urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.1.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.paypal-prepagata.com/
Effective URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Submission Tags: falconsandbox
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 38 HTTP transactions. The main IP is 151.101.1.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3110.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.67.1 54113 (FASTLY)
1 9 151.101.1.21 54113 (FASTLY)
26 192.229.221.25 15133 (EDGECAST)
1 2600:9000:235... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
38 5
1    151.101.67.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal-prepagata.com
9    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
26    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
t.paypal.com
1    2600:9000:235a:da00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
22 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
673 KB
13 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
t.paypal.com — Cisco Umbrella Rank: 3894
46 KB
2 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1537
1 KB
1 gstatic.com
www.gstatic.com
213 KB
1 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3995
68 KB
1 paypal-prepagata.com
www.paypal-prepagata.com
184 B
38 6
Domain Requested by
22 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
9 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
4 t.paypal.com www.paypal.com
2 www.recaptcha.net www.paypal.com
www.gstatic.com
1 www.gstatic.com www.recaptcha.net
1 images.ctfassets.net www.paypal.com
1 www.paypal-prepagata.com 1 redirects
38 7

This site contains links to these domains. Also see Links.

Domain
www.cartalis.it
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
misc.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Frame ID: 674F1F3A4E0B40E39BC138DBE022B316
Requests: 34 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: 7D8F79B0A4A0E492BA0466BCF08E1B63
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=it&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=3jhlrj8h4vq6
Frame ID: CF49C693175669D0A4F420967B59A217
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prepagata PayPal - La carta prepagata di PayPal

Page URL History Show full URLs

  1. http://www.paypal-prepagata.com/ HTTP 307
    https://www.paypal-prepagata.com/ HTTP 301
    https://www.paypal.com/it/prepagata HTTP 301
    https://www.paypal.com/it/webapps/mpp/prepaid-discover Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Page Statistics

38
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

1000 kB
Transfer

3075 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.paypal-prepagata.com/ HTTP 307
    https://www.paypal-prepagata.com/ HTTP 301
    https://www.paypal.com/it/prepagata HTTP 301
    https://www.paypal.com/it/webapps/mpp/prepaid-discover Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request prepaid-discover
www.paypal.com/it/webapps/mpp/
Redirect Chain
  • http://www.paypal-prepagata.com/
  • https://www.paypal-prepagata.com/
  • https://www.paypal.com/it/prepagata
  • https://www.paypal.com/it/webapps/mpp/prepaid-discover
45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
648156a16535ecdb702d9ad4dde132b46919d8789dfff366ca99c25f09267c25
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-1zxALRacfoCshdXmCAyroBt7eyuX62x09ngmLctnuynSdG7v' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-1zxALRacfoCshdXmCAyroBt7eyuX62x09ngmLctnuynSdG7v' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sat, 29 Jun 2024 20:59:46 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"a5cb-Akf/UJFjQ6cStaDtvcIlpCJXbcI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f847262193e43
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f847262193e43-2726887e8f335d13-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
x-timer
S1719694786.136844,VS0,VE440
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sat, 29 Jun 2024 20:59:46 GMT
dc
ccg11-origin-www-1.paypal.com
location
/it/webapps/mpp/prepaid-discover
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f84726234f9f3
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f84726234f9f3-b10f60cd7f69443e-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
x-timer
S1719694786.971858,VS0,VE141
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CED) /
Resource Hash
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
c6aaf9bdbc5fd
dc
ccg11-origin-www-1.paypal.com
content-length
6757
last-modified
Wed, 05 Jun 2024 09:10:35 GMT
server
ECAcc (frc/4CED)
traceparent
00-0000000000000000000c6aaf9bdbc5fd-aadb7c85b962b507-01
etag
W/"66602b8b-5a55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF1) /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
6a688479b0072
dc
ccg11-origin-www-1.paypal.com
content-length
18320
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
server
ECAcc (frc/4CF1)
traceparent
00-00000000000000000006a688479b0072-fd5d1e56c437087e-01
etag
"5a66ae4b-4790"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d42afbe9acad8
dc
ccg11-origin-www-1.paypal.com
content-length
18360
last-modified
Tue, 23 Jan 2018 02:50:53 GMT
server
ECAcc (frc/4D05)
traceparent
00-0000000000000000000d42afbe9acad8-62eddcfd303602c5-01
etag
"5a66a30d-47b8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
afa9a602071f1154fea203d618da40f33aae8a.css
www.paypalobjects.com/marketing-resources/css/66/ 		503 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing-resources/css/66/afa9a602071f1154fea203d618da40f33aae8a.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D04) /
Resource Hash
2d09578ee636adee2e9ae4055f616e2ff3d12116ba86bf5206dd1b0701346e72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
d1d141f1004ba
dc
ccg11-origin-www-1.paypal.com
content-length
66840
last-modified
Wed, 11 Oct 2023 08:49:51 GMT
server
ECAcc (frc/4D04)
traceparent
00-0000000000000000000d1d141f1004ba-40fcaef3af4cbc00-01
etag
W/"652661af-7dab8"
vary
Accept-Encoding
content-type
text/css
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
main-1f6bb619.css
www.paypalobjects.com/globalnav/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/globalnav/css/main-1f6bb619.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
1f6bb619129e55c38a04652a0fce863656c4705d4618e1de18f2863a1788a531
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
8a621acd0ad5f
dc
ccg11-origin-www-1.paypal.com
content-length
1357
last-modified
Fri, 21 Jun 2024 12:22:31 GMT
server
ECAcc (frc/4D07)
traceparent
00-00000000000000000008a621acd0ad5f-7f68799a8ab3c81d-01
etag
"66757087-1a0e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
main-e36cc50d.js
www.paypalobjects.com/globalnav/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/globalnav/js/main-e36cc50d.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D02) /
Resource Hash
374d56aa520c728f6d56b235bcf7ba39f4a3838306278662f984092e5c97dfc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
8ec0c9ae4aaf0
dc
ccg11-origin-www-1.paypal.com
content-length
6665
last-modified
Fri, 21 Jun 2024 12:22:31 GMT
server
ECAcc (frc/4D02)
traceparent
00-00000000000000000008ec0c9ae4aaf0-cf86fee3f6b80c5c-01
etag
"66757087-4164+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
Icon_shops.png
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/Icon_shops.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF8) /
Resource Hash
bf20c2d01af636d434b0fb636e6b1884d5c15ab8a3701413ebaebe80f27c9793
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e707dc1448365
dc
ccg11-origin-www-1.paypal.com
content-length
9592
last-modified
Wed, 04 Apr 2018 12:37:36 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CF8)
traceparent
00-0000000000000000000e707dc1448365-32990a2535d811df-01
etag
"5ac4c710-2578"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
Icon_topup.png
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/Icon_topup.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9A) /
Resource Hash
52543e3f9143a50645740c150f3b0f52fb6f608bf00fa2e8d6afbf017ba1357c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
f787a24347910
dc
ccg11-origin-www-1.paypal.com
content-length
9850
last-modified
Tue, 03 Apr 2018 03:30:51 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4C9A)
traceparent
00-0000000000000000000f787a24347910-3fd09b1b7b0e9ab3-01
etag
"5ac2f56b-267a"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
prepaid_cards_opt-1.png
images.ctfassets.net/7rifqg28wcbd/4yvKfBtKch8YbZCLfXzx9J/9bf29570855dad1d2de64333606bba9e/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/7rifqg28wcbd/4yvKfBtKch8YbZCLfXzx9J/9bf29570855dad1d2de64333606bba9e/prepaid_cards_opt-1.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4d139e83ce45fb58a931697cabba2c6238b41cce5ffe7cc3519e12d9d6aefe4b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 07:50:57 GMT
via
1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jan 2020 09:58:21 GMT
server
Contentful Images API
x-amz-cf-pop
FRA60-P9
age
47330
etag
"8f15e2f0b655616d2b28ea83e4a1ad3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
69481
x-amz-cf-id
8h9oWNwGltlbFzTEcYQnqBE8ewb611iqta0YLXJJ7RZ4Rvw4-U-Rkg==
Icon_control.png
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/Icon_control.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C98) /
Resource Hash
3f67725c992a5b26f8ff11174ed79bbccefd04d9e60f9be53db68761d0751d7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
04f2e618655f3
dc
ccg11-origin-www-1.paypal.com
content-length
9579
last-modified
Tue, 03 Apr 2018 03:31:00 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4C98)
traceparent
00-000000000000000000004f2e618655f3-bd4b5aa4d6b52dc9-01
etag
"5ac2f574-256b"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
Icon_transfer.png
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/Icon_transfer.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
7df5b6ba52aed827faf25d0ad41367e6d73f8ea5322d0fabafce928d47121c71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
5bc91824d4f49
dc
ccg11-origin-www-1.paypal.com
content-length
13272
last-modified
Tue, 03 Apr 2018 03:30:53 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CBB)
traceparent
00-00000000000000000005bc91824d4f49-6b6cd2c870d13b22-01
etag
"5ac2f56d-33d8"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
react-17_0_1-bundle.js
www.paypalobjects.com/marketing-resources/vendors/ 		132 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA5) /
Resource Hash
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
667c122dd4bf9
dc
ccg11-origin-www-1.paypal.com
content-length
44167
last-modified
Mon, 22 Feb 2021 21:58:19 GMT
server
ECAcc (frc/4CA5)
traceparent
00-0000000000000000000667c122dd4bf9-8b4e61e1b2c7e4ed-01
etag
W/"603428fb-20ee8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
4137749584236d857a03ad2ff781392dd849180f83e4adebb255570823229586
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
3ec02e9c1dd67
dc
ccg11-origin-www-1.paypal.com
content-length
25539
last-modified
Thu, 27 Jun 2024 02:45:21 GMT
server
ECAcc (frc/4CFA)
traceparent
00-00000000000000000003ec02e9c1dd67-9c0fca78f1bfb935-01
etag
"667cd241-10fcf+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
open-chat.js
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 		1 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD3) /
Resource Hash
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
98a4489f27b6d
dc
ccg11-origin-www-1.paypal.com
content-length
775
last-modified
Sat, 13 Feb 2021 00:19:40 GMT
server
ECAcc (frc/4CD3)
traceparent
00-000000000000000000098a4489f27b6d-12fc5e23716add0c-01
etag
W/"60271b1c-5bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
marketingIntentsV2.js
www.paypalobjects.com/activation/js/ 		554 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/activation/js/marketingIntentsV2.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF1) /
Resource Hash
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
0c8bcfffcb5c2
dc
ccg11-origin-www-1.paypal.com
content-length
365
last-modified
Fri, 12 Feb 2021 23:55:13 GMT
server
ECAcc (frc/4CF1)
traceparent
00-00000000000000000000c8bcfffcb5c2-6761c662428fc945-01
etag
"60271561-22a+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 30 Jun 2024 20:59:46 GMT
c1c57790d8d29bddce70e4247b5a9cd2ce963f.js
www.paypalobjects.com/marketing-resources/js/58/ 		1 MB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing-resources/js/58/c1c57790d8d29bddce70e4247b5a9cd2ce963f.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
b30c5cb98b7cad23ce739a411097717483a8f50d556aed2aa1d37bd55b5ce76c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
61b50b6f00cb6
dc
ccg11-origin-www-1.paypal.com
content-length
255808
last-modified
Wed, 05 Jun 2024 06:04:27 GMT
server
ECAcc (frc/4CBD)
traceparent
00-000000000000000000061b50b6f00cb6-a1f7c94c4f3ac2d5-01
etag
W/"665fffeb-10f1e8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
recaptchav3.js
www.paypal.com/auth/createchallenge/df9aaf0e625458ba/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/df9aaf0e625458ba/recaptchav3.js?_sessionID=13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e52f6f48f0c95a23065f94fd9798ca91a329da604d7f071c7c4c84b486232477
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jk+jWv/+9QsPNXAftMn0xZR2WMEcGYwSAlibsauqf7RXBkhF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jk+jWv/+9QsPNXAftMn0xZR2WMEcGYwSAlibsauqf7RXBkhF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:46 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f410334915814
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f410334915814-e1be6f7e54748e76-01
x-timer
S1719694787.729916,VS0,VE255
etag
W/"2b73-d2rShbdhJhcnMqK53UAtsUBA9CE"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
pp_prepagata.png
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/pp_prepagata.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF7) /
Resource Hash
ba568f56aaf3fa94a35ebacfa6ef36d339b1c3e2fa74d28a8e53a287997a4e4c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
18a2895170752
dc
ccg11-origin-www-1.paypal.com
content-length
10185
last-modified
Wed, 25 Apr 2018 10:44:40 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CF7)
traceparent
00-000000000000000000018a2895170752-fd5731eaed7f29ea-01
etag
"5ae05c18-27c9"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
hero_image_prepaid_opt.jpg
www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/digitalassets/c/website/marketing/emea/it/it/prepaid-discover/hero_image_prepaid_opt.jpg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
9e114547048fe17de0e1d0705ac0bc563521c5bdb91a5105b43ebb0d9cc6ac44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
fc2801854803d
dc
ccg11-origin-www-1.paypal.com
content-length
91767
last-modified
Tue, 14 May 2019 09:45:53 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CB9)
traceparent
00-0000000000000000000fc2801854803d-f77a8b8ad9b01064-01
etag
"5cda8e51-16677"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/66/afa9a602071f1154fea203d618da40f33aae8a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypalobjects.com/marketing-resources/css/66/afa9a602071f1154fea203d618da40f33aae8a.css
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
b91a21d0ebb71
dc
ccg11-origin-www-1.paypal.com
content-length
27457
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
server
ECAcc (frc/4CC0)
traceparent
00-0000000000000000000b91a21d0ebb71-36652096df351584-01
etag
"6298f2c0-6b41"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/66/afa9a602071f1154fea203d618da40f33aae8a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypalobjects.com/marketing-resources/css/66/afa9a602071f1154fea203d618da40f33aae8a.css
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
f3509c63d9b90
dc
ccg11-origin-www-1.paypal.com
content-length
26700
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
server
ECAcc (frc/4CCC)
traceparent
00-0000000000000000000f3509c63d9b90-8d24ec9ca8420dee-01
etag
"6298f2c0-684c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:46 GMT
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		314 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
426220c19e1e7b5bc7fd52993d859b5328334ec787f377fa37646fd8673d9900
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
e7a320f3ee723
dc
ccg11-origin-www-1.paypal.com
content-length
35468
last-modified
Thu, 27 Jun 2024 02:45:21 GMT
server
ECAcc (frc/4CDC)
traceparent
00-0000000000000000000e7a320f3ee723-ac5a7adafefb135a-01
etag
"667cd241-4e664"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 29 Jun 2024 21:59:46 GMT
eligibility
www.paypal.com/smartchat/open/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/it/webapps/mpp/prepaid-discover
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef2465843020b437dfc3676c829242621cf7b6ced9c19eba3333454f281bc8bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-PnwQSylbXB10Ae93Xa6uxrcuvFtXlfEUWDiggT872KYQvUns' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
X-Requested-With
XMLHttpRequest
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-PnwQSylbXB10Ae93Xa6uxrcuvFtXlfEUWDiggT872KYQvUns' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:47 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f410334675936
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f410334675936-f53b6bd02cd4f45c-01
x-timer
S1719694787.794284,VS0,VE216
etag
W/"4f3-8RD3blYDO95Bweiq8/5VgRScB/Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
it
www.paypal.com/it/webapps/mpp/rest/cookie-banner/IT/ 		21 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/it/webapps/mpp/rest/cookie-banner/IT/it
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ffd1bcc6daa53eb0fdd4cc1ec687c1d2606d64ced5e74f6558e9b8b0528d7c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-G23bjjwcCCu2rnp+SdbVyCbPwatejMIdSsVpgazeZ5295ajt' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
X-Requested-With
fetch
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-G23bjjwcCCu2rnp+SdbVyCbPwatejMIdSsVpgazeZ5295ajt' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:47 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f4103347c4243
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f4103347c4243-0c8dfebc5952a7ce-01
x-timer
S1719694787.794245,VS0,VE265
etag
W/"52c7-MmK9Rd/Fm8b50ZrLAAFV9qiOB2k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.20&t=1719694786873&g=-120&pgrp=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover&page=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover%3A%3A%3A&rsta=it_IT&ccpg=it&comp=mppnodeweb&xe=107814%2C104449%2C105841&xt=140225%2C142459%2C135141&pageurl=%2Fit%2Fwebapps%2Fmpp%2Fprepaid-discover&fcp=949.200&fcp_attr=%7B%22timeToFirstByte%22%3A%22783.700%22%2C%22firstByteToFCP%22%3A%22165.500%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%22949.200%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22good%22%7D&e=cwv
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C83) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 20:59:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
cff021b577d3a
server
ECAcc (frc/4C83)
traceparent
00-0000000000000000000cff021b577d3a-e0a579e1b668ec6e-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
cff021b577d3a
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
server-timing
traceparent;desc="00-0000000000000000000cff021b577d3a-053ebcdbfcb481bb-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sat, 29 Jun 2024 20:59:46 GMT
grcenterprise_v3.html
www.paypal.com/auth/recaptcha/ Frame 7D8F 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/df9aaf0e625458ba/recaptchav3.js?_sessionID=13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 29 Jun 2024 20:59:47 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"15c2-190122401a0"
last-modified
Thu, 13 Jun 2024 15:07:48 GMT
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f41033463c819
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f41033463c819-1a4ef5adde7c63ec-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
x-timer
S1719694787.012266,VS0,VE148
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:business:partner:prepaid-discover:::&component=mppnodeweb&eventSourceUrl=https://www.paypal.com/it/webapps/mpp/prepaid-discover
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6jTJB0ORyGNWcmWv7EKXMlLsOJEFA95JpAPCJ/6Mr6KBkvmK' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
X-Requested-With
XMLHttpRequest
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
sec-ch-ua-full-version
"126.0.6478.126"
Accept
application/json
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6jTJB0ORyGNWcmWv7EKXMlLsOJEFA95JpAPCJ/6Mr6KBkvmK' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f410334a00e78
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f410334a00e78-9d1a6568b212aefa-01
x-timer
S1719694787.105864,VS0,VE234
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.20&t=1719694787096&g=-120&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=Unknown&calc=f847262193e43&nsid=13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=IT&csci=8572976a1f7b49cdb5f676885e218f7b&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C109679%2C109059%2C104406%2C104405%2C104407&xt=123956%2C123954%2C146708%2C143369%2C119037%2C119034%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=prepaid-discover&pgsf=business&lgin=out&server=origin&shir=main_mktg_business_partner&pros=2&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&api_name=cookieBanner&displaypage=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&event_name=cookie_banner_shown&product=consentNodeServ&e=ac
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/it/webapps/mpp/prepaid-discover
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 20:59:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
d7599cb22349d
server
ECAcc (frc/4CA9)
traceparent
00-0000000000000000000d7599cb22349d-e3d95e7a8ca35f85-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
d7599cb22349d
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
server-timing
traceparent;desc="00-0000000000000000000d7599cb22349d-472d518acddec707-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sat, 29 Jun 2024 20:59:47 GMT
enterprise.js
www.recaptcha.net/recaptcha/ Frame 7D8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=it
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
16018f0484dc9df481736882dcb044ecdbedfaa6c3f71eaa877708592107c6a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 20:59:47 GMT
pp32.png
www.paypalobjects.com/webstatic/icon/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/icon/pp32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB6) /
Resource Hash
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
5ae2365ab9abc
dc
ccg11-origin-www-1.paypal.com
content-length
3972
last-modified
Wed, 30 Apr 2014 15:54:51 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CB6)
traceparent
00-00000000000000000005ae2365ab9abc-1077fffe2bf09aa0-01
etag
"53611ccb-f84"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:47 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ Frame 7D8F 		535 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__it.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40d2ae9e406ec334ab1270cbc544e7d468676fa1ee2eb790f79a0864442ebf7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Origin
https://www.paypal.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:29:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217283
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Jun 2025 18:29:04 GMT
favicon.ico
www.paypalobjects.com/webstatic/icon/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/icon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB3) /
Resource Hash
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 20:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7aecf912392ec
dc
ccg11-origin-www-1.paypal.com
content-length
1403
last-modified
Thu, 01 May 2014 21:26:45 GMT
server
ECAcc (frc/4CB3)
traceparent
00-00000000000000000007aecf912392ec-76ee9b2041e10ce3-01
etag
W/"5362bc15-1536"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/x-icon
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 29 Jun 2024 21:59:47 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame CF49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=it&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=3jhlrj8h4vq6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f_TI44hzxW2TM74Mcnnnxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-f_TI44hzxW2TM74Mcnnnxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jun 2024 20:59:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ts
t.paypal.com/ 		42 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.20&t=1719694787760&g=-120&pgrp=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover&page=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover%3A%3A%3A&pgst=Unknown&calc=f847262193e43&nsid=13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=it&csci=8572976a1f7b49cdb5f676885e218f7b&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=107814%2C104449%2C105841&xt=140225%2C142459%2C135141&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=prepaid-discover&pgsf=business&lgin=out&server=origin&shir=main_mktg_business_partner&pros=2&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A2%2C%22t11%22%3A1730%2C%22tcp%22%3A949%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A264%7D&pt=Prepagata%20PayPal%20-%20La%20carta%20prepagata%20di%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=2&t1c=0&t1d=0&t1s=0&t2=462&t3=2&t4d=0&t4=0&t4e=2&tt=1465&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE0) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 20:59:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
643c7d93f65cf
server
ECAcc (frc/4CE0)
traceparent
00-0000000000000000000643c7d93f65cf-9d5f7bf28b73b8dd-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
643c7d93f65cf
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
server-timing
traceparent;desc="00-0000000000000000000643c7d93f65cf-f335c80ef99834e3-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sat, 29 Jun 2024 20:59:47 GMT
verifygrcenterprise
www.paypal.com/auth/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-c4VN7noAaJBE3w6YraMWGNO688fM1Cpjllnk6m1ED90SUiLS' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-Type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
x-requested-with
XMLHttpRequest
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-c4VN7noAaJBE3w6YraMWGNO688fM1Cpjllnk6m1ED90SUiLS' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f877842f1cb86
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f877842f1cb86-5ac738656de38982-01
x-timer
S1719694788.446541,VS0,VE278
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.20&t=1719694788761&g=-120&pgrp=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover&page=main%3Amktg%3Abusiness%3Apartner%3Aprepaid-discover%3A%3A%3A&pgst=Unknown&calc=f847262193e43&nsid=13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=it&csci=8572976a1f7b49cdb5f676885e218f7b&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=107814%2C104449%2C105841&xt=140225%2C142459%2C135141&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=business&lgin=out&server=origin&shir=main_mktg_business_partner&pros=2&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=197&t3=1&tt=198&protocol=h2&cdn=edgecast&view=%7B%22t10%22%3A0%2C%22t11%22%3A198%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 20:59:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
424ab688891da
server
ECAcc (frc/4CBB)
traceparent
00-0000000000000000000424ab688891da-e2a79410e8734d47-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
424ab688891da
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
server-timing
traceparent;desc="00-0000000000000000000424ab688891da-debec5e032cf15bf-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sat, 29 Jun 2024 20:59:48 GMT
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:business:partner:prepaid-discover:::&component=mppnodeweb&eventSourceUrl=https://www.paypal.com/it/webapps/mpp/prepaid-discover
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-spCp/GpDJ3r4x4BSsatYMFyMIIImnVFNaAR4uTVcZ8YQ/uXR' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
X-Requested-With
XMLHttpRequest
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
sec-ch-ua-full-version
"126.0.6478.126"
Accept
application/json
Referer
https://www.paypal.com/it/webapps/mpp/prepaid-discover

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-spCp/GpDJ3r4x4BSsatYMFyMIIImnVFNaAR4uTVcZ8YQ/uXR' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:59:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f3388822b29f3
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220136-FRA, cache-fra-etou8220136-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3388822b29f3-771cd2b1586746d4-01
x-timer
S1719694790.111043,VS0,VE205
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| antiClickjack object| modelData object| __GLOBAL_NAV_CONTEXT_REGIONALBANNER__ boolean| paypalADSInterceptorInjected object| dataLayer object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| React object| ReactDOM function| t object| latmconf object| laDataLayer function| _0x559f function| _0xc9fe function| openSalesChat function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| PageBundle

11 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AB5STronXO-SlPYxavlqOdyTQUJoN6m1ZzM6ex1A0M6CgxO0ToIO4Uvt0DbjoCyTfKvO2lQzGN3QjkHnOqU8Vjg
.paypal.com/ Name: ts_c
Value: vr%3D65cbfdfd1900ad10f8bbac87fe04f382%26vt%3D65cbfdfd1900ad10f8bbac87fe04f381
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: LANG
Value: it_IT%3BIT
www.paypal.com/ Name: nsid
Value: s%3A13XWhP9ypAJGGi3UHqCKw2v3KDqIEfyg.C8et1Fszi3%2BODbW3VaiStGgajiaLNKSBKlIZMwLjuME
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTcxOTY5NDc5MDI0MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: privacynodeweb
.paypal.com/ Name: ts
Value: vreXpYrS%3D1814302790%26vteXpYrS%3D1719696590%26vr%3D65cbfdfd1900ad10f8bbac87fe04f382%26vt%3D65cbfdfd1900ad10f8bbac87fe04f381%26vtyp%3Dnew

1 Console Messages

Source Level URL
Text
security warning URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-1zxALRacfoCshdXmCAyroBt7eyuX62x09ngmLctnuynSdG7v' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
t.paypal.com
www.gstatic.com
www.paypal-prepagata.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
151.101.1.21
151.101.67.1
192.229.221.25
2600:9000:235a:da00:12:94b3:c380:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2003
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
16018f0484dc9df481736882dcb044ecdbedfaa6c3f71eaa877708592107c6a0
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1f6bb619129e55c38a04652a0fce863656c4705d4618e1de18f2863a1788a531
2d09578ee636adee2e9ae4055f616e2ff3d12116ba86bf5206dd1b0701346e72
374d56aa520c728f6d56b235bcf7ba39f4a3838306278662f984092e5c97dfc8
3f67725c992a5b26f8ff11174ed79bbccefd04d9e60f9be53db68761d0751d7f
40d2ae9e406ec334ab1270cbc544e7d468676fa1ee2eb790f79a0864442ebf7a
4137749584236d857a03ad2ff781392dd849180f83e4adebb255570823229586
426220c19e1e7b5bc7fd52993d859b5328334ec787f377fa37646fd8673d9900
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4d139e83ce45fb58a931697cabba2c6238b41cce5ffe7cc3519e12d9d6aefe4b
52543e3f9143a50645740c150f3b0f52fb6f608bf00fa2e8d6afbf017ba1357c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
648156a16535ecdb702d9ad4dde132b46919d8789dfff366ca99c25f09267c25
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7df5b6ba52aed827faf25d0ad41367e6d73f8ea5322d0fabafce928d47121c71
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9e114547048fe17de0e1d0705ac0bc563521c5bdb91a5105b43ebb0d9cc6ac44
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
9ffd1bcc6daa53eb0fdd4cc1ec687c1d2606d64ced5e74f6558e9b8b0528d7c8
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b30c5cb98b7cad23ce739a411097717483a8f50d556aed2aa1d37bd55b5ce76c
ba568f56aaf3fa94a35ebacfa6ef36d339b1c3e2fa74d28a8e53a287997a4e4c
bf20c2d01af636d434b0fb636e6b1884d5c15ab8a3701413ebaebe80f27c9793
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52f6f48f0c95a23065f94fd9798ca91a329da604d7f071c7c4c84b486232477
ef2465843020b437dfc3676c829242621cf7b6ced9c19eba3333454f281bc8bf