www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paypal.shipstation.com/
Effective URL:
https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fw...
Submission: On January 31 via api (January 31st 2024, 4:09:26 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 53 HTTP transactions. The main IP is 151.101.1.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3015.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 24th 2024. Valid for: 7 months.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.23.169.246 107.23.169.246	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.232.17.90 34.232.17.90	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.231.108.226 3.231.108.226	14618 (AMAZON-AES) (AMAZON-AES)
2 24	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
21	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.147.177.40 34.147.177.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42::291 2a04:4e42::291	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
53	7

1 107.23.169.246 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-169-246.compute-1.amazonaws.com

paypal.shipstation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.17.90 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-17-90.compute-1.amazonaws.com

paypal.shipstation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.108.226 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-108-226.compute-1.amazonaws.com

authbridge.auctane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.1.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.147.177.40 (London, United Kingdom) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lhr.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	paypal.com 3 redirects www.paypal.com — Cisco Umbrella Rank: 3015 c.paypal.com — Cisco Umbrella Rank: 7660 b.stats.paypal.com — Cisco Umbrella Rank: 6369 lhr.stats.paypal.com c6.paypal.com — Cisco Umbrella Rank: 9116 t.paypal.com — Cisco Umbrella Rank: 3523	132 KB
18	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	288 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1284	40 KB
3	gstatic.com www.gstatic.com	409 KB
3	shipstation.com 3 redirects paypal.shipstation.com — Cisco Umbrella Rank: 421220	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	7 KB
1	auctane.com 1 redirects authbridge.auctane.com — Cisco Umbrella Rank: 853722	632 B
53	7

	Domain	Requested by
19	www.paypal.com	2 redirects www.paypal.com www.paypalobjects.com
18	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypalobjects.com c.paypal.com
4	www.recaptcha.net	www.paypalobjects.com www.gstatic.com www.recaptcha.net
3	t.paypal.com
3	www.gstatic.com	www.recaptcha.net
3	paypal.shipstation.com	3 redirects
1	www.google.com	www.gstatic.com
1	c6.paypal.com
1	lhr.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	authbridge.auctane.com	1 redirects
53	12

This site contains links to these domains. Also see Links.

Domain
authbridge.auctane.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-01-24` - `2024-08-21`	7 months	crt.sh
misc.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
Frame ID: 8C976184342F69863DC51C989C1A18B1
Requests: 38 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 312E8163165AC2F729BDBADD77DB7D6B
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/csplog/api/log/csp
Frame ID: BFF7AF39D6F0525D9001F2068F1CE756
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 7D03F53D190F83688840CB28E42A7303
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=93mjkzw663v
Frame ID: 71900F7CB8BD068235F7BC520EC4781B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loggen Sie sich bei PayPal ein

Page URL History Show full URLs

http://paypal.shipstation.com/ HTTP 301
https://paypal.shipstation.com/ HTTP 307
https://paypal.shipstation.com/api/auth/signin HTTP 307
https://authbridge.auctane.com/authflow/paypal_v2/whitelabel_prod/initiate?state=&auth_state=eyJhbGciOiJIUz... HTTP 302
https://www.paypal.com/connect?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsET... HTTP 301
https://www.paypal.com/connect/?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsE... HTTP 302
https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&retur... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

53
Requests

98 %
HTTPS

40 %
IPv6

7
Domains

12
Subdomains

7
IPs

3
Countries

871 kB
Transfer

2405 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://authbridge.auctane.com/authflow/paypal_v2/accept?error_uri=https%3A%2F%2Fauthbridge.auctane.com%2Fauthflow%2Fpaypal_v2%2Faccept&error_description=Consent+denied&error=access_denied
Title: Abbrechen und zurück zu ShipStation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paypal.shipstation.com/ HTTP 301
https://paypal.shipstation.com/ HTTP 307
https://paypal.shipstation.com/api/auth/signin HTTP 307
https://authbridge.auctane.com/authflow/paypal_v2/whitelabel_prod/initiate?state=&auth_state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ3aGl0ZWxhYmVsX3Byb2QiLCJhdWQiOiJtb25vYXV0aCIsImlhdCI6MTcwNjY3NDE2MCwiZXhwIjoxNzA2Njc0MjIwfQ.onjCgtVqM6pOxoxEa5ej7STLqQnDxrFKmnqJ10vw7NU&redirect_uri=https%3A%2F%2Fpaypal.shipstation.com%2Fapi%2Fauth%2Fcallback%2Fmonoauth&response_type=code HTTP 302
https://www.paypal.com/connect?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl&scope=email%20address%20profile%20openid%20phone%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%2Fbusiness%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fshipping%2Fshippable-orders%2Fread%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fshipping%2Ftrackers%2Freadwrite&redirect_uri=https%3A%2F%2Fauthbridge.auctane.com%2Fauthflow%2Fpaypal_v2%2Faccept HTTP 301
https://www.paypal.com/connect/?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl&scope=email%20address%20profile%20openid%20phone%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%2Fbusiness%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fshipping%2Fshippable-orders%2Fread%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fshipping%2Ftrackers%2Freadwrite&redirect_uri=https%3A%2F%2Fauthbridge.auctane.com%2Fauthflow%2Fpaypal_v2%2Faccept HTTP 302
https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://b.stats.paypal.com/v1/counter.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s HTTP 302
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
www.paypal.com/
Redirect Chain

http://paypal.shipstation.com/
https://paypal.shipstation.com/
https://paypal.shipstation.com/api/auth/signin
https://authbridge.auctane.com/authflow/paypal_v2/whitelabel_prod/initiate?state=&auth_state=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ3aGl0ZWxhYmVsX3Byb2QiLCJhdWQiOiJtb25vYXV0aCIsImlhdCI6MTc...
https://www.paypal.com/connect?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl&scope=email%20address%20profile%20openid%20phone%20https%3...
https://www.paypal.com/connect/?flowEntry=static&client_id=AQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl&scope=email%20address%20profile%20openid%20phone%20https%...
https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_N...

35 KB
13 KB

260ms
260ms

Document
text/html

151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1daa651ce7ba078d935d9ecaae89975505c40d0a7e66e71e6a70cf0347fc1fd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0GWYtk/N027ionWL671SSpj6/DoHoDYjmquQBNzvriNJH8Q+' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0GWYtk/N027ionWL671SSpj6/DoHoDYjmquQBNzvriNJH8Q+' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 04:09:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"883b-oF48Gtwus7PgqHedNtehIJWYoOI"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f494955259b99
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f494955259b99-17fddaa804746e76-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f494955259b99-352aef167eea2841-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
x-timer: S1706674161.263494,VS0,VE253
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 1882
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-FBFFHNZJjeqznvLG/Hm2TQI6jlBh/WSA32PR+RG2+wQG/OnW' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://fpnpmcdn.net; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.fptls.com https://*.fptls2.com https://*.fptls3.com https://api.fpjs.io https://*.api.fpjs.io https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com https://ih-prd.fisglobal.com/sso/SSOServlet; frame-ancestors 'self' https://*.paypal.com https://*.izettle.com https://paypal.com/axo; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 04:09:21 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f49495545d322
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f49495545d322-f0b8fa4857051fe9-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
x-timer: S1706674161.813296,VS0,VE442
x-xss-protection: 1; mode=block

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
7 KB 47ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CED) /

Resource Hash

0ec34b2c64cf8ac9e34f0ab429c9b2909b504c4c4ffc9a550a4a39771d410ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 285764e17d21b
dc: ccg11-origin-www-1.paypal.com
content-length: 6753
last-modified: Wed, 10 Jan 2024 18:40:10 GMT
server: ECAcc (frc/4CED)
traceparent: 00-0000000000000000000285764e17d21b-cf311f5d26a72e20-01
etag: W/"659ee48a-5a35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 contextualLoginElementalUIv2.css
www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/ 151 KB
24 KB 41ms
8ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB7) /

Resource Hash

69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: b8cd4338bf63a
dc: ccg11-origin-www-1.paypal.com
content-length: 23917
last-modified: Tue, 23 Jan 2024 09:37:14 GMT
server: ECAcc (frc/4CB7)
traceparent: 00-0000000000000000000b8cd4338bf63a-9029822c05d17582-01
etag: W/"65af88ca-25c40"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 30 Jan 2025 04:09:21 GMT

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/lib/ 4 KB
2 KB 43ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/lib/modernizr-2.6.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: a45e1762d6481
dc: ccg11-origin-www-1.paypal.com
content-length: 1788
last-modified: Tue, 23 Jan 2024 09:37:16 GMT
server: ECAcc (frc/4CE6)
traceparent: 00-0000000000000000000a45e1762d6481-93148cef4d81541e-01
etag: W/"65af88cc-edf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 30 Jan 2025 04:09:21 GMT

GET
H2 200 close.svg
www.paypalobjects.com/paypal-ui/icons/v3/svg/ 289 B
337 B 44ms
12ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/icons/v3/svg/close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C95) /

Resource Hash

47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 868d79c23aa11
dc: ccg11-origin-www-1.paypal.com
content-length: 181
last-modified: Thu, 12 May 2022 21:24:27 GMT
server: ECAcc (frc/4C95)
traceparent: 00-0000000000000000000868d79c23aa11-415a66c4493d068a-01
etag: W/"627d7b0b-121"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 44ms
12ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAA) /

Resource Hash

4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 89d27e36e5acb
dc: ccg11-origin-www-1.paypal.com
content-length: 2236
last-modified: Sat, 13 Feb 2021 00:20:23 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (frc/4CAA)
traceparent: 00-000000000000000000089d27e36e5acb-636a533b4fde7647-01
etag: "60271b47-8bc"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 6 KB
6 KB 8ms
8ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA8) /

Resource Hash

13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 6b89ec0134ddf
dc: ccg11-origin-www-1.paypal.com
content-length: 5828
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (frc/4CA8)
traceparent: 00-00000000000000000006b89ec0134ddf-c57c6b841a3cbc91-01
etag: "54130c54-16c4"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/lib/ 5 KB
2 KB 12ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/lib/fn-sync-telemetry-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 56eed8e8c67df
dc: ccg11-origin-www-1.paypal.com
content-length: 2303
last-modified: Tue, 23 Jan 2024 09:37:16 GMT
server: ECAcc (frc/4CD8)
traceparent: 00-000000000000000000056eed8e8c67df-e5f1ae761e155b18-01
etag: W/"65af88cc-159e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 30 Jan 2025 04:09:21 GMT

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/ 231 KB
53 KB 11ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/signin-split.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFB) /

Resource Hash

699d387cc5463944c8e7519d6beb1c8d9a1d1c71a3835bbbf44b9a77195d66e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 6c1b9b63f74dd
dc: ccg11-origin-www-1.paypal.com
content-length: 54213
last-modified: Tue, 23 Jan 2024 09:37:15 GMT
server: ECAcc (frc/4CFB)
traceparent: 00-00000000000000000006c1b9b63f74dd-f52ef6cd8db67e0f-01
etag: W/"65af88cb-39c80"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 30 Jan 2025 04:09:21 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 69 KB
26 KB 11ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFA) /

Resource Hash

0b1d330057dc082e5b3036a2e7fb5b2e0105e5df4f63801a4ed03b4a670177ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e7ed826a3a5bf
dc: ccg11-origin-www-1.paypal.com
content-length: 25994
last-modified: Mon, 29 Jan 2024 18:41:18 GMT
server: ECAcc (frc/4CFA)
traceparent: 00-0000000000000000000e7ed826a3a5bf-644116567d858c15-01
etag: W/"65b7f14e-114e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 grcenterprise_v3_static.js Show response
www.paypalobjects.com/webcaptcha/ 12 KB
4 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8F) /

Resource Hash

27e23955d2e8a8b15dd900996040b9895ebaad02ddcff68b43a64b90511f7904

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 934e27e65df0d
dc: ccg11-origin-www-1.paypal.com
content-length: 4401
last-modified: Mon, 18 Dec 2023 10:19:32 GMT
server: ECAcc (frc/4C8F)
traceparent: 00-0000000000000000000934e27e65df0d-571c1fa29c2a18cb-01
etag: "65801cb4-31b0+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 235ms
235ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-vQCt49g0Tr0cD5cRIbSiYKW/pXYYt4Jysqwk8nhuCLHP4+Fr' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-vQCt49g0Tr0cD5cRIbSiYKW/pXYYt4Jysqwk8nhuCLHP4+Fr' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f6804142b61d9
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6804142b61d9-780a0d076957702b-01
x-timer: S1706674162.532910,VS0,VE228
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 1 KB
705 B 15ms
15ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB4) /

Resource Hash

f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 36532606ce5df
dc: ccg11-origin-www-1.paypal.com
content-length: 548
last-modified: Wed, 15 Jun 2022 22:33:20 GMT
server: ECAcc (frc/4CB4)
traceparent: 00-000000000000000000036532606ce5df-5b43e819cf1f272f-01
etag: W/"62aa5e30-436"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 27ms
7ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D0A) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5afdb95f0696d
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frc/4D0A)
traceparent: 00-00000000000000000005afdb95f0696d-b74492ffeae800a7-01
etag: "60271cda-6318"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 33ms
14ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C95) /

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/css/contextualLoginElementalUIv2.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 98743da4e753e
dc: ccg11-origin-www-1.paypal.com
content-length: 18508
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frc/4C95)
traceparent: 00-000000000000000000098743da4e753e-be11dd1d30f74627-01
etag: "60271cda-484c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/paypal/ 341 KB
38 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDC) /

Resource Hash

88a7e5bd39a6c855b46d6cf6bed3e4d6970ac8b2647fc120619e12bab0ba24b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 7d9f8dac7737b
dc: ccg11-origin-www-1.paypal.com
content-length: 38318
last-modified: Mon, 29 Jan 2024 18:41:17 GMT
server: ECAcc (frc/4CDC)
traceparent: 00-00000000000000000007d9f8dac7737b-486e2bea41e1c56a-01
etag: W/"65b7f14d-55268"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 05:09:21 GMT

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
4 KB 211ms
211ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20a2d7931d178496064f9601fa2ba120c2bfff33f0bcf6569fbefe1143c0bfd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-EeIhkOIIYGtyVWIuFcAyfWeLnWnmfn1HwwWPYpzwqeW9xcYm' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-EeIhkOIIYGtyVWIuFcAyfWeLnWnmfn1HwwWPYpzwqeW9xcYm' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f680414c5c023
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f680414c5c023-8ece24e55c4c4813-01
x-timer: S1706674162.607443,VS0,VE204
etag: W/"70b-4V0/JfgcNt4j9MC0pXtphjiDPuc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 grcenterprise_v3_static.html Show response
www.paypalobjects.com/webcaptcha/ Frame 312E 6 KB
2 KB 7ms
7ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C97) /

Resource Hash

e500bba8b43058f87009037d8153203079cb1d7989d794f966fe432353fce52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 1995
content-type: text/html
date: Wed, 31 Jan 2024 04:09:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"65801cb4-18db"
expires: Wed, 31 Jan 2024 05:09:21 GMT
last-modified: Mon, 18 Dec 2023 10:19:32 GMT
paypal-debug-id: db477e5ffb8a7
server: ECAcc (frc/4C97)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000db477e5ffb8a7-bf8a1fc3ae6f7c30-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.65/ 155 KB
50 KB 10ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA5) /

Resource Hash

116b38773e8b975f3404a0928a999967b33dd2688c933363319d70690081572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 617ac37b33c56
dc: ccg11-origin-www-1.paypal.com
content-length: 51011
last-modified: Mon, 29 Jan 2024 18:41:17 GMT
server: ECAcc (frc/4CA5)
traceparent: 00-0000000000000000000617ac37b33c56-24a9a27d7f209829-01
etag: W/"65b7f14d-26d93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 312E 1 KB
1 KB 184ms
64ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7035d45eb48ae4d87ea2f6349fe75bfcfa7e39072aa9db5aa7a14d2f26ab0e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 04:09:21 GMT

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.65/ 6 KB
3 KB 8ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB9) /

Resource Hash

ef97165b72ca6540d3b11b61a5349f9317c699cad27257d93cd76dca145ec618

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4dbdcd577ae15
dc: ccg11-origin-www-1.paypal.com
content-length: 2651
last-modified: Mon, 29 Jan 2024 18:41:17 GMT
server: ECAcc (frc/4CB9)
traceparent: 00-00000000000000000004dbdcd577ae15-159d089070bb420a-01
etag: "65b7f14d-18d1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 05:09:21 GMT

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 216ms
216ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8452663fd70ebe66bd1bf6363b1a0797ccd4ebc8f0cde0c973dda49d34c4ab0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ds0cqzzHE3zRcQBQ1VwhyWhMgEr4OoH7b8zEOF6auOnSZQIn' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ds0cqzzHE3zRcQBQ1VwhyWhMgEr4OoH7b8zEOF6auOnSZQIn' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f68041430b9ae
server-timing: "traceparent;desc="00-0000000000000000000f68041430b9ae-e660deb6d694616a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f68041430b9ae-57c9e66b47462c94-01
x-timer: S1706674162.662427,VS0,VE209
etag: W/"8a3-6V9yw11kNlh3cj1lywqx69A3FPY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 65 KB
22 KB 14ms
9ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/bc3/5f3db610aaab47a388638c4e1e4b2/js/signin-split.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (daa/7D20) /

Resource Hash

d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 249377
date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 358144
x-cache: HIT
paypal-debug-id: f462442442682
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21999
x-served-by: cache-fra-eddf8230027-FRA
last-modified: Sat, 27 Jan 2024 00:26:38 GMT
server: ECAcc (daa/7D20)
traceparent: 00-0000000000000000000f462442442682-21e123ea0dc7a494-01
x-timer: S1706674162.669157,VS0,VE1
etag: W/"65b44dbe-1026d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Thu, 01 Feb 2024 04:09:21 GMT

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 230ms
230ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3dd7f2025b56d00f02b0e5cae176709e72a4cc0b7b593b63f284a707eb9e0ac0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-O5PXlUwDTs9lbgWpuEnBhI8SqkfquNapVGWERPkUGBjqdcrS' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-O5PXlUwDTs9lbgWpuEnBhI8SqkfquNapVGWERPkUGBjqdcrS' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f680414d48ebe
server-timing: "traceparent;desc="00-0000000000000000000f680414d48ebe-b36ac01b79290a48-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f680414d48ebe-090db7b2e3e060fc-01
x-timer: S1706674162.664820,VS0,VE222
etag: W/"7f2-mrxeyDTnpIpiqlhT4UOorbj710k"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 challenge.js Show response
www.paypal.com/auth/createchallenge/f02774003e4e6e81/ 15 KB
8 KB 306ms
305ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/f02774003e4e6e81/challenge.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff3cb7337273357f63b0700e4b434d9125dc707cd77dbad6608af386e6452afd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-z+NjQSfouZFWY9pOevNC39FSYI+qW4Ko0Qe97pPFYiJx8gXU' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-z+NjQSfouZFWY9pOevNC39FSYI+qW4Ko0Qe97pPFYiJx8gXU' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f68041436f270
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f68041436f270-9986717dc35bc72f-01
x-timer: S1706674162.664793,VS0,VE299
etag: W/"3d2a-5ESLxD+wcTfDmQKuWbIesZJ64OM"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 206ms
205ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c6bff1fc480b7101263c2a69b660a51d4b4e11106c6eeb7ea753c27e29e04e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-25tt3YWB3Xkt1TK2lOMBVeMdzZUEfJKItqmfcNxgeGLdHwBo' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-25tt3YWB3Xkt1TK2lOMBVeMdzZUEfJKItqmfcNxgeGLdHwBo' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f68041456eafb
server-timing: "traceparent;desc="00-0000000000000000000f68041456eafb-0ba5f29a38ed53fb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f68041456eafb-3c633fa5b34b3871-01
x-timer: S1706674162.665274,VS0,VE198
etag: W/"820-zSf2bMzvCg3oz4ynR418wUaZRHQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 cookie-banner Show response
www.paypal.com/signin/ 21 KB
9 KB 269ms
269ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/cookie-banner?flowId=65b2eaf031274bbf8066d473488aa102&

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c020fa186ae6b27c7b85c5a5d4739ddd0c21b2d373207029b59ade85ca257f9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ScB+yVuuEDeN5BJEYEjyOSUc6MAXLRVdj3nac9OhatPLimwy' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ScB+yVuuEDeN5BJEYEjyOSUc6MAXLRVdj3nac9OhatPLimwy' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f680414715012
server-timing: "traceparent;desc="00-0000000000000000000f680414715012-3d9586b2acbebdbc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f680414715012-5a107ea04f3ae4d5-01
x-timer: S1706674162.668770,VS0,VE258
etag: W/"545e-VIlGeT8S8vXi39o5EAIdmOB6Xgw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 17 KB
8 KB 241ms
241ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6199f224f8ee0ab52e811d3f1d0c6fad7bc3c12ae9a7d9def6f4f47867484a21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-nmc4KAHyv9uUPLNjsk3QboXtn8GG90hfDfPh1j149s0Z9O+v' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-nmc4KAHyv9uUPLNjsk3QboXtn8GG90hfDfPh1j149s0Z9O+v' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f6804146916fd
server-timing: "traceparent;desc="00-0000000000000000000f6804146916fd-d7c895ed255c8cb0-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6804146916fd-f154ffdf8030354d-01
x-timer: S1706674162.668758,VS0,VE231
etag: W/"4588-Evsn4OA1R3rzl9QFmaFn9TRnyxI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 245ms
245ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f16dc39eac61ec598c01415c94e1544a5da6e728dd748ec058070cf8eef40ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Qy4qSW0V8F3l57UN7VISh8o2Fw2iXQcLJmeWXmXlRt3yO9j+' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Qy4qSW0V8F3l57UN7VISh8o2Fw2iXQcLJmeWXmXlRt3yO9j+' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f6804149c8559
server-timing: "traceparent;desc="00-0000000000000000000f6804149c8559-96b090a14e8346b6-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6804149c8559-0f97dd7511108f98-01
x-timer: S1706674162.668757,VS0,VE236
etag: W/"7f2-lOVsHjYV+o2ptD5jv9qieQKGK74"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ Frame BFF7 2 B
2 KB 229ms
229ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-z4o7+uM8T2R8nvfN6exzHROErNR7VMeTZsSaBPpG+tJa2dEr' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-z4o7+uM8T2R8nvfN6exzHROErNR7VMeTZsSaBPpG+tJa2dEr' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:21 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f68041483b1fc
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f68041483b1fc-068f66e3c6294b06-01
x-timer: S1706674162.686278,VS0,VE221
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 7D03 160 B
1 KB 158ms
158ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 41973f195a87e
date: Wed, 31 Jan 2024 04:09:21 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 41973f195a87e
server-timing: "traceparent;desc="00-000000000000000000041973f195a87e-5fbc58f0b6830cdc-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000041973f195a87e-4cb5bbf7c6172bc3-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230027-FRA
x-timer: S1706674162.687548,VS0,VE151
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
lhr.stats.paypal.com/v1/ Frame BFF7
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s

42 B
299 B

81ms
23ms

Image
image/jpeg

34.147.177.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s
Protocol: HTTP/1.1
Server: 34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.177.147.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 04:09:21 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02NWIyZWFmMDMxMjc0YmJmODA2NmQ0NzM0ODhhYTEwMiZpPTE4NS4yMTMuMTU1LjE2MSZ0PTE3MDY2NzQxNjEuNDI2JmE9MjEmcz1VTklGSUVEX0xPR0lON7suTG2HZxQpaDrnr-cGo5KRd8s
Date: Wed, 31 Jan 2024 04:09:21 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
390 B 216ms
178ms Image
text/plain 2a04:4e42::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=65b2eaf031274bbf8066d473488aa102&s=UL_CONNECT_THIRDPARTY_INPUT_EMAIL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
paypal-debug-id: 5f84efd10def0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-eddf8230096-FRA
correlation-id: 5f84efd10def0
traceparent: 00-00000000000000000005f84efd10def0-51cd361df342b3ff-01
x-timer: S1706674162.726314,VS0,VE171
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 312E 481 KB
193 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196969
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 22:21:16 GMT

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
4 KB 193ms
193ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7a556c98a7d04cc82bdacd4fdec2501314d2299ed6bf5d17b0a9ae7c99a9e94c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-zc65Ff7xuQwqHiiATPf0+5rZ5Dh90M4lDFRANXg8yCnu2P0t' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-zc65Ff7xuQwqHiiATPf0+5rZ5Dh90M4lDFRANXg8yCnu2P0t' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f6804145a1caf
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6804145a1caf-30ab2a0d86761184-01
x-timer: S1706674162.822307,VS0,VE185
etag: W/"70a-koXvVgMtNjaa0obviE7lPtiyqCA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 7D03 65 KB
22 KB 8ms
8ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (daa/7D20) /

Resource Hash

d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 249378
date: Wed, 31 Jan 2024 04:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 358144
x-cache: HIT
paypal-debug-id: f462442442682
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21999
x-served-by: cache-fra-eddf8230027-FRA
last-modified: Sat, 27 Jan 2024 00:26:38 GMT
server: ECAcc (daa/7D20)
traceparent: 00-0000000000000000000f462442442682-21e123ea0dc7a494-01
x-timer: S1706674162.848460,VS0,VE1
etag: W/"65b44dbe-1026d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Thu, 01 Feb 2024 04:09:21 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 7D03 125 B
1011 B 188ms
188ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29d53b2fa6b27742269a4647c5c830a145a66ebc80f5540c969e03131843b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 04:09:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: a7060192c6d64
server-timing: "traceparent;desc="00-0000000000000000000a7060192c6d64-0ce921b41d56a1a2-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-eddf8230027-FRA
correlation-id: a7060192c6d64
traceparent: 00-0000000000000000000a7060192c6d64-6ea441a75bab3c16-01
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 7D03 0
363 B 174ms
174ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 04:09:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: f285f632ac759
server-timing: "traceparent;desc="00-0000000000000000000f285f632ac759-1df23ad617be23f6-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230027-FRA
correlation-id: f285f632ac759
traceparent: 00-0000000000000000000f285f632ac759-3963a8835b4fbe23-01
vary: Accept-Encoding
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 265ms
265ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vc1GNZx5EoFXILbf43WeyxnxfBYqDKxAyDKNm2Gu32g0y+tJ' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vc1GNZx5EoFXILbf43WeyxnxfBYqDKxAyDKNm2Gu32g0y+tJ' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:22 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f68041489c01e
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f68041489c01e-4ae44dbf557270ce-01
x-timer: S1706674162.940079,VS0,VE255
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 9ms
9ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D0A) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5afdb95f0696d
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frc/4D0A)
traceparent: 00-00000000000000000005afdb95f0696d-b74492ffeae800a7-01
etag: "60271cda-6318"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 31 Jan 2024 05:09:21 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
714 B 170ms
160ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.14&t=1706674161937&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1706674161377&calc=f494955259b99&nsid=TdDcyBfN33fU3aVTgxYx0gwkOYA8doc6&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=55e92ff8a578454280df4be95a9dbedf&comp=unifiedloginnodeweb&tsrce=identityappsnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C109059%2C104406%2C104405%2C104407&xt=123956%2C123954%2C143369%2C119037%2C120151%2C119038&transition_name=ss_prepare_email&userRedirected=true&fltk=65b2eaf031274bbf8066d473488aa102&flid=65b2eaf031274bbf8066d473488aa102&ctx_login_ot_content=0&obex=connect&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_signup_btn=shown%7Cdefault&context_id=65b2eaf031274bbf8066d473488aa102&ctx_login_intent=connect_thirdparty&ctx_login_flow=Third%20Party%20Login&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fidapps%2Fconnect%2Fconsent&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&event_name=cookie_banner_shown&e=ac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB6) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 04:09:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 0370836615936
server: ECAcc (frc/4CB6)
traceparent: 00-00000000000000000000370836615936-72d4fed048ac2ec7-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 0370836615936
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Wed, 31 Jan 2024 04:09:22 GMT

POST
H2 200 verifychallenge Show response
www.paypal.com/auth/ 2 B
3 KB 181ms
181ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifychallenge

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-YDRCUFY/x1pKohO9cEY8W/QnMvd1p/j+5mOKZ5eOXKn469sG' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-YDRCUFY/x1pKohO9cEY8W/QnMvd1p/j+5mOKZ5eOXKn469sG' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:22 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f6804140f67eb
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f6804140f67eb-7d9b7ffccf53443e-01
x-timer: S1706674162.974138,VS0,VE174
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
455 B 167ms
167ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.14&t=1706674162144&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1706674161377&calc=f494955259b99&nsid=TdDcyBfN33fU3aVTgxYx0gwkOYA8doc6&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=55e92ff8a578454280df4be95a9dbedf&comp=unifiedloginnodeweb&tsrce=identityappsnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C108653%2C108652%2C100846%2C109040%2C101875%2C109047%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101216%2C104200%2C108076%2C109047&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104577%2C104577%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103863%2C114559%2C104050%2C125356%2C109962%2C105856%2C120732%2C120732%2C105858%2C141151%2C141149%2C102359%2C143320%2C106610%2C143342%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103863%2C127485%2C138090%2C143342&transition_name=ss_prepare_email&userRedirected=true&fltk=65b2eaf031274bbf8066d473488aa102&flid=65b2eaf031274bbf8066d473488aa102&ctx_login_ot_content=0&obex=connect&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_signup_btn=shown%7Cdefault&context_id=65b2eaf031274bbf8066d473488aa102&ctx_login_intent=connect_thirdparty&ctx_login_flow=Third%20Party%20Login&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fidapps%2Fconnect%2Fconsent&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2141%2C%22tcp%22%3A2013%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=260&t3=2&t4d=0&t4=0&t4e=3&tt=2092&rdc=0&protocol=h2&res=%7B%7D&t12=2031

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CEC) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 04:09:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: c1facb552eb05
server: ECAcc (frc/4CEC)
traceparent: 00-0000000000000000000c1facb552eb05-b5871fc6f1169b8c-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: c1facb552eb05
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Wed, 31 Jan 2024 04:09:22 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 7190 44 KB
28 KB 78ms
77ms Document
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=93mjkzw663v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f436a8e2dd8ea221e4a92b7f9208ccbe54bed89be1f1e1eb8d827fd836499fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kapRJhqzx6v3X9ALtlh_VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kapRJhqzx6v3X9ALtlh_VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 04:09:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 40 B
1 KB 167ms
166ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88277c186bfcd0f25745c2bee409718f2f215ffc0eb9107b53c57d29c8dba115

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://.paypalobjects.com https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Encoding: gzip
X-Tealeaf-SaaS-TLTDID: 38095847638019306404585656733252
X-Tealeaf: device (UIC) Lib/6.4.65
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,5,7,12,14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID: 81455907044930283230755306204952
X-Requested-With: fetch
X-TealeafType: GUI
accept-language: de-DE,de;q=0.9
X-PageId: P.KWPRNPQUWUMKKRWNEMKQ4BG4FWNK
X-TeaLeaf-Page-Url: /signin
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:22 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f680414b0f411
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f680414b0f411-dad0855bde33e68e-01
x-timer: S1706674162.248939,VS0,VE153
etag: W/"28-IKCbUt3TKP6J5xIODIEb4PHcwJ8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 7190 55 KB
24 KB 154ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=93mjkzw663v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 22:21:16 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 7190 481 KB
192 KB 153ms
51ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196969
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 22:21:16 GMT

GET
H2 200 zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js Show response
www.google.com/js/bg/ Frame 7190 17 KB
7 KB 164ms
51ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:54:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6922
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:54:15 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 7190 102 B
135 B 63ms
62ms Other
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=93mjkzw663v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 04:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 04:09:22 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 7190 14 KB
10 KB 100ms
100ms XHR
application/json 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1fdc3635c2f2ba64e4d4a61ecbba8e27055cf17aa17cd53a443ab7e6b8179a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=93mjkzw663v
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 31 Jan 2024 04:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 04:09:22 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 261ms
261ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-XINFqAj2miZHXnbB7ELGcg6A0VfscKmKy2P4aYSKNMexPOp8' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-XINFqAj2miZHXnbB7ELGcg6A0VfscKmKy2P4aYSKNMexPOp8' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f8598602be9ac
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8598602be9ac-dd7d566bc27ba20c-01
x-timer: S1706674163.988169,VS0,VE255
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
504 B 190ms
190ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.14&t=1706674163144&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1706674161377&calc=f494955259b99&nsid=TdDcyBfN33fU3aVTgxYx0gwkOYA8doc6&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=55e92ff8a578454280df4be95a9dbedf&comp=unifiedloginnodeweb&tsrce=identityappsnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C108653%2C108652%2C100846%2C109040%2C101875%2C109047%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101216%2C104200%2C108076%2C109047&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104577%2C104577%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103863%2C114559%2C104050%2C125356%2C109962%2C105856%2C120732%2C120732%2C105858%2C141151%2C141149%2C102359%2C143320%2C106610%2C143342%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103863%2C127485%2C138090%2C143342&transition_name=ss_prepare_email&userRedirected=true&fltk=65b2eaf031274bbf8066d473488aa102&flid=65b2eaf031274bbf8066d473488aa102&ctx_login_ot_content=0&obex=connect&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_signup_btn=shown%7Cdefault&context_id=65b2eaf031274bbf8066d473488aa102&ctx_login_intent=connect_thirdparty&ctx_login_flow=Third%20Party%20Login&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fidapps%2Fconnect%2Fconsent&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=167&t3=1&tt=168&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A168%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 04:09:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 9a227b5726336
server: ECAcc (frc/4CE6)
traceparent: 00-00000000000000000009a227b5726336-768addfb13f2d4fb-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 9a227b5726336
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Wed, 31 Jan 2024 04:09:23 GMT

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 280ms
280ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-sn0DrOQHp0rN2bjgihLvxu9oVorh3Lo1x0s+9nbs3OGCW+Iw' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/signin?intent=connect&ctxId=connect%3A7a3152146ec544a0ae4d66a8880b7df6&returnUri=https%3A%2F%2Fwww.paypal.com%2Fidapps%2Fconnect%2Fconsent%3FctxId%3DAAE881Bhy4cS5C5iw3nDnt4_NbBwpU8C9lzXrSWzEnyRf7t4BBtGXaI35rIDRSfauhv-c5qK3_CypEigSp_cwEk8%26client_id%3DAQcmaZuuM2rDxq4kGZfPFuKJoFaC6pb0AF1UEQsETtTep27-KXrkWp9WU_G0VZZ-yflHTzHrQqLg-jYl%26scope%3Demail%2Baddress%2Bprofile%2Bopenid%2Bphone%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fpaypalattributes%252Fbusiness%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Fshippable-orders%252Fread%2Bhttps%253A%252F%252Furi.paypal.com%252Fservices%252Fshipping%252Ftrackers%252Freadwrite%26redirect_uri%3Dhttps%253A%252F%252Fauthbridge.auctane.com%252Fauthflow%252Fpaypal_v2%252Faccept%26response_type%3Dcode&flowId=65b2eaf031274bbf8066d473488aa102
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-sn0DrOQHp0rN2bjgihLvxu9oVorh3Lo1x0s+9nbs3OGCW+Iw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 04:09:25 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f106717e72867
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230027-FRA, cache-fra-eddf8230027-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f106717e72867-59e2cc82bd4063b3-01
x-timer: S1706674165.938482,VS0,VE272
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 22:23:46	Name: _GRECAPTCHA Value: 09AJUwu4izYEH6bLtQUuWseVOaUl0CJHbuqn6roc6nd18TnsWMGRw97seLc2mC7ercxxpjKLEZd7O6tx7nhXVCaqU
paypal.shipstation.com/	1969-12-31 23:59:59	Name: _csrf Value: _Oojmap6Ozb5RbKp-mpuTfDk
paypal.shipstation.com/	1970-01-20 18:14:38	Name: AWSALB Value: IBvWTyxRLljvugoGnA1D3huU3hwOGMfMKygiOaSSPqirSkrDJ/Twq+4HKdBFSZ2/eWDAZftajI7P3nnf9zbPyQIsDu1yYMHSQ4r2CJboVLvX8hEoPimDJ0x3aClP
paypal.shipstation.com/	1970-01-20 18:14:38	Name: AWSALBCORS Value: IBvWTyxRLljvugoGnA1D3huU3hwOGMfMKygiOaSSPqirSkrDJ/Twq+4HKdBFSZ2/eWDAZftajI7P3nnf9zbPyQIsDu1yYMHSQ4r2CJboVLvX8hEoPimDJ0x3aClP
authbridge.auctane.com/	1970-01-20 18:04:35	Name: MonoAuthSession Value: NDNmMzliY2UtMjMyNC00YTUyLTg4ZjUtZWIwNjgzMjI0NDYw%7C883rAjRQLWrdaf%2FpXM0itDGs8fWzOvul9mEZd9i%2FR5I%3D
.paypal.com/	1970-01-20 18:04:35	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 03:40:34	Name: ts_c Value: vr%3D5db5045118d0aa308054a6bbfbf50d5b%26vt%3D5db5045118d0aa308054a6bbfbf50d5a
.paypal.com/	1970-01-20 18:05:05	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-21 02:50:10	Name: enforce_policy Value: gdpr_v2.1
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3ATdDcyBfN33fU3aVTgxYx0gwkOYA8doc6.gqK%2F%2FNA9ClgAcBnnEE9Pe5vFV%2FLoziBY3sqV5gyglws
.paypal.com/	1970-01-21 03:40:34	Name: cookie_check Value: yes
.paypal.com/	1970-01-21 03:40:34	Name: d_id Value: 55e92ff8a578454280df4be95a9dbedf1706674161389
.paypal.com/	1969-12-31 23:59:59	Name: TLTSID Value: 81455907044930283230755306204952
.paypal.com/	1970-01-21 02:50:10	Name: TLTDID Value: 38095847638019306404585656733252
.stats.paypal.com/	1970-01-21 03:40:34	Name: c Value: feb1251ba0ffcee76ffb
.paypal.com/	1970-01-21 02:50:10	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/	1970-01-21 03:40:34	Name: sc_f Value: eTt6Ma1aX2XkKGAVkhedykg9IjPBDHZzSnxu2yU-vd6Ocbec4nRAlPo-zcyG0DFNGmkP34wLBVSx1gwMxGzbj-e3Az3dTMVdJssD80
.paypal.com/	1970-01-21 03:40:34	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: lDABxhrgDwuQwS6bs8S7z0K7zUlVk4y1DgaWt1ewe5qOo0NVOKaU4c9Alaybu0BnUKX9BSoz7-UWwcrc
.paypal.com/	1970-01-21 03:40:34	Name: ddi Value: mlm9Ti0pK5ZmNi20T8Mj0Yf9Hy3m1W9y_U7W-d9XWVmqEnaUqLDbc7Cf1-cAKMjE-ojjMaJ-IzmCO0nba_tiS-6kCD3fCHIi_hv9hic2FW2Uuxa4
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTcwNjY3NDE2NTExMiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 18:08:53	Name: tsrce Value: privacynodeweb
.paypal.com/	1970-01-21 03:40:34	Name: ts Value: vreXpYrS%3D1801368565%26vteXpYrS%3D1706675965%26vr%3D5db5045118d0aa308054a6bbfbf50d5b%26vt%3D5db5045118d0aa308054a6bbfbf50d5a%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0GWYtk/N027ionWL671SSpj6/DoHoDYjmquQBNzvriNJH8Q+' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authbridge.auctane.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
lhr.stats.paypal.com
paypal.shipstation.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
107.23.169.246
151.101.1.21
192.229.221.25
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a04:4e42::291
3.231.108.226
34.147.177.40
34.232.17.90
0b1d330057dc082e5b3036a2e7fb5b2e0105e5df4f63801a4ed03b4a670177ca
0ec34b2c64cf8ac9e34f0ab429c9b2909b504c4c4ffc9a550a4a39771d410ec8
116b38773e8b975f3404a0928a999967b33dd2688c933363319d70690081572c
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1daa651ce7ba078d935d9ecaae89975505c40d0a7e66e71e6a70cf0347fc1fd5
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
20a2d7931d178496064f9601fa2ba120c2bfff33f0bcf6569fbefe1143c0bfd1
27e23955d2e8a8b15dd900996040b9895ebaad02ddcff68b43a64b90511f7904
29d53b2fa6b27742269a4647c5c830a145a66ebc80f5540c969e03131843b505
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
2f16dc39eac61ec598c01415c94e1544a5da6e728dd748ec058070cf8eef40ec
3dd7f2025b56d00f02b0e5cae176709e72a4cc0b7b593b63f284a707eb9e0ac0
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6199f224f8ee0ab52e811d3f1d0c6fad7bc3c12ae9a7d9def6f4f47867484a21
699d387cc5463944c8e7519d6beb1c8d9a1d1c71a3835bbbf44b9a77195d66e9
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5
6c6bff1fc480b7101263c2a69b660a51d4b4e11106c6eeb7ea753c27e29e04e3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a556c98a7d04cc82bdacd4fdec2501314d2299ed6bf5d17b0a9ae7c99a9e94c
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
8452663fd70ebe66bd1bf6363b1a0797ccd4ebc8f0cde0c973dda49d34c4ab0b
88277c186bfcd0f25745c2bee409718f2f215ffc0eb9107b53c57d29c8dba115
88a7e5bd39a6c855b46d6cf6bed3e4d6970ac8b2647fc120619e12bab0ba24b0
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9f436a8e2dd8ea221e4a92b7f9208ccbe54bed89be1f1e1eb8d827fd836499fa
a1fdc3635c2f2ba64e4d4a61ecbba8e27055cf17aa17cd53a443ab7e6b8179a1
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
c020fa186ae6b27c7b85c5a5d4739ddd0c21b2d373207029b59ade85ca257f9c
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500bba8b43058f87009037d8153203079cb1d7989d794f966fe432353fce52d
ef97165b72ca6540d3b11b61a5349f9317c699cad27257d93cd76dca145ec618
f7035d45eb48ae4d87ea2f6349fe75bfcfa7e39072aa9db5aa7a14d2f26ab0e8
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
ff3cb7337273357f63b0700e4b434d9125dc707cd77dbad6608af386e6452afd

www.paypal.com Open in urlscan Pro 151.101.1.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

40 %IPv6

7 Domains

12 Subdomains

7 IPs

3 Countries

871 kBTransfer

2405 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

40 %
IPv6

7
Domains

12
Subdomains

7
IPs

3
Countries

871 kB
Transfer

2405 kB
Size

22
Cookies

53 HTTP transactions
0 data transactions