-request-id
a2430a90-e62c-43a7-9369-01df883fea9e
enterprise.js
www.recaptcha.net/recaptcha/ Frame 10B6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&hl=en
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a4e2fa86986ac06252e48bd66f1621ba4f8d8269f4875994dd88d3e8f00eec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 02:58:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 30 Sep 2025 02:58:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.4.157/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.157/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56f03b0c5bb4304c3037f4d3e559ba67f41757bcbf0c46214ad0f2c49bd9572e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
8ce98ba35017d
content-encoding
br
etag
W/"68ca9d13-1c79"
x-content-type-options
nosniff
access-control-allow-methods
GET
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:30 GMT
last-modified
Wed, 17 Sep 2025 11:35:47 GMT
content-type
application/javascript
x-served-by
cache-sjc1000136-SJC, cache-sjc1000136-SJC, cache-tyo11944-TYO
x-cache-hits
0, 24, 8070
vary
Accept-Encoding, Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.108593,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
2381
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739795a37f7b8f7000f8198915e8bf9ff6bb23580a6c255cf617e677a425de00
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-E9GSByPPObex3s1bLD5fDDAeUQcgEnVS8yTHoRRa1Gce078m' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f907987c1b079
content-encoding
gzip
etag
W/"818-PhzaN0twPXlypgQtPGnMooD17UY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987c1b079-2887dd7adebb4c34-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-E9GSByPPObex3s1bLD5fDDAeUQcgEnVS8yTHoRRa1Gce078m' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.145344,VS0,VE247
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84e98f901d5f1248770df5165a26bae302f22630183879e984d2d8a9f68382b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-egzf4RG6u6zOcZARyOX/WDNfttXTfF1+QIk6bCgCaCkFp1LQ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f90798733223b
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"83a-8QmBPBeGLlCh+J7AB/6Xd+P1WEQ"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f90798733223b-0ff8739ddfeb6812-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-egzf4RG6u6zOcZARyOX/WDNfttXTfF1+QIk6bCgCaCkFp1LQ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.146158,VS0,VE254
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
fb_fp.js
c.paypal.com/da/r/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb_fp.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/62e/e2f78fe0f281be21ef1c6442e8f58/js/signin-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3040ae0aa853605528b2587df47b91e9efb0bdfce6ac71bba2e676d85abbe49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

access-control-max-age
86400
paypal-debug-id
6041609a7e877
content-encoding
gzip
etag
W/"686c418c-111c3"
age
2441330
x-content-type-options
nosniff
access-control-allow-methods
GET
traceparent
00-00000000000000000006041609a7e877-3365be3d3d938784-01
expires
Wed, 01 Oct 2025 02:58:30 GMT
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT, MISS, HIT
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/javascript
last-modified
Mon, 07 Jul 2025 21:52:12 GMT
x-served-by
cache-tyo11977-TYO, cache-tyo11983-TYO
x-cache-hits
0, 46, 0, 0, 48509
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, Accept-Encoding
cache-control
s-maxage=31536000, public,max-age=86400
timing-allow-origin
*
x-timer
S1759201110.160240,VS0,VE1
access-control-allow-credentials
false
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
23569
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
488500f693223375f3743f9670f19a5b9b66d7b032542dbbff00f4d30270eedd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-U1jcYb8TabbXmBn0VHOn0IoEw+7opREfv2NRWXNlmQWIiohN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987128aa3
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"793-dg1uT2n81+rS5/F4NtDHIxf/HDs"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987128aa3-aec4ec98ad242c54-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-U1jcYb8TabbXmBn0VHOn0IoEw+7opREfv2NRWXNlmQWIiohN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.154824,VS0,VE251
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d5e663d193da726d4165baeca4c80f28984d6ccd46958ac68bee3d5d1c865d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-oz7AG4sfeldZqbRZz+cHcXuG6RUN56X0T+sUG5zE+wSLYer7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987510b71
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"7ad-LokFT2tuiia4L4hKhYEJDWwA+dY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987510b71-0b9141b2674b0c87-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-oz7AG4sfeldZqbRZz+cHcXuG6RUN56X0T+sUG5zE+wSLYer7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.156321,VS0,VE340
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aff80a4e4d0ae1ec70d2534cc7b17c3d995cedbff0efb56d1bba0edbb74a6ee1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-LAx6vxN3R+9MGCYXvlfN/b7cQ6tR+U+QMSIfiGtQsDSPP8Q9' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987f58dea
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"7df-oZuOqsyC48u+BeMsn9Xc3r06n/g"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987f58dea-a3cea9e361635cd2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-LAx6vxN3R+9MGCYXvlfN/b7cQ6tR+U+QMSIfiGtQsDSPP8Q9' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.158091,VS0,VE224
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
403f5a81718f9254a37488fd5e727a02f96d57b131e5bb839042da1ef6632428
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-u6h3/iY8eCBDjHS5/xswyV8VbuqeX5vYi9P1xkvBq5+1CaS4' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987c94df1
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"7fa-EnhagtpRDAJP3YbmEd5Y+/fFvVM"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987c94df1-bba8e0826bb3a5a1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-u6h3/iY8eCBDjHS5/xswyV8VbuqeX5vYi9P1xkvBq5+1CaS4' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.158101,VS0,VE252
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c7f4dd113d67f51f2b566b7df3f63f47973c994394eb9901a04127b69b07028e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-SilbaF8pk9Bzu2mV8bMainI2Glq6lkbLMxg+YOMk7vx4pB5j' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f9079870df800
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"83b-95J2LtAB0i79AFlRiCQ0DMu5CMw"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f9079870df800-c4ba47f7dc0c638f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-SilbaF8pk9Bzu2mV8bMainI2Glq6lkbLMxg+YOMk7vx4pB5j' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.159960,VS0,VE269
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
824a0c33dacb3f96e2b00fa5bda9e0d37e5ee45563b2d684c6badd6b4bb0e794
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-4DRhh4tsA3Xb4zexvQvFjks1pdqmhjTksmZI/8DnbAMnsaBH' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987e2bfc5
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"816-zrJaUTNsqIhUf1vY+BUzCNCGV10"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987e2bfc5-c1d039d18e681fd3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-4DRhh4tsA3Xb4zexvQvFjks1pdqmhjTksmZI/8DnbAMnsaBH' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.160302,VS0,VE319
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37271d0192272d9065d5ee51aa1a055b342c7df284950bf1dbeb244d15467cb8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-kwa0frTBuv1mxUu9yUJrTqlBAmP4SmXP526yuoxOTSRW0Ppk' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f90798797db52
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"7d6-2k50AW+30k2l5Io2dVRJROjSuSs"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f90798797db52-b292ba8bb42dbc8e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-kwa0frTBuv1mxUu9yUJrTqlBAmP4SmXP526yuoxOTSRW0Ppk' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.161519,VS0,VE233
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
cookie-banner
www.paypal.com/signin/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/cookie-banner?cookieBannerVariant=hidden&
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
000a49cf80da77c70e621b184019133a9cd33de708caef4dd72c24415dd8606a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9LAYMod0uY8jlketG4FYOQiDJJBwjzZzA64FJ/q6XWSSE3Qd' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json

Response headers

paypal-debug-id
f907987e0bdc4
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"52e7-LPBoPv2/Nr4zs1Mvze/hXtMOmhY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987e0bdc4-6a5f472ab78675a9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9LAYMod0uY8jlketG4FYOQiDJJBwjzZzA64FJ/q6XWSSE3Qd' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.160274,VS0,VE306
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
load-resource
www.paypal.com/signin/ 		67 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/load-resource
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db0c3e83f5604cc89a9e374caa3d2b0bf842c1f4250c0f1a8dde14e3d6d45492
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-MaHai8FnaNkdeJjh5p0r6K7a7J9OgfyMBhODj6ZHQbLg9AJa' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987d05e3c
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"10a5a-pqG6jvj+fuSZasuY+IABcT59hio"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987d05e3c-8c0b1b53f7fcd1e3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-MaHai8FnaNkdeJjh5p0r6K7a7J9OgfyMBhODj6ZHQbLg9AJa' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.161434,VS0,VE747
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c92af81e3a5e5e207dadd3dc673a0cfb392e64e8da0f0683a588dae286cff82
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-W+cJvechybFJSqeOKkadDtLRc7ZaIyLuNuUT+PGZ1qe3UNqV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f907987322696
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"788-2GMYGiq0xRQ57QErj1BvlifgV+g"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f907987322696-c238003c65f9f479-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-W+cJvechybFJSqeOKkadDtLRc7ZaIyLuNuUT+PGZ1qe3UNqV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.163970,VS0,VE249
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd1dd9b740d7aeb75a54edd81ddb52eab27376d89fe07857b2fa0a90ce1bbb50
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-CCz+8h7ORKfdUHTz5p5OoeUojx9EYPnpG0mUN3a+VYxZG35J' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-type
application/x-www-form-urlencoded

Response headers

paypal-debug-id
f9079877549d2
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"7c0-7HVkb91WnreYAs8ESfBzWTlHt0E"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f9079877549d2-eb2cb71a922447c4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-CCz+8h7ORKfdUHTz5p5OoeUojx9EYPnpG0mUN3a+VYxZG35J' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.173834,VS0,VE252
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-xss-protection
1; mode=block
p1
c.paypal.com/v1/r/d/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
correlation-id
d234cec8b4f9c
date
Tue, 30 Sep 2025 02:58:30 GMT
paypal-debug-id
d234cec8b4f9c
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-nrt-rjtt7900057-NRT, cache-nrt-rjtt7900057-NRT, cache-tyo11954-TYO
p2
c.paypal.com/v1/r/d/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
correlation-id
52f11e7b57c76
date
Tue, 30 Sep 2025 02:58:30 GMT
paypal-debug-id
52f11e7b57c76
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-nrt-rjtf7700059-NRT, cache-nrt-rjtf7700059-NRT, cache-tyo11954-TYO
p1
c.paypal.com/v1/r/d/b/ 		334 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca27b9e8300bf6e0eca3e2107b4c85790a40fe38dd6580dd14fc39c9de148326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
aca25a8150586
correlation-id
aca25a8150586
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json
x-served-by
cache-nrt-rjtf7700037-NRT, cache-nrt-rjtf7700037-NRT, cache-tyo11983-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
content-length
334
p2
c.paypal.com/v1/r/d/b/ 		125 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p2
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
944be821d04e938b393dd5714e62b32d2c7df81b948ed1fbbed0c5fd44331538
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
fc7d37a752858
correlation-id
fc7d37a752858
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json
x-served-by
cache-nrt-rjtt7900061-NRT, cache-nrt-rjtt7900061-NRT, cache-tyo11983-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
content-length
125
dfp.js
www.paypalobjects.com/rdaAssets/fraudnet/ext/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/rdaAssets/fraudnet/ext/dfp.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb_fp.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
64ff234e9785f
content-encoding
br
etag
W/"66843061-9bf0"
access-control-allow-methods
GET
x-content-type-options
nosniff
traceparent
00-000000000000000000064ff234e9785f-2c611b5d120b7d54-01
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, HIT, HIT
date
Tue, 30 Sep 2025 02:58:30 GMT
last-modified
Tue, 02 Jul 2024 16:52:49 GMT
content-type
application/javascript
x-served-by
cache-sjc1000102-SJC, cache-sjc1000102-SJC, cache-tyo11960-TYO
x-cache-hits
0, 24062, 3518
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.217292,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
12953
p3
c6.paypal.com/v1/r/d/b/ 		0
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=1520616ecc064039a2779f68f715a52d&s=UNIFIED_LOGIN_INPUT_EMAIL_TRMT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
17ab6fe5a4935
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
x-timer
S1759201110.244318,VS0,VE157
via
1.1 varnish, 1.1 varnish
correlation-id
17ab6fe5a4935
accept-ranges
bytes
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
content-length
0
date
Tue, 30 Sep 2025 02:58:30 GMT
x-served-by
cache-nrt-rjtt7900079-NRT, cache-nrt-rjtt7900079-NRT, cache-tyo11981-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
pp_favicon_x.ico
www.paypalobjects.com/en_US/i/icon/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
f613b4973c352
content-encoding
br
etag
W/"5d5637bd-1536"
x-content-type-options
nosniff
traceparent
00-0000000000000000000f613b4973c352-833696279f076163-01
x-cache
MISS, HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:30 GMT
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
content-type
image/x-icon
x-served-by
cache-sjc10033-SJC, cache-sjc10033-SJC, cache-tyo11960-TYO
x-cache-hits
0, 16920, 2677
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201110.237881,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
1309
w
c.paypal.com/v1/r/d/b/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/w
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

paypal-debug-id
2b33480f692b6
correlation-id
2b33480f692b6
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
x-served-by
cache-nrt-rjtt7900053-NRT, cache-nrt-rjtt7900053-NRT, cache-tyo11983-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
content-length
0
w
c.paypal.com/v1/r/d/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
correlation-id
ad60643ccbc2b
date
Tue, 30 Sep 2025 02:58:30 GMT
paypal-debug-id
ad60643ccbc2b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-nrt-rjtf7700058-NRT, cache-nrt-rjtf7700058-NRT, cache-tyo11954-TYO
recaptcha__en.js
www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/ Frame 10B6 		798 KB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.paypalobjects.com
Referer
https://www.paypalobjects.com/

Response headers

content-encoding
gzip
age
62729
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Tue, 29 Sep 2026 09:33:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 29 Sep 2025 09:33:01 GMT
last-modified
Mon, 22 Sep 2025 02:03:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
348612
x-xss-protection
0
server
sffe
counter2.cgi
hnd.stats.paypal.com/v1/ Frame EAAD
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg
  • https://hnd.stats.paypal.com/v1/counter2.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hnd.stats.paypal.com/v1/counter2.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg
Protocol
HTTP/1.1
Server
34.84.160.32 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.160.84.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

Content-Length
42
Date
Tue, 30 Sep 2025 02:58:30 GMT
Content-Type
image/jpeg
Connection
close
Server
PayPal-B.Stats/1.0

Redirect headers

Location
https://hnd.stats.paypal.com/v1/counter2.cgi?r=cD0xNTIwNjE2ZWNjMDY0MDM5YTI3NzlmNjhmNzE1YTUyZCZpPTE0Ni43MC4yMDEuMjAxJnQ9MTc1OTIwMTEwOS40MzEmYT0yMSZzPVVOSUZJRURfTE9HSU6f6GSjsJa5cCSZrOEVda8D4xEdjg
Content-Length
0
Date
Tue, 30 Sep 2025 02:58:30 GMT
Content-Type
application/octet-stream
Connection
close
Server
PayPal-B.Stats/1.0
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 879B 		74 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ce8f4409e144b35c9f9e07ef41e5e5392b9a882f4fddf501530cd885e5baa29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iRPBndr9sNU5qwbHrEPMCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypalobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-iRPBndr9sNU5qwbHrEPMCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Sep 2025 02:58:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
pa
c.paypal.com/v1/r/d/b/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/pa
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
cd0be5c46a39d
timing-allow-origin
*
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
correlation-id
cd0be5c46a39d
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
x-cache
MISS, MISS, MISS
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 30 Sep 2025 02:58:30 GMT
x-served-by
cache-nrt-rjtt7900037-NRT, cache-nrt-rjtt7900037-NRT, cache-tyo11983-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
pa
c.paypal.com/v1/r/d/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/pa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
correlation-id
8e228a5db5ac3
date
Tue, 30 Sep 2025 02:58:30 GMT
paypal-debug-id
8e228a5db5ac3
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-nrt-rjtt7900032-NRT, cache-nrt-rjtt7900032-NRT, cache-tyo11954-TYO
/
ddbm2.paypal.com/js/ 		231 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ddbm2.paypal.com/js/
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-90.nrt57.r.cloudfront.net
Software
DataDome /
Resource Hash
75226a06d3441745b35ba3e3601a5b5d22a3d85a33506969788b47312d0174f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 b8e884b65aaa43a17f87e13ea791a8e2.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
231
x-amz-cf-id
efKuJ4oVMeKVaUgq_orx0NkSKMx0HsR06L7q7d96bIoHKFIZyG0lCg==
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json;charset=utf-8
x-amz-cf-pop
NRT57-P3
server
DataDome
/
ddbm2.paypal.com/js/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ddbm2.paypal.com/js/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-90.nrt57.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
600
content-length
0
date
Tue, 30 Sep 2025 02:58:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b8e884b65aaa43a17f87e13ea791a8e2.cloudfront.net (CloudFront)
x-amz-cf-id
GiCi_k1zOOlRKad1n2o8KrY4v52CCdtbwfyWox0Awx6W0-lMRDgCrA==
x-amz-cf-pop
NRT57-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=cGFnZUxvYWQ=&isQueryEncoded=dHJ1ZQ==&page=bWFpbjp1bmlmaWVkbG9naW46c3BsaXRsb2dpbjo6ZW1haWw6Ojo=&component=dW5pZmllZGxvZ2lubm9kZXdlYg==&eventSourceUrl=aHR0cHM6Ly93d3cucGF5cGFsLmNvbS9zaWduaW4=&expireCookies=dHJ1ZQ==
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c47099a60112867b0373bfd34dc6e7d5dc4616993e092c98d35dba81edbda86
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PuTYf5GBJa8YO0A0LowkxF2B0WcfK1OlhN3BSwliF/c6TyTw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

paypal-debug-id
f90798773a2f3
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"528-fuRL4EwpdTVIevTM6qhRaakaUXA"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
access-control-allow-methods
GET
server-timing
"traceparent;desc="00-0000000000000000000f90798773a2f3-27962a12f9b04024-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
access-control-allow-headers
access-control-allow-origin, Content-Type, Accept, X-Requested-With, traceparent, tracestate, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-trace-id
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PuTYf5GBJa8YO0A0LowkxF2B0WcfK1OlhN3BSwliF/c6TyTw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201110.478760,VS0,VE223
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
x-xss-protection
1; mode=block
ts
t.paypal.com/ 		42 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/ts?v=1.10.0&t=1759201110477&g=-540&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&qual=input_email&pgst=1759201109355&calc=f885748c1cdad&nsid=ePmsNFi7MlZcaa3v8Zhx_eRNhgp3OcAT&rsta=ja_JP&pgtf=Nodejs&env=live&s=ci&ccpg=JP&csci=1520616ecc064039a2779f68f715a52d&comp=unifiedloginnodeweb&tsrce=policydashboardnodeweb&cu=0&ef_policy=ccpa&xe=105410%2C105409%2C111623%2C111624%2C109059%2C111560%2C111622%2C104407&xt=123956%2C123954%2C158942%2C158944%2C143369%2C161854%2C158940%2C119038&transition_name=ss_prepare_email&cookie_disabled_request=false&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&product=cookieBanner&e=ac
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
4c9e5c93f461a
correlation-id
4c9e5c93f461a
expires
Tue, 30 Sep 2025 02:58:30 GMT
server-timing
"traceparent;desc="00-00000000000000000004c9e5c93f461a-3880ee1b24982653-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
image/gif
x-served-by
cache-nrt-rjtf7700108-NRT, cache-nrt-rjtf7700108-NRT, cache-tyo11926-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1759201110.479923,VS0,VE162
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
styles__ltr.css
www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/ Frame 879B 		81 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
1fa8ec203b93e88d4a75a11400d77c8c0a69c3515ce99e20da552695826fd55f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
22484
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Tue, 29 Sep 2026 20:43:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 29 Sep 2025 20:43:46 GMT
last-modified
Mon, 22 Sep 2025 02:03:16 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
42475
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/ Frame 879B 		798 KB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.recaptcha.net/

Response headers

content-encoding
gzip
age
62729
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Tue, 29 Sep 2026 09:33:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 29 Sep 2025 09:33:01 GMT
last-modified
Mon, 22 Sep 2025 02:03:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
access-control-allow-origin
*
content-length
348612
x-xss-protection
0
server
sffe
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=0ee8751c-a23c-484e-b3af-43fbc79cbb58&batch_time=1759201110684
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
2de8d4b159861d57ce5866e93a8535bc8775428aad1becd2dd7dc76e502ea2ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json
dd-request-id
0ee8751c-a23c-484e-b3af-43fbc79cbb58
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 879B 		0
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 879B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/styles__ltr.css

Response headers

age
62736
report-to
{"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options
nosniff
expires
Mon, 06 Oct 2025 09:32:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 29 Sep 2025 09:32:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges
bytes
content-length
2228
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 879B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
409339
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 25 Sep 2026 09:16:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 25 Sep 2025 09:16:11 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 879B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/

Response headers

age
406357
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 25 Sep 2026 10:05:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 25 Sep 2025 10:05:53 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
tealeaftarget
www.paypal.com/platform/ 		39 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b537c362e748eb9ab7edd06911ca3e17b3d1189444e98002bdb2e8e0b188ccf3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-TeaLeaf-Page-Url
/signin
X-PageId
P.PPKEUSFEUSKV3WBKAL544SV4HPHL
X-TealeafType
GUI
Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Content-Encoding
gzip
X-Tealeaf
device (UIC) Lib/6.4.157
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SyncXHR
false
X-Tealeaf-SaaS-TLTSID
45734002830715849868007573765085
X-Tealeaf-TLTDID
64697027801671142645310702463571
X-Requested-With
fetch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
X-Tealeaf-MessageTypes
1,2,5,7,12,14
Content-Type
application/json

Response headers

paypal-debug-id
f655234ca9312
access-control-expose-headers
Server-Timing
content-encoding
br
etag
W/"27-NS5XqLlVseErtkwyfI1ZREY7FT4"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f655234ca9312-95128b019a806363-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201111.758108,VS0,VE184
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-xss-protection
1; mode=block
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

fastly-io-info
ifsz=110177 idim=22x7296 ifmt=png ofsz=72320 odim=22x7296 ofmt=png
paypal-debug-id
53c18b8fdc2dd
etag
"Nuylfp+to+eBvo2TUOG5pjOz26CVaqgZXN1uHvjtDMM"
x-content-type-options
nosniff
traceparent
00-000000000000000000053c18b8fdc2dd-ef33578877835d09-01
x-cache
HIT, HIT
dc
ccg11-origin-www-1.paypal.com
date
Tue, 30 Sep 2025 02:58:30 GMT
content-type
image/png
x-served-by
cache-sjc10054-SJC, cache-tyo11960-TYO
x-cache-hits
6051, 2353
fastly-stats
io=1
strict-transport-security
max-age=31557600
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-timer
S1759201111.920807,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
72320
fastly-io-served-by
vpop-haf2300703
ts
t.paypal.com/ 		42 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/ts?v=1.10.0&t=1759201111166&g=-540&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1759201109355&calc=f885748c1cdad&nsid=ePmsNFi7MlZcaa3v8Zhx_eRNhgp3OcAT&rsta=ja_JP&pgtf=Nodejs&env=live&s=ci&ccpg=JP&csci=1520616ecc064039a2779f68f715a52d&comp=unifiedloginnodeweb&tsrce=policydashboardnodeweb&cu=0&ef_policy=ccpa&xe=100353%2C105604%2C105604%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C109195%2C105999%2C100885%2C109334%2C109334%2C101270%2C102557%2C102557%2C101408%2C101408%2C104227%2C104227%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C106031%2C106031%2C107054%2C107054%2C106033%2C106033%2C106032%2C106032%2C105392%2C105392%2C106035%2C106035%2C106034%2C106034%2C106036%2C106036%2C105271%2C110648%2C101688%2C101821%2C101820%2C102208%2C105543%2C105544%2C105416%2C105416%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C105553%2C105553%2C105552%2C105552%2C100307%2C105554%2C105554%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C104038%2C104038%2C101736%2C110442%2C108653%2C108652%2C100846%2C112880%2C112880%2C109040%2C105843%2C105843%2C101875%2C105845%2C105845%2C105844%2C105844%2C109047%2C102390%2C102390%2C104571%2C104571%2C111738%2C107263%2C107263%2C111891%2C111187%2C111314%2C111833%2C112218%2C101216%2C103648%2C104200%2C109195%2C108076%2C109047&xt=100886%2C124899%2C124899%2C123678%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123693%2C144027%2C127242%2C102543%2C144768%2C144768%2C106407%2C109630%2C109630%2C104577%2C104577%2C120154%2C120154%2C101702%2C123244%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C127405%2C127405%2C132781%2C132781%2C127413%2C127413%2C127409%2C127409%2C123875%2C123875%2C127420%2C127420%2C127416%2C127416%2C127424%2C127424%2C123252%2C152289%2C105645%2C106327%2C106324%2C108106%2C124626%2C124629%2C125100%2C125100%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C125521%2C125521%2C125529%2C125529%2C100737%2C125515%2C125515%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C120736%2C120736%2C105858%2C150774%2C141151%2C141149%2C102359%2C167700%2C167700%2C143321%2C126378%2C126378%2C106610%2C126409%2C126409%2C126393%2C126393%2C143343%2C108797%2C108797%2C119908%2C119908%2C159941%2C133840%2C133840%2C161775%2C160640%2C161858%2C160449%2C163197%2C103864%2C114559%2C127485%2C144027%2C138090%2C143343&transition_name=ss_prepare_email&cookie_disabled_request=false&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A1670%2C%22tcp%22%3A820%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A500%7D&pt=PayPal%E3%82%A2%E3%82%AB%E3%82%A6%E3%83%B3%E3%83%88%E3%81%B8%E3%81%AE%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=464&t3=4&t4d=0&t4=0&t4e=7&tt=1175&rdc=1&protocol=h2&res=%7B%7D&t12=856
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a

Response headers

paypal-debug-id
2f7958719795e
access-control-expose-headers
Server-Timing
correlation-id
2f7958719795e
expires
Tue, 30 Sep 2025 02:58:31 GMT
server-timing
"traceparent;desc="00-00000000000000000002f7958719795e-f3d9158cab70b000-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
date
Tue, 30 Sep 2025 02:58:31 GMT
content-type
image/gif
x-served-by
cache-nrt-rjtt7900082-NRT, cache-nrt-rjtt7900082-NRT, cache-tyo11926-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1759201111.169415,VS0,VE163
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
reload
www.recaptcha.net/recaptcha/enterprise/ Frame 879B 		38 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
ESF /
Resource Hash
fb7d3a084384b684321fff16665ef49d1155b3b0236e1b5d03123e6ddb7abb52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/x-protobuffer
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m

Response headers

cache-control
private
content-encoding
gzip
cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 02:58:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 30 Sep 2025 02:58:31 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
verifygrcadenterprise
www.paypal.com/auth/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcadenterprise
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-irr8rXZEGlAlsjw7is6WpNPR5II3Gg+mgKUj9/AwK68Twik2' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; worker-src 'self' blob: https://*.paypal.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f6552347d9422
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
server-timing
"traceparent;desc="00-0000000000000000000f6552347d9422-f04bbf4272b4e050-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:31 GMT
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-irr8rXZEGlAlsjw7is6WpNPR5II3Gg+mgKUj9/AwK68Twik2' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; worker-src 'self' blob: https://*.paypal.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201111.344450,VS0,VE332
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
clr
www.recaptcha.net/recaptcha/enterprise/ Frame 10B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/clr?k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypalobjects.com/

Response headers

cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-length
0
date
Tue, 30 Sep 2025 02:58:31 GMT
x-xss-protection
0
content-type
application/binary
server
ESF
x-frame-options
SAMEORIGIN
ts
t.paypal.com/ 		42 B
817 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/ts?v=1.10.0&t=1759201112167&g=-540&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1759201109355&calc=f885748c1cdad&nsid=ePmsNFi7MlZcaa3v8Zhx_eRNhgp3OcAT&rsta=ja_JP&pgtf=Nodejs&env=live&s=ci&ccpg=JP&csci=1520616ecc064039a2779f68f715a52d&comp=unifiedloginnodeweb&tsrce=policydashboardnodeweb&cu=0&ef_policy=ccpa&xe=100353%2C105604%2C105604%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C109195%2C105999%2C100885%2C109334%2C109334%2C101270%2C102557%2C102557%2C101408%2C101408%2C104227%2C104227%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C106031%2C106031%2C107054%2C107054%2C106033%2C106033%2C106032%2C106032%2C105392%2C105392%2C106035%2C106035%2C106034%2C106034%2C106036%2C106036%2C105271%2C110648%2C101688%2C101821%2C101820%2C102208%2C105543%2C105544%2C105416%2C105416%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C105553%2C105553%2C105552%2C105552%2C100307%2C105554%2C105554%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C104038%2C104038%2C101736%2C110442%2C108653%2C108652%2C100846%2C112880%2C112880%2C109040%2C105843%2C105843%2C101875%2C105845%2C105845%2C105844%2C105844%2C109047%2C102390%2C102390%2C104571%2C104571%2C111738%2C107263%2C107263%2C111891%2C111187%2C111314%2C111833%2C112218%2C101216%2C103648%2C104200%2C109195%2C108076%2C109047&xt=100886%2C124899%2C124899%2C123678%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123693%2C144027%2C127242%2C102543%2C144768%2C144768%2C106407%2C109630%2C109630%2C104577%2C104577%2C120154%2C120154%2C101702%2C123244%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C127405%2C127405%2C132781%2C132781%2C127413%2C127413%2C127409%2C127409%2C123875%2C123875%2C127420%2C127420%2C127416%2C127416%2C127424%2C127424%2C123252%2C152289%2C105645%2C106327%2C106324%2C108106%2C124626%2C124629%2C125100%2C125100%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C125521%2C125521%2C125529%2C125529%2C100737%2C125515%2C125515%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C120736%2C120736%2C105858%2C150774%2C141151%2C141149%2C102359%2C167700%2C167700%2C143321%2C126378%2C126378%2C106610%2C126409%2C126409%2C126393%2C126393%2C143343%2C108797%2C108797%2C119908%2C119908%2C159941%2C133840%2C133840%2C161775%2C160640%2C161858%2C160449%2C163197%2C103864%2C114559%2C127485%2C144027%2C138090%2C143343&transition_name=ss_prepare_email&cookie_disabled_request=false&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&event_name=c_paypal_cpl&t1=177&t1c=0&t1d=0&t1s=0&t2=207&t3=2&tt=386&protocol=h2&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A177%2C%22t11%22%3A386%2C%22nt%22%3A%22res%22%7D&e=pf
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
8fcb5e2890335
correlation-id
8fcb5e2890335
expires
Tue, 30 Sep 2025 02:58:32 GMT
server-timing
"traceparent;desc="00-00000000000000000008fcb5e2890335-948b3774dbde8f3c-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache
MISS, MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
date
Tue, 30 Sep 2025 02:58:32 GMT
content-type
image/gif
x-served-by
cache-nrt-rjtf7700026-NRT, cache-nrt-rjtf7700026-NRT, cache-tyo11926-TYO
x-cache-hits
0, 0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1759201112.170725,VS0,VE186
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
71 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=a8649be9-ca38-4dec-b3c2-380de4b7f779&batch_time=1759201112361
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.66.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7ba1bc87da137f7338179fb4f40e5693404d5069537dfbdf3b7c56f0be8abaac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Tue, 30 Sep 2025 02:58:32 GMT
content-type
application/json
dd-request-id
a8649be9-ca38-4dec-b3c2-380de4b7f779
bcn
www.recaptcha.net/recaptcha/enterprise/ Frame 879B 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/bcn?k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/XrIDux0s7SoNe6_IHkjGC92W/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Content-Type
application/x-protobuf
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfY0gUpAAAAAJgmuiSZtM8qB73-AGXlxhWx1xCy&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=XrIDux0s7SoNe6_IHkjGC92W&size=invisible&anchor-ms=20000&execute-ms=15000&cb=2ndb5v6c6v8m

Response headers

cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-length
0
date
Tue, 30 Sep 2025 02:58:33 GMT
x-xss-protection
0
content-type
application/binary
server
ESF
x-frame-options
SAMEORIGIN
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=YWZ0ZXJQYWdlTG9hZA==&isQueryEncoded=dHJ1ZQ==&page=bWFpbjp1bmlmaWVkbG9naW46c3BsaXRsb2dpbjo6ZW1haWw6Ojo=&component=dW5pZmllZGxvZ2lubm9kZXdlYg==&eventSourceUrl=aHR0cHM6Ly93d3cucGF5cGFsLmNvbS9zaWduaW4=&expireCookies=dHJ1ZQ==
Requested by
Host: ddbm2.paypal.com
URL: https://ddbm2.paypal.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ebe9f16357a68a50cdf29607276b80ccf5252b2509dca10ab71a64af3141704
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2u7+RFrnQAgRa1TpJBKT09HIxQTCQgh3sMPmUuxKM8K9SBbj' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

paypal-debug-id
f9601944b61b7
access-control-expose-headers
Server-Timing
content-encoding
gzip
etag
W/"529-3zrprTWY919erzyuwtDsS4hXKYY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
access-control-allow-methods
GET
server-timing
"traceparent;desc="00-0000000000000000000f9601944b61b7-177283cc9a86c8b0-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS, MISS
date
Tue, 30 Sep 2025 02:58:33 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-tyo11983-TYO, cache-tyo11983-TYO
x-cache-hits
0, 0, 0, 0
access-control-allow-headers
access-control-allow-origin, Content-Type, Accept, X-Requested-With, traceparent, tracestate, x-datadog-origin, x-datadog-parent-id, x-datadog-sampling-priority, x-datadog-trace-id
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-2u7+RFrnQAgRa1TpJBKT09HIxQTCQgh3sMPmUuxKM8K9SBbj' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1759201113.480571,VS0,VE204
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
https://www.paypal.com
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.recaptcha.net
URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=XrIDux0s7SoNe6_IHkjGC92W

Verdicts & Comments Add Verdict or Comment

39 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| ddjskey object| ddoptions object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| AtomicEventsDom object| PAYPAL function| $ object| fpti string| fptiserverurl object| fptiOptions boolean| trackLazyData object| _ifpti object| DD_RUM boolean| dataDomeProcessed object| dataDomeOptions boolean| paypalADSInterceptorInjected function| init function| setStyle function| resizeWidget function| getListenerSearchKey function| getTargetOrigin function| renderGRCV3Enterprise function| recaptchaClientLogPostData object| latmconf object| laDataLayer object| pako object| TLT object| mktconf object| altStorage boolean| alreadyModified boolean| __ATOMIC_EVENTS_INITIALIZED__ object| dfp function| bindGdprEvents function| hideGdprBanner function| showGdprBanner

21 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AG7bzvGvJFIQPiayzSNsQl2OdRUxq-HWJPFeUzipSbMEeB7NzyAXNHDfPYbV4dLqgJPLSwN6fYFMUTUg5UXcS6s
www.paypal.com/ Name: nsid
Value: s%3AePmsNFi7MlZcaa3v8Zhx_eRNhgp3OcAT.5R8kNdfK0NHCe06HlXjXpzMCQeRGPt8D43OBWNFGxhA
.paypal.com/ Name: l7_az
Value: dcg15.slc
.paypal.com/ Name: ts_c
Value: vr%3D988ea4891990ad12084fbe83fe91d1a1%26vt%3D988ea4891990ad12084fbe83fe91d1a0
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: 1520616ecc064039a2779f68f715a52d1759201109383
.paypal.com/ Name: LANG
Value: ja_JP%3BJP
.paypal.com/ Name: TLTSID
Value: 45734002830715849868007573765085
.paypal.com/ Name: TLTDID
Value: 64697027801671142645310702463571
.paypal.com/ Name: rssk
Value: d%7DC9%40%3B%3C7552%3A69%3D%3B%3Exqx%3Ets~z73~u%3F10
.stats.paypal.com/ Name: c
Value: ee2eaaac2efc25f624bc
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: datadome
Value: IDMwR4WBQWg0MxUpDnqrpmuBKkeGJWwOBuGA4ImWRwOjrBBZUwpsEbA9Sn~7HWSkVc4pROE603asjLqQ7caCOV7IcO5GAr8Duccgxjqf72rlguPTaUR7GV4KSPsGHgN0
.paypal.com/ Name: sc_f
Value: 3hCbLfmOnhjheNXi5occ5EHEvpwhSWgL6lqIpbIgbI_LcxiV9wM48idJir6_tGCs4JJIsdZ33H9qF7hIG9InGgZsjWzoIvjEBIoDD0
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: W9wgEBEsqeqdx-HT9ekx6MN2WU3_g6jnWCtqpJWS5y8vuFU-wWFqWFr51CYcMako_m38eQ4gly8fUNcl
.paypal.com/ Name: ddi
Value: y2ORdpyIcLTdlgaQx26bs6ffnlNVPBa1Z3bbB5JV7LEsf1hvCTFgnMg31-dwQ_BICI-KbMUSHPGLi1CAunXK5gq3VNaFrSdZBqNTY6QVBkmt8ht9
.paypal.com/ Name: tsrce
Value: privacynodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTc1OTIwMTExMzYwOCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1790737113%26vteXpYrS%3D1759202913%26vr%3D988ea4891990ad12084fbe83fe91d1a1%26vt%3D988ea4891990ad12084fbe83fe91d1a0%26vtyp%3Dnew
www.paypal.com/ Name: _dd_s
Value: rum=2&id=1c150481-6807-44d1-a4cd-c5c8dffb84cc&created=1759201109914&expire=1759202009914

4 Console Messages

Source Level URL
Text
recommendation verbose URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering warning URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B0200064000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F04C0064000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fpolicydashboard%2Fprocess%2Fcompliance%2Fpid%2FyyWtx1bPZLWsiPdmf74WQyUD5c36qRFyUABdQG2X5cxuYmGTqIxCcKSwUcAbM25_SLFgjpB8zQqdp8N23IMT5A&state=%3Fv%3D1%26utm_source%3Dunp%26utm_medium%3Demail%26utm_campaign%3DRT003103%26utm_unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26ppid%3DRT003103%26cnac%3DJP%26rsta%3Dja_JP%2528ja-JP%2529%26cust%3DMWRY6CZTB4Y52%26unptid%3D4d8aa4e0-9596-11f0-859a-012211cc238c%26calc%3Ddc20bca53eec8%26unp_tpcid%3Djp_mdc_enforcement_email%26page%3Dmain%253Aemail%253ART003103%26pgrp%3Dmain%253Aemail%26e%3Dcl%26mchn%3Dem%26s%3Dci%26mail%3Dsys%26appVersion%3D1.357.0%26tenant_name%3DPAYPAL%26xt%3D145585%252C154413%252C104038%26link_ref%3Dpid_yywtx1bpzlwsipdmf74wqyud5c36qrfyuabdqg2x5cxuymgtqixcckswucabm25_slfgjpb8zqqdp8n23imt5a
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0504D0064000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xaG5MOTbnGAPSE9HmBrHYHO3hNvvGYCj4Zm7r84t48zG+/jG' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
browser-intake-us5-datadoghq.com
c.paypal.com
c6.paypal.com
ddbm2.paypal.com
fonts.gstatic.com
hnd.stats.paypal.com
paypalobjects.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
www.recaptcha.net
142.250.196.131
142.251.222.3
151.101.1.21
151.101.129.21
151.101.131.1
151.101.3.1
172.217.175.3
18.65.207.90
2404:6800:4004:80f::2003
2404:6800:4004:81e::2003
2600:1901:0:c072::
2a04:4e42:600::291
34.149.66.134
34.84.160.32
000a49cf80da77c70e621b184019133a9cd33de708caef4dd72c24415dd8606a
0ebe9f16357a68a50cdf29607276b80ccf5252b2509dca10ab71a64af3141704
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c92af81e3a5e5e207dadd3dc673a0cfb392e64e8da0f0683a588dae286cff82
1de7dce113e00547082b160c7e6e08e329e081d6afc572ee8cce1105b05f2645
1fa8ec203b93e88d4a75a11400d77c8c0a69c3515ce99e20da552695826fd55f
21dac7841ff8ec6064185eed4ad7ccfb8396a393c7cf07cd2aea86962a4d43ae
2a4e2fa86986ac06252e48bd66f1621ba4f8d8269f4875994dd88d3e8f00eec8
2a78a03e5edb717100c8d821973c15f75391f2177a14ee46921e86f276dba720
2de8d4b159861d57ce5866e93a8535bc8775428aad1becd2dd7dc76e502ea2ca
37271d0192272d9065d5ee51aa1a055b342c7df284950bf1dbeb244d15467cb8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
403f5a81718f9254a37488fd5e727a02f96d57b131e5bb839042da1ef6632428
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
488500f693223375f3743f9670f19a5b9b66d7b032542dbbff00f4d30270eedd
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
4f3802a3a58d849d9b0950c807ac3705131bf34d647be4f61d5679b93402ca2d
56f03b0c5bb4304c3037f4d3e559ba67f41757bcbf0c46214ad0f2c49bd9572e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ce8f4409e144b35c9f9e07ef41e5e5392b9a882f4fddf501530cd885e5baa29
5cfe487d5bf15c2087e4081762fe78765230046f40a0f35e913246b21b59221e
63fa8b5450ae0f8dc175f82b324edc0f8826b4d606baa82986e5bc40984dc169
698810259f72a824738856c9f7d25961b732d6f506b1d2da215c08f13127f55e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
739795a37f7b8f7000f8198915e8bf9ff6bb23580a6c255cf617e677a425de00
75226a06d3441745b35ba3e3601a5b5d22a3d85a33506969788b47312d0174f6
7ba1bc87da137f7338179fb4f40e5693404d5069537dfbdf3b7c56f0be8abaac
7c47099a60112867b0373bfd34dc6e7d5dc4616993e092c98d35dba81edbda86
7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7
824a0c33dacb3f96e2b00fa5bda9e0d37e5ee45563b2d684c6badd6b4bb0e794
84e98f901d5f1248770df5165a26bae302f22630183879e984d2d8a9f68382b0
8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e
8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b
944be821d04e938b393dd5714e62b32d2c7df81b948ed1fbbed0c5fd44331538
97f59fffdbf2aef7775e8a5b923fbf814f031b65d320a508d87e0a4b893cf42f
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9b5fc6078f600457f7fc9c8d6847b6a950015293a1e9523714d24b80d9fdf615
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
aff80a4e4d0ae1ec70d2534cc7b17c3d995cedbff0efb56d1bba0edbb74a6ee1
b3040ae0aa853605528b2587df47b91e9efb0bdfce6ac71bba2e676d85abbe49
b537c362e748eb9ab7edd06911ca3e17b3d1189444e98002bdb2e8e0b188ccf3
b7d5e663d193da726d4165baeca4c80f28984d6ccd46958ac68bee3d5d1c865d
c7f4dd113d67f51f2b566b7df3f63f47973c994394eb9901a04127b69b07028e
ca27b9e8300bf6e0eca3e2107b4c85790a40fe38dd6580dd14fc39c9de148326
cad00b23e87443394c87f7d997cceb4ab5124c19f1aa6e3c54538a8b674f7add
cd1dd9b740d7aeb75a54edd81ddb52eab27376d89fe07857b2fa0a90ce1bbb50
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
db0c3e83f5604cc89a9e374caa3d2b0bf842c1f4250c0f1a8dde14e3d6d45492
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7934c7139f8277f4e0fc5389dc2a7d08d036be0fd23a533fcf5bdefabb15d4
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
f229e930ec135f03fce5b69d7c3a1116eefa93e17b6ff570d3425a4072c1cc28
f3628ea791958b87da4e82ac9a0f85295b784ea0b3da83c160d70d0375474e7f
f766ba6d9471acc787c0808b8c30f38494d12b287ccfb2ff610fd617cfa2a432
f9da4fa1be691c9a8b169563a5417d750b59488b7f0dcd72e4ec8335a32e6127
fae4b858a4efba7ef920a6fda59d4207224ec488e49e16c73ec013b8daf89370
fb7d3a084384b684321fff16665ef49d1155b3b0236e1b5d03123e6ddb7abb52