www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://epl.paypal-communication.com/T/v600000182ab2edb8ebc4b48f4bbc780a0/b87c8b3f8d9b40dc0000021ef3a0bcc5/b87c8b3f-8d9b-40dc-8cb4-08...
Effective URL:
https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3Fa...
Submission: On August 17 via manual (August 17th 2022, 3:05:06 pm UTC) from BE — Scanned from DE

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 107 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2338.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 12th 2022. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.100 159.127.187.100	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
19	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
40	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
107	14

1 159.127.187.100 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

epl.paypal-communication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2094	936 KB
30	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2338 t.paypal.com — Cisco Umbrella Rank: 3136 Failed c.paypal.com — Cisco Umbrella Rank: 5644 b.stats.paypal.com — Cisco Umbrella Rank: 5095 dub.stats.paypal.com — Cisco Umbrella Rank: 23275 c6.paypal.com — Cisco Umbrella Rank: 6529	125 KB
8	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1926	82 KB
6	gstatic.com www.gstatic.com	658 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	33 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6076	612 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	409 B
1	qualtrics.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 13691	9 KB
1	paypal-communication.com 1 redirects epl.paypal-communication.com — Cisco Umbrella Rank: 47399	322 B
0	google-analytics.com Failed www.google-analytics.com — Cisco Umbrella Rank: 45 Failed
0	Failed function sub() { [native code] }. Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
107	14

	Domain	Requested by
39	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
19	www.paypal.com	www.paypal.com www.paypalobjects.com
8	www.recaptcha.net	www.paypal.com www.gstatic.com www.recaptcha.net www.paypalobjects.com
6	www.gstatic.com	www.recaptcha.net
5	c.paypal.com	www.paypalobjects.com c.paypal.com
4	www.googleadservices.com	www.paypalobjects.com www.googleadservices.com
3	t.paypal.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.paypal.com
2	www.google.de	www.paypal.com
2	www.google.com	1 redirects www.paypal.com
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	www.facebook.com
1	zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	www.paypalobjects.com
1	epl.paypal-communication.com	1 redirects
0	www.google-analytics.com Failed
0	192.55.233.1 Failed	www.paypalobjects.com
0	px.ads.linkedin.com Failed
107	19

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-26` - `2022-08-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
Frame ID: 99F1A2C1B9A99984AF71421C0E2F9372
Requests: 84 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: E52083EA4C82D6A1F4D536064082AECF
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=o1d656bu01ii
Frame ID: 6DB91970AE86EEECCD92BE6ECAC7BF79
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 160BDA5D10BB1B8B82579958F273E389
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa
Frame ID: E9142F03859280F334E3BD9C335F62BD
Requests: 5 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: AD66FCDA36CB4E4EB07F2094803361B1
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E
Frame ID: 1268204A8E388E582246B1877E94C534
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to your PayPal account

Page URL History Show full URLs

https://epl.paypal-communication.com/T/v600000182ab2edb8ebc4b48f4bbc780a0/b87c8b3f8d9b40dc0000021ef3a0bcc5/b87c8b... HTTP 302
https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C... Page URL
https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

107
Requests

85 %
HTTPS

43 %
IPv6

14
Domains

19
Subdomains

14
IPs

4
Countries

1847 kB
Transfer

5219 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://epl.paypal-communication.com/T/v600000182ab2edb8ebc4b48f4bbc780a0/b87c8b3f8d9b40dc0000021ef3a0bcc5/b87c8b3f-8d9b-40dc-8cb4-08ecf84cbb68?__dU__=v0G4RBKTXg2GtDSXU69hUjn6ZGPAo1dkaY HTTP 302
https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email Page URL
https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://epl.paypal-communication.com/T/v600000182ab2edb8ebc4b48f4bbc780a0/b87c8b3f8d9b40dc0000021ef3a0bcc5/b87c8b3f-8d9b-40dc-8cb4-08ecf84cbb68?__dU__=v0G4RBKTXg2GtDSXU69hUjn6ZGPAo1dkaY HTTP 302
https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email

Request Chain 22

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nAP9YsT5J_GP9fgP8baBuAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nAP9YsT5J_GP9fgP8baBuAE&random=2529018055&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nAP9YsT5J_GP9fgP8baBuAE&random=2529018055&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=153615593&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3Futm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Your%20US%245%20Gift%20from%20PayPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACUABB~&jid=1969104923&gjid=793453369&cid=2013689177.1660748701&tid=UA-53389718-12&_gid=89900140.1660748701&_r=1&cd1=&cd2=&cd3=0&cd4=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3Futm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&cd5=za&cd6=en_ZA&cd7=&cd10=mppnodeweb&cd19=105841%2C104449&cd20=126370%2C119299&cd22=main%3Amktg%3Apersonal%3A%3Aclaim-cnc-em&cd26=0&gtm=2oi4f0&z=1261660244 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53389718-12&cid=2013689177.1660748701&jid=1969104923&_gid=89900140.1660748701&gjid=793453369&_v=j79&z=1261660244 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=2013689177.1660748701&jid=1969104923&_v=j79&z=1261660244

Request Chain 89

https://b.stats.paypal.com/v1/counter.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E HTTP 302
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

cnc-em Show response
www.paypal.com/za/webapps/mpp/pfs/claim/
Redirect Chain

https://epl.paypal-communication.com/T/v600000182ab2edb8ebc4b48f4bbc780a0/b87c8b3f8d9b40dc0000021ef3a0bcc5/b87c8b3f-8d9b-40dc-8cb4-08ecf84cbb68?__dU__=v0G4RBKTXg2GtDSXU69hUjn6ZGPAo1dkaY
https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&u...

40 KB
12 KB

605ms
473ms

Document
text/html

151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a87a1194b7a709565b249d5415abcffb082d3e9cb00b44639d4a9eca82dc7b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-bMq02+fiMcmoV1HbJQ7RaXgYpx+nUXAZYIJBwHHH5xja4FC6' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-bMq02+fiMcmoV1HbJQ7RaXgYpx+nUXAZYIJBwHHH5xja4FC6' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 17 Aug 2022 15:05:00 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"9fa7-EdEWjxUIowgDFq32n/PTmltjTos"
paypal-debug-id: f543271a30279
server-timing: "traceparent;desc="00-0000000000000000000f543271a30279-32e03c1f6c737115-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f543271a30279-5da8b24f8d05b07e-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4082-HHN
x-timer: S1660748700.738947,VS0,VE454
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
date: Wed, 17 Aug 2022 15:04:58 GMT
location: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 22 KB
7 KB 201ms
47ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2DD) /

Resource Hash

ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: acc8c66bfdd3e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6711
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
server: ECAcc (frd/E2DD)
etag: "624d6980-5940"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 0
0

GET PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 0
0

GET
H2 200 31ce26db9435cbbd8790ce10bcf79260cf1f7e.css
www.paypalobjects.com/marketing-resources/css/00/ 375 KB
56 KB 170ms
17ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E31C) /

Resource Hash

280e7e409cee522a915d4cc96daa732825274b91ca72cb2dd6bc67b2b89ae3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 8278e48aaeee6
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 57301
last-modified: Thu, 04 Aug 2022 10:21:18 GMT
server: ECAcc (frd/E31C)
traceparent: 00-00000000000000000008278e48aaeee6-3fdc043c6bb8a420-01
etag: W/"62eb9d9e-5dd48"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 react-17_0_1-bundle.js Show response
www.paypalobjects.com/marketing-resources/vendors/ 132 KB
44 KB 32ms
32ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E294) /

Resource Hash

9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 1602a843d2c8a
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 44545
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
server: ECAcc (frd/E294)
etag: W/"603428fb-20ee8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 55 KB
21 KB 184ms
32ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2CE) /

Resource Hash

328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4059e5fb21f2c
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 21559
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
server: ECAcc (frd/E2CE)
traceparent: 00-00000000000000000004059e5fb21f2c-f91b80252e31747b-01
etag: "62fa9eab-dcf5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 open-chat.js Show response
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 1 KB
885 B 32ms
31ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2AC) /

Resource Hash

15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 944ad8e381b1c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 779
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
server: ECAcc (frd/E2AC)
etag: W/"60271b1c-5bf"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
530 B 44ms
43ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2A1) /

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: c5812ead8ad33
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 365
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
server: ECAcc (frd/E2A1)
traceparent: 00-0000000000000000000c5812ead8ad33-e8e5331ca95f8de5-01
etag: "60271561-22a"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 18 Aug 2022 15:05:00 GMT

GET
H2 200 39e31e026946e6d1554734984fe981e2aeed0f.js Show response
www.paypalobjects.com/marketing-resources/js/c8/ 455 KB
132 KB 185ms
32ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/c8/39e31e026946e6d1554734984fe981e2aeed0f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E31B) /

Resource Hash

55ee6cfd0a3e9e213c6324f3ba160593b0f5a4748cd4530bb5c59f141e5fcbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: b7ef50101e17b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 134541
last-modified: Thu, 07 Jul 2022 12:23:40 GMT
server: ECAcc (frd/E31B)
traceparent: 00-0000000000000000000b7ef50101e17b-9720edb12b0c6f29-01
etag: W/"62c6d04c-71bda"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/1cfe49a6342c880e/ 10 KB
6 KB 310ms
309ms Script
text/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/1cfe49a6342c880e/recaptchav3.js?_sessionID=N25-t9AEww-LSUu7RKa80Y0ycr355PG-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

616b9cc2550ea80fb15363539467c2d318f81ead73dac693c2461ac80709f85e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-rZHA3m6fC5mN0X00l+9Caxty3pSYAImyN+A0JLoP2zo+cHya' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-rZHA3m6fC5mN0X00l+9Caxty3pSYAImyN+A0JLoP2zo+cHya' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f54327166036f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f54327166036f-1fe5b84301e29059-01
x-timer: S1660748700.240866,VS0,VE294
date: Wed, 17 Aug 2022 15:05:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"26e7-IDqwFi2sPjt2jvioPduIem8kAYM"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 pp_fc_hl.svg
www.paypalobjects.com/digitalassets/c/website/logo/full-text/ 11 KB
4 KB 17ms
17ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E310) /

Resource Hash

036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a001f73a87829
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 3732
last-modified: Tue, 15 Mar 2016 17:48:58 GMT
server: ECAcc (frd/E310)
etag: W/"56e84b0a-2b4b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 PayPalSansSmall-Regular.woff
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 19 KB
19 KB 17ms
17ms Font
font/woff 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2C7) /

Resource Hash

6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/00/31ce26db9435cbbd8790ce10bcf79260cf1f7e.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
server: ECAcc (frd/E2C7)
etag: "5a66a30d-4cdc"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
paypal-debug-id: 1cc6d6d9b8510
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 19676
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 291 KB
34 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2EA) /

Resource Hash

9cadb2a9badf973121df95b6cadd9547011298dc869f05feee682482380b00cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 1bc6ecd99e800
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 34478
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
server: ECAcc (frd/E2EA)
traceparent: 00-00000000000000000001bc6ecd99e800-c674d19727cfa699-01
etag: "62fa9eab-48a0d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 eligibility Show response
www.paypal.com/smartchat/open/ 1 KB
2 KB 239ms
239ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/za/webapps/mpp/pfs/claim/cnc-em

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97862294daf540db0d8972b06a7881db31e9fde5478c9299c2de18fcc3cf650d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn; script-src 'nonce-6NbsS+UI9D1EjbwIsmo5lsPVgHKlyujnuQLCmBVqk+N/oDTY' 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' https://.kampyle.com https://.qualtrics.com; font-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn data:; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-6NbsS+UI9D1EjbwIsmo5lsPVgHKlyujnuQLCmBVqk+N/oDTY' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f543271bfdab0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f543271bfdab0-e1a9440d01648b19-01
x-timer: S1660748700.452995,VS0,VE224
date: Wed, 17 Aug 2022 15:05:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"53f-m2V98g/0ZgIBuGvusCH4J8Z28f8"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 gtag.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 79 KB
31 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D7) /

Resource Hash

f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d05088e795b2
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 31297
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (frd/E2D7)
traceparent: 00-00000000000000000000d05088e795b2-7c71d117457ac13c-01
etag: "60271cd9-13bba"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 7 KB
3 KB 246ms
246ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2CE) /

Resource Hash

8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: eadb10a0b911e
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 3329
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E2CE)
traceparent: 00-0000000000000000000eadb10a0b911e-7cbfbe3b208792cd-01
etag: "61dccd14-1d47"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
16 KB 130ms
77ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:05:00 GMT

GET
H2 200 analytics.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 44 KB
18 KB 19ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/analytics.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E30F) /

Resource Hash

62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e0112b5f6ed15
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 17980
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (frd/E30F)
traceparent: 00-0000000000000000000e0112b5f6ed15-ae4e9ea918e5a061-01
etag: "60271cd9-aed9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame E520 4 KB
2 KB 162ms
161ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/1cfe49a6342c880e/recaptchav3.js?_sessionID=N25-t9AEww-LSUu7RKa80Y0ycr355PG-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Aug 2022 15:05:00 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"fb3-18287f9fa78"
last-modified: Wed, 10 Aug 2022 13:38:03 GMT
paypal-debug-id: f961526b9f720
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f961526b9f720-e9d199686c3b5184-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4082-HHN
x-timer: S1660748701.557141,VS0,VE145

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/ 3 KB
2 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=1660748700634&cv=9&fst=1660748700634&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c06d66a2f180e91a65cddc1b11a501ea6579f7a5851b69e929bed16893350e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1006288171/ 2 KB
1 KB 29ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1006288171/?random=1660748700636&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

39d9b45916638dbcd5d9979628dfc1a454279f7fcc35b072d31743c6340d3483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1006288171/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

95ms
54ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nAP9YsT5J_GP9fgP8baBuAE&random=2529018055&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1006288171/?random=235025208&cv=9&fst=1660748700636&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nAP9YsT5J_GP9fgP8baBuAE&random=2529018055&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1006288171/ 42 B
548 B 110ms
72ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1006288171/?random=1660748700634&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&async=1&fmt=3&is_vtc=1&random=4124470170&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1006288171/ 42 B
548 B 66ms
27ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1006288171/?random=1660748700634&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Your%20US%245%20Gift%20from%20PayPal&async=1&fmt=3&is_vtc=1&random=4124470170&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.2e4d3453d92fa382c1f6.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 56 KB
16 KB 17ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E312) /

Resource Hash

9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 79602048f176c
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 16285
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E312)
traceparent: 00-000000000000000000079602048f176c-882f3d87936aa901-01
etag: "61dccd14-e017"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:00 GMT

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame E520 977 B
1 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5df12374dac40067845218936d702e8bbaae89ec8e1e427516429855d2fd6b42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:00 GMT

POST
H2 200 Targeting.php Show response
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 111 KB
9 KB 296ms
200ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a821af125923f98c2d453175a012b98a24bed2b1d8019f6232529a800842be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 01b0e22fa7181735
cf-ray: 73c34e346fea9b3f-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E520 383 KB
153 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:45:03 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame 6DB9 42 KB
21 KB 68ms
36ms Document
text/html 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=o1d656bu01ii

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03d70e41143e5994edd62f21d1723ebf2b9946ac1d7016a3d5379b5c871ec1e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ByGsdUb4j-gEWyle_BT25Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21972
content-security-policy: script-src 'report-sample' 'nonce-ByGsdUb4j-gEWyle_BT25Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 15:05:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 6DB9 52 KB
24 KB 47ms
15ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=o1d656bu01ii

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:42:35 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 6DB9 383 KB
152 KB 54ms
23ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:45:03 GMT

GET
H2 200 CoreModule.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 100 KB
30 KB 17ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E291) /

Resource Hash

ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d0b4658ba1db4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 30223
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E291)
traceparent: 00-0000000000000000000d0b4658ba1db4-c6882357fd6f24ca-01
etag: "61dccd14-190b6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 4.bee7caf079144a7b9980.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 2 KB
1 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E296) /

Resource Hash

ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 29e505c39967f
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 1231
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E296)
traceparent: 00-000000000000000000029e505c39967f-ef5df64c2765bf56-01
etag: "61dccd14-9ed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 1.1303dc17a61da0f506d3.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 29 KB
7 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E29A) /

Resource Hash

e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4f2838635e8a0
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 6602
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E29A)
traceparent: 00-00000000000000000004f2838635e8a0-e024637eb8359fad-01
etag: "61dccd14-7257"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 17.0e47ac923c1fa85e46cf.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 19 KB
8 KB 17ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2CB) /

Resource Hash

b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: f2e02168818ad
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 7762
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frd/E2CB)
traceparent: 00-0000000000000000000f2e02168818ad-d9da76e0ad7f3373-01
etag: "61dccd14-4a99"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 6DB9 102 B
134 B 24ms
24ms Other
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=o1d656bu01ii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:01 GMT

GET
H2 200 Primary Request signin Show response
www.paypal.com/za/ 26 KB
12 KB 499ms
499ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/js/c8/39e31e026946e6d1554734984fe981e2aeed0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be405902bc05fb7c9edb2e1a21202e74e9d975ed4541a2da88b71d64dc213493

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-7ZVD+banK9Uk9+cgnJqmgj8wRcqi9WIpc1XyWi6c++Ge1V0H' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-7ZVD+banK9Uk9+cgnJqmgj8wRcqi9WIpc1XyWi6c++Ge1V0H' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 17 Aug 2022 15:05:01 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"6430-bm+lti7Jx/h9ffKOZqsySndwEvw"
paypal-debug-id: f9615260fcf3b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9615260fcf3b-83bb2d359759e979-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-hhn4082-HHN
x-timer: S1660748701.329515,VS0,VE483
x-xss-protection: 1; mode=block

GET ts
t.paypal.com/ 0
0

GET
H2 200 tr
www.facebook.com/ 44 B
409 B 387ms
16ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[MerchantID]=NA&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 17 Aug 2022 15:05:01 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=153615593&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3Futm_source%3Depsilon%26utm_campaign%3...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53389718-12&cid=2013689177.1660748701&jid=1969104923&_gid=89900140.1660748701&gjid=793453369&_v=j79&z=1261660244
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=2013689177.1660748701&jid=1969104923&_v=j79&z=1261660244

0
0

GET /
px.ads.linkedin.com/collect/ 0
0

POST
H3 200 reload
www.recaptcha.net/recaptcha/enterprise/ Frame 6DB9 32 KB
19 KB 56ms
56ms XHR
application/json 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=o1d656bu01ii
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19106
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:01 GMT

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 16ms
16ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2F7) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 7acccca376291
dc: ccg11-origin-www-1.paypal.com
content-length: 110177
last-modified: Sat, 13 Feb 2021 00:29:58 GMT
server: ECAcc (frd/E2F7)
etag: "60271d86-1ae61"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

POST verifygrcenterprise
www.paypal.com/auth/ 0
0

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 22 KB
7 KB 17ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2DD) /

Resource Hash

ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: acc8c66bfdd3e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6711
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
server: ECAcc (frd/E2DD)
etag: "624d6980-5940"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 contextualLoginElementalUIv2.css
www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/ 137 KB
23 KB 17ms
17ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E308) /

Resource Hash

6aa165461cb2b4407e888cb9756306caec1a873e241b7d6df651160ba41965a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 78b21a513d1e6
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 22901
last-modified: Thu, 11 Aug 2022 17:08:52 GMT
server: ECAcc (frd/E308)
traceparent: 00-000000000000000000078b21a513d1e6-e7d170a34059907c-01
etag: W/"62f537a4-225e4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 17 Aug 2023 15:05:01 GMT

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/lib/ 4 KB
2 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/lib/modernizr-2.6.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2B7) /

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 8c40aed0bc092
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 1788
last-modified: Thu, 11 Aug 2022 17:08:52 GMT
server: ECAcc (frd/E2B7)
traceparent: 00-00000000000000000008c40aed0bc092-7619a574de95ff84-01
etag: W/"62f537a4-edf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 17 Aug 2023 15:05:01 GMT

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 20ms
19ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2AD) /

Resource Hash

4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:20:23 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271b47-8bc"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 42e2a8b8a39ff
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 2236
server: ECAcc (frd/E2AD)
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 6 KB
6 KB 20ms
19ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E316) /

Resource Hash

13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "54130c54-16c4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: d1e8f59f24b7
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 5828
server: ECAcc (frd/E316)
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/lib/ 5 KB
2 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/lib/fn-sync-telemetry-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2E8) /

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d6394a6fc8d74
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 2303
last-modified: Thu, 11 Aug 2022 17:08:52 GMT
server: ECAcc (frd/E2E8)
traceparent: 00-0000000000000000000d6394a6fc8d74-0be8b78c1d69a8c0-01
etag: W/"62f537a4-159e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 17 Aug 2023 15:05:01 GMT

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/ 187 KB
45 KB 19ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/signin-split.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2A4) /

Resource Hash

ba0679412293394fd5c7dba899a31411cee77baf7838b8dbed8a7b92b7bf58cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5d6df3237aae7
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 45550
last-modified: Thu, 11 Aug 2022 17:08:52 GMT
server: ECAcc (frd/E2A4)
traceparent: 00-00000000000000000005d6df3237aae7-50278fd34dda822f-01
etag: W/"62f537a4-2ec70"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 17 Aug 2023 15:05:01 GMT

GET
H2 200 ioc.js Show response
www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/ 5 KB
2 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/ioc.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D1) /

Resource Hash

07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 9c77c3013c7f2
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 2005
last-modified: Thu, 11 Aug 2022 17:08:52 GMT
server: ECAcc (frd/E2D1)
traceparent: 00-00000000000000000009c77c3013c7f2-8c220518233c38b4-01
etag: W/"62f537a4-1407"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 17 Aug 2023 15:05:01 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 55 KB
21 KB 19ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2CE) /

Resource Hash

328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4059e5fb21f2c
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 21559
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
server: ECAcc (frd/E2CE)
traceparent: 00-00000000000000000004059e5fb21f2c-f91b80252e31747b-01
etag: "62fa9eab-dcf5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 grcenterprise_v3_static.js Show response
www.paypalobjects.com/webcaptcha/ 11 KB
4 KB 20ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E29E) /

Resource Hash

e675013c15aef9a9bb415be666dae4b79ecd496303a9297bd0e2f86a8017aed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 942b410e58514
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 3804
last-modified: Thu, 11 Aug 2022 15:22:57 GMT
server: ECAcc (frd/E29E)
traceparent: 00-0000000000000000000942b410e58514-ddb4bed99d11682d-01
etag: W/"62f51ed1-2a39"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 1 KB
664 B 17ms
16ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2B9) /

Resource Hash

f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 722fad029507
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 548
last-modified: Wed, 15 Jun 2022 22:33:20 GMT
server: ECAcc (frd/E2B9)
etag: "62aa5e30-436"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 17ms
16ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2F7) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 99bb7ab9a54e2
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frd/E2F7)
etag: "60271cda-6318"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 18 KB
18 KB 16ms
16ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E30E) /

Resource Hash

2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/css/contextualLoginElementalUIv2.css
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 6888e8170bc0d
dc: ccg11-origin-www-1.paypal.com
content-length: 18508
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frd/E30E)
etag: "60271cda-484c"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 291 KB
34 KB 17ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2EA) /

Resource Hash

9cadb2a9badf973121df95b6cadd9547011298dc869f05feee682482380b00cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 1bc6ecd99e800
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 34478
last-modified: Mon, 15 Aug 2022 19:29:47 GMT
server: ECAcc (frd/E2EA)
traceparent: 00-00000000000000000001bc6ecd99e800-c674d19727cfa699-01
etag: "62fa9eab-48a0d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 grcenterprise_v3_static.html Show response
www.paypalobjects.com/webcaptcha/ Frame 160B 5 KB
2 KB 16ms
16ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E285) /

Resource Hash

0872c75690c79bd99f3f1fa8c41d4bda8bee3b0359305c2b685b44fb33ad7054

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 1655
content-type: text/html
date: Wed, 17 Aug 2022 15:05:01 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"62e02cf2-13cb"
expires: Wed, 17 Aug 2022 16:05:01 GMT
last-modified: Tue, 26 Jul 2022 18:05:38 GMT
paypal-debug-id: d61c44744a4cb
server: ECAcc (frd/E285)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d61c44744a4cb-04fa039b0ee14822-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 gtag.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 79 KB
31 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D7) /

Resource Hash

f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: d05088e795b2
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 31297
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (frd/E2D7)
traceparent: 00-00000000000000000000d05088e795b2-7c71d117457ac13c-01
etag: "60271cd9-13bba"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.1.0/ 130 KB
45 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2EE) /

Resource Hash

71399ff1720fa4e82d94d92941a8fe5ec96a4449d5f83bae63da5d361d1bcdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 56480310e305e
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 45867
last-modified: Fri, 29 Jul 2022 17:11:22 GMT
server: ECAcc (frd/E2EE)
traceparent: 00-000000000000000000056480310e305e-bb7b8880878cfe7f-01
etag: "62e414ba-207a4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H3 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 160B 977 B
638 B 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5df12374dac40067845218936d702e8bbaae89ec8e1e427516429855d2fd6b42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:01 GMT

GET
H2 200 analytics.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 44 KB
18 KB 18ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/analytics.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E30F) /

Resource Hash

62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e0112b5f6ed15
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 17980
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
server: ECAcc (frd/E30F)
traceparent: 00-0000000000000000000e0112b5f6ed15-ae4e9ea918e5a061-01
etag: "60271cd9-aed9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:01 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 51ms
51ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:05:02 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 160B 383 KB
152 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:45:03 GMT

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.1.0/ 7 KB
3 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E304) /

Resource Hash

b7e5ed4ab79932cb3d76551d06f4bc215f05217ae758f90cf527ef06d2149878

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: f92f845b95e74
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 2801
last-modified: Sun, 14 Aug 2022 07:29:08 GMT
server: ECAcc (frd/E304)
traceparent: 00-0000000000000000000f92f845b95e74-a8619a700ecfa51d-01
etag: "62f8a444-1ba4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 17 Aug 2022 16:05:02 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/ 3 KB
1 KB 67ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=1660748702035&cv=9&fst=1660748702035&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f7dd8d48da269bcbac566694358e9167122d704d818d33876da0fe1765cfa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1006288171/ 2 KB
1 KB 29ms
29ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1006288171/?random=1660748702037&cv=9&fst=1660748702037&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

707ba3aad39e782af22181be29794b254496ac605dca6431d62d347089ff1d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame E914 42 KB
22 KB 34ms
34ms Document
text/html 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4005004aa1f98f8a1f7dcde31f1a18684143223df08a2f7459bf9f9dee0bb68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GHhy0i-KroVS75ccIMThFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22075
content-security-policy: script-src 'report-sample' 'nonce-GHhy0i-KroVS75ccIMThFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 15:05:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 219ms
219ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-mvvNNpQH3u41QxptjXxeTvsE5sGYlIhltr6TaorKp5oSHo9m' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-mvvNNpQH3u41QxptjXxeTvsE5sGYlIhltr6TaorKp5oSHo9m' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274752a2e38a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f274752a2e38a-ff2489727673ba0c-01
x-timer: S1660748702.089729,VS0,VE199
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 218ms
217ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-rFQvpCwDe0yIVm6qeK/fLuD4EVmrZ0RJL3NnTv1BqNBWmmHg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-rFQvpCwDe0yIVm6qeK/fLuD4EVmrZ0RJL3NnTv1BqNBWmmHg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f2747522a335a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f2747522a335a-e746834b5a18ff95-01
x-timer: S1660748702.117535,VS0,VE202
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET /
www.google.com/pagead/1p-user-list/1006288171/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 184ms
184ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-CvBj8aKiF2rHFjDYNtL+EszGtC5AVciWsIFm/SMHMWak6ER6' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-CvBj8aKiF2rHFjDYNtL+EszGtC5AVciWsIFm/SMHMWak6ER6' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274752cbd433
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f274752cbd433-c9ef27d2a88e6889-01
x-timer: S1660748702.117834,VS0,VE169
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET /
www.google.de/pagead/1p-user-list/1006288171/ 0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E914 52 KB
24 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:42:35 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E914 383 KB
152 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 14:45:03 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame E914 102 B
134 B 27ms
27ms Other
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:02 GMT

OPTIONS resourceaccesstoken
192.55.233.1/ Frame 0
0

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
3 KB 240ms
240ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df177a6a4dbdbcd0445c99acd2c64ace83d60eb918c52df68a88a382f07136cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-vrEN9FW+3Z+pKNIAyM7q8/PPpCTgHvONtjNv1LpxlFWvssPV' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-vrEN9FW+3Z+pKNIAyM7q8/PPpCTgHvONtjNv1LpxlFWvssPV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f27475221bc7f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f27475221bc7f-bebfb60bbdcefea6-01
x-timer: S1660748702.207619,VS0,VE224
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"933-P3lrLEK+0MoOZ3TJlUzC4IQOKMg"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 57 KB
20 KB 244ms
17ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/05b/2ac1c46b1488d16dd78009430d291/js/signin-split.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frd/E2ED) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581760
x-cache: HIT, HIT
paypal-debug-id: 48a8e3d7f5e33
x-cache-hits: 1368565
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 20053
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (frd/E2ED)
traceparent: 00-000000000000000000048a8e3d7f5e33-512dd75ec1bb1bd4-01
x-timer: S1660748702.434298,VS0,VE1
etag: W/"62f2c748-e586"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:05:02 GMT

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
3 KB 211ms
211ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2731c518300df0b2d9a6b0f9e52a792e7bb39eee1c57f9813a624c31efe677fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-XIpeUTHvKIc1gmchV9Ms3eV7PQtok0siySJfMnRM0FYzYmod' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-XIpeUTHvKIc1gmchV9Ms3eV7PQtok0siySJfMnRM0FYzYmod' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274752b85b81
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f274752b85b81-6b2bb74a1bbe2080-01
x-timer: S1660748702.210687,VS0,VE195
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"895-KUYFliT2HgUgqQfgEBvesJIapiM"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 challenge.js Show response
www.paypal.com/auth/createchallenge/1804a423002e5edf/ 17 KB
8 KB 335ms
335ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/1804a423002e5edf/challenge.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

08a9efd30c8f7b121a8c318cbbaff8bfd2dc0afd42e388a0249a688759a01d0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-m6y0CjhhsmGZwW/10wLYVNfWxZNtsnZALeJwEbD4OiQEil01' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-m6y0CjhhsmGZwW/10wLYVNfWxZNtsnZALeJwEbD4OiQEil01' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f2747520f7497
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f2747520f7497-e5741d5418b5c000-01
x-timer: S1660748702.211016,VS0,VE317
date: Wed, 17 Aug 2022 15:05:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"4535-ZQF9/eNBlq5v38KZBRGlO20zF1M"
accept-ranges: none
x-cache-hits: 0

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
3 KB 215ms
215ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7508f5a84d4ceebf3c3d0f6da60171dbd6949ca0978d9f5fd769c78a0d0bf355

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9hQ6K5j/cdx0KRUR3c3dmRhC+Awz1oRFGpPIbcfXPeCAVv5v' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9hQ6K5j/cdx0KRUR3c3dmRhC+Awz1oRFGpPIbcfXPeCAVv5v' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f27475273e84c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f27475273e84c-b3a1513cd4f7d983-01
x-timer: S1660748702.211299,VS0,VE200
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"8c5-vV76+5cKSvTl9WQgSANuDLHByCg"
accept-ranges: none
x-cache-hits: 0

POST resourceaccesstoken
192.55.233.1/ 0
0

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 65 KB
16 KB 207ms
207ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bb54f9d083667d9c74215fe6de324d46222a02843977c32195dc215f015176c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Xe3Mg3PktujS1OuX4qaM/PcsJt4IlrGWLV56yCCAE7s9ml/g' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Xe3Mg3PktujS1OuX4qaM/PcsJt4IlrGWLV56yCCAE7s9ml/g' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274752deec81
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f274752deec81-51b9d597858ae92b-01
x-timer: S1660748702.212155,VS0,VE192
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"105cb-Awu1obSlmD5HEjXl4F5Z6WtMzno"
accept-ranges: none
x-cache-hits: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame E914 32 KB
19 KB 51ms
51ms XHR
application/json 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5972d7bc0e90c699e1b095e316a249a9bcacdeb8e33684f849f4376ae1256ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=mmudgzetq5sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19121
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 15:05:02 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 308ms
308ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-BjC8IT9e7FC+mXUaVotqoZmr57eFJuOECpoa+LrVyI6gwSVt' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-BjC8IT9e7FC+mXUaVotqoZmr57eFJuOECpoa+LrVyI6gwSVt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f274752170292
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f274752170292-9272bfa1a1603b73-01
x-timer: S1660748702.365379,VS0,VE293
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame AD66 160 B
1 KB 181ms
180ms Document
text/html 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 540e0b954413a
date: Wed, 17 Aug 2022 15:05:02 GMT
paypal-debug-id: 540e0b954413a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000540e0b954413a-f25f230eef6fbd42-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4074-HHN
x-timer: S1660748702.468707,VS0,VE163
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v1/ Frame 1268
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E

42 B
299 B

139ms
41ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 15:05:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0xODFlZWIyMTRhOTE0MTgzOTk2MWIwYTcyZDJjYjNiOCZpPTIxNy42NC4xNTEuNjcmdD0xNjYwNzQ4NzAxLjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOaosnikQR_LfML2JaWHf5tabV53E
Date: Wed, 17 Aug 2022 15:05:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 ts
t.paypal.com/ 42 B
820 B 206ms
205ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660748702506&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1660748701679&calc=f9615260fcf3b&nsid=N25-t9AEww-LSUu7RKa80Y0ycr355PG-&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=ZA&csci=181eeb214a9141839961b0a72d2cb3b8&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=0&gacook=2013689177.1660748701&xe=105604%2C104200%2C102557%2C101408%2C104227%2C105392%2C105416%2C105553%2C105552%2C105554%2C104039%2C104038%2C105843%2C105845%2C105844%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124898%2C121070%2C109630%2C104576%2C117972%2C123875%2C125100%2C125523%2C125528%2C125516%2C120731%2C120736%2C126378%2C126406%2C126390%2C108797%2C121328%2C103864%2C114559%2C121070&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A964%2C%22tcp%22%3A597%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A78%7D&pt=Log%20in%20to%20your%20PayPal%20account&ru=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=499&t3=1&t4d=0&t4=0&t4e=4&tt=888&rdc=0&protocol=h2&cdn=fastly&res=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: dfdcb7ad81b09
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4071-HHN
pragma: no-cache
traceparent: 00-0000000000000000000dfdcb7ad81b09-c06265457853c3bc-01
x-timer: S1660748703.522966,VS0,VE186
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:05:02 GMT

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 191ms
190ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-jd4d3Z2nSWeWvjDIAHJgty5IfDsUZyOTTZXSMKaEs4zN3zuc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-jd4d3Z2nSWeWvjDIAHJgty5IfDsUZyOTTZXSMKaEs4zN3zuc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f987825d5a81a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f987825d5a81a-6f054bdc2fc1b46b-01
x-timer: S1660748703.527340,VS0,VE176
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET tr
www.facebook.com/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 195ms
194ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-OCwCIoScfSVSeRIoRFA1NPu9bIOue46q3QHN/xzEcAlLtYr4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-OCwCIoScfSVSeRIoRFA1NPu9bIOue46q3QHN/xzEcAlLtYr4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f9878259bc080
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f9878259bc080-973b21c62a9c26ac-01
x-timer: S1660748703.527890,VS0,VE180
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET collect
www.google-analytics.com/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 192ms
191ms Other
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-XKErJWbJptjYz1lMQYutbiRG1abhuy2rNVXlP0Zmucgkfuqk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-XKErJWbJptjYz1lMQYutbiRG1abhuy2rNVXlP0Zmucgkfuqk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f987825df83a7
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f987825df83a7-5cdbe45abac7e0b1-01
x-timer: S1660748703.530381,VS0,VE174
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET /
px.ads.linkedin.com/collect/ 0
0

POST
H2 200 verifychallenge Show response
www.paypal.com/auth/ 2 B
2 KB 203ms
202ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifychallenge

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-xbSycLrZ44oPYdN+ietgofLF5/xOv7PvqwOZhLNtrxi7paNr' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://.paypal.com https://.paypal.cn; base-uri 'self' https://.paypal.com https://.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-xbSycLrZ44oPYdN+ietgofLF5/xOv7PvqwOZhLNtrxi7paNr' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f987825c73f9f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f987825c73f9f-946bc5d09bc2c24c-01
x-timer: S1660748703.553456,VS0,VE180
date: Wed, 17 Aug 2022 15:05:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 20ms
20ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2F7) /

Resource Hash

21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 7acccca376291
dc: ccg11-origin-www-1.paypal.com
content-length: 110177
last-modified: Sat, 13 Feb 2021 00:29:58 GMT
server: ECAcc (frd/E2F7)
etag: "60271d86-1ae61"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 17 Aug 2022 16:05:02 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame AD66 57 KB
20 KB 18ms
18ms Script
application/javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frd/E2ED) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581760
x-cache: HIT, HIT
paypal-debug-id: 48a8e3d7f5e33
x-cache-hits: 1368568
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 20053
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (frd/E2ED)
traceparent: 00-000000000000000000048a8e3d7f5e33-512dd75ec1bb1bd4-01
x-timer: S1660748703.657402,VS0,VE2
etag: W/"62f2c748-e586"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 15:05:02 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame AD66 125 B
659 B 210ms
209ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d1bbc521b4ab779df31b331fdb7d1ed7300ce046463c3c4ca906d2df1ccd6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: b805d0e37b9d4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn4074-HHN
correlation-id: b805d0e37b9d4
traceparent: 00-0000000000000000000b805d0e37b9d4-a0c27861dac45eda-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame AD66 0
185 B 191ms
190ms XHR
text/plain 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
via: 1.1 varnish
correlation-id: 10f4d6c879117
traceparent: 00-000000000000000000010f4d6c879117-6b6dd6dbced3cf53-01
x-served-by: cache-hhn4074-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 10f4d6c879117
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame AD66 0
238 B 261ms
204ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=181eeb214a9141839961b0a72d2cb3b8&s=UNIFIED_LOGIN_INPUT_EMAIL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frb/67EC) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:02 GMT
content-encoding: gzip
correlation-id: 72495df7d8e62
server: ECAcc (frb/67EC)
traceparent: 00-000000000000000000072495df7d8e62-4c8172b92202b92f-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 72495df7d8e62
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=188
timing-allow-origin: *
vary: Accept-Encoding
content-length: 20

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 39 B
783 B 231ms
230ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34405ab6cebfce72d0715cd13d5cb8efd68756dcb7cebbb05fd8eb3eaa2eede5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://.paypalobjects.com https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Encoding: gzip
X-PageId: P.XTTBUJZBBA72PW97EFMUVFQ4VMVQ
X-Tealeaf: device (UIC) Lib/6.1.0.1989
X-Tealeaf-SyncXHR: false
accept-language: de-DE,de;q=0.9
X-Tealeaf-MessageTypes: 1,2,5,7,12,14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json
X-Tealeaf-SaaS-AppKey: 76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID: 73495710801372129244504532305321
X-Requested-With: fetch
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /za/signin
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f987825b515ca
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4082-HHN
traceparent: 00-0000000000000000000f987825b515ca-49f2ddbdd03003e9-01
x-timer: S1660748703.770135,VS0,VE212
x-frame-options: SAMEORIGIN
date: Wed, 17 Aug 2022 15:05:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"27-J9RZxL1RpbLMzl6M/2EFueAsdOM"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 ts
t.paypal.com/ 42 B
159 B 200ms
199ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660748703507&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1660748701679&calc=f9615260fcf3b&nsid=N25-t9AEww-LSUu7RKa80Y0ycr355PG-&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=ZA&csci=181eeb214a9141839961b0a72d2cb3b8&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=0&gacook=2013689177.1660748701&xe=105604%2C104200%2C102557%2C101408%2C104227%2C105392%2C105416%2C105553%2C105552%2C105554%2C104039%2C104038%2C105843%2C105845%2C105844%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124898%2C121070%2C109630%2C104576%2C117972%2C123875%2C125100%2C125523%2C125528%2C125516%2C120731%2C120736%2C126378%2C126406%2C126390%2C108797%2C121328%2C103864%2C114559%2C121070&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=206&t3=1&tt=207&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A207%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:03 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 38a872f2e9a0e
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4071-HHN
pragma: no-cache
traceparent: 00-000000000000000000038a872f2e9a0e-a7ca9996ab6b3dc8-01
x-timer: S1660748704.520651,VS0,VE183
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:05:03 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 191ms
191ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.9&t=1660748703507&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1660748701679&calc=f9615260fcf3b&nsid=N25-t9AEww-LSUu7RKa80Y0ycr355PG-&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=ZA&csci=181eeb214a9141839961b0a72d2cb3b8&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=0&gacook=2013689177.1660748701&xe=105604%2C104200%2C102557%2C101408%2C104227%2C105392%2C105416%2C105553%2C105552%2C105554%2C104039%2C104038%2C105843%2C105845%2C105844%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124898%2C121070%2C109630%2C104576%2C117972%2C123875%2C125100%2C125523%2C125528%2C125516%2C120731%2C120736%2C126378%2C126406%2C126390%2C108797%2C121328%2C103864%2C114559%2C121070&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=180&t3=1&tt=182&protocol=h2&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A182%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 15:05:03 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 229b1424106aa
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4071-HHN
pragma: no-cache
traceparent: 00-0000000000000000000229b1424106aa-ef96b4be6128238e-01
x-timer: S1660748704.520786,VS0,VE175
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:05:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Domain: t.paypal.com
URL: https://t.paypal.com/ts?v=1.6.9&t=1660748701316&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Aclaim-cnc-em&page=main%3Amktg%3Apersonal%3A%3Aclaim-cnc-em%3A%3A%3A&pgst=Unknown&calc=f543271a30279&nsid=N25-t9AEww-LSUu7RKa80Y0ycr355PG-&rsta=en_ZA&pgtf=Nodejs&env=live&s=ci&ccpg=za&csci=12ccf95cd4e44b56b00a1f9bf96e805d&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&xe=105841%2C104449&xt=126370%2C119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=claim-cnc-em.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=1&lgcook=0&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt%2Cutm_source%2Cutm_campaign%2Cutm_medium&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&gacook=2013689177.1660748701&imsrc=setup&view=%7B%22t10%22%3A133%2C%22t11%22%3A2382%2C%22tcp%22%3A1726%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A0%7D&pt=Your%20US%245%20Gift%20from%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=133&t1c=133&t1d=13&t1s=104&t2=473&t3=1&t4d=0&t4=0&t4e=1&tt=2508&rdc=0&protocol=h2&res=%7B%7D

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=2013689177.1660748701&jid=1969104923&_v=j79&z=1261660244

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif

Domain: www.paypal.com
URL: https://www.paypal.com/auth/verifygrcenterprise

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=861792411&cv=9&fst=1660748702037&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ngP9YsmyA--P9fgPifSjuAU&sscte=1&crd=

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/1006288171/?random=1660748702035&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=2264532698&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/1006288171/?random=1660748702035&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=2264532698&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: 192.55.233.1
URL: https://192.55.233.1/resourceaccesstoken

Domain: 192.55.233.1
URL: https://192.55.233.1/resourceaccesstoken

Domain: www.facebook.com
URL: https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[MerchantID]=NA&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/collect?v=1&_v=j79&a=1943278887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPal%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=CCCACUABB~&jid=&gjid=&cid=2013689177.1660748701&tid=UA-53389718-12&_gid=89900140.1660748701&cd1=2013689177.1660748701&cd2=&cd3=0&cd4=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin&cd5=za&cd6=en_US&cd7=&cd10=unifiedloginnodeweb&cd19=105604%2C104200%2C102557%2C101408%2C104227%2C105392%2C105416%2C105553%2C105552%2C105554%2C104039%2C104038%2C105843%2C105845%2C105844%2C102390%2C104571%2C101216%2C103648%2C104200&cd20=124898%2C121070%2C109630%2C104576%2C117972%2C123875%2C125100%2C125523%2C125528%2C125516%2C120731%2C120736%2C126378%2C126406%2C126390%2C108797%2C121328%2C103864%2C114559%2C121070&cd22=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&cd26=0&gtm=2oi4f0&z=1192845160

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 09:38:20	Name: _GRECAPTCHA Value: 09AMjm62XuFzDWexHzhFH04H4CexmUPt612N8tj--WgdLsD7n7MRHV_a7te2prto9j9sRthWqPHkkbHA5htnJ9wP4
.paypal.com/	1970-01-20 14:55:08	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 05:19:40	Name: LANG Value: en_US%3BZA
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AN25-t9AEww-LSUu7RKa80Y0ycr355PG-.XhLKj4taO%2BNJb923AzyUn4SMAfQRelWBsz4ExY4cu9A
.paypal.com/	1970-01-20 14:55:08	Name: ts_c Value: vr%3Dac5618a51820a78853b3b54affd5be02%26vt%3Dac5618a51820a78853b3b54affd5be01
.paypal.com/	1970-01-20 07:28:44	Name: _gcl_au Value: 1.1.1223284597.1660748701
.paypal.com/	1970-01-20 14:55:08	Name: _ga Value: GA1.2.2013689177.1660748701
.paypal.com/	1970-01-20 05:20:35	Name: _gid Value: GA1.2.89900140.1660748701
.paypal.com/	1970-01-20 05:19:10	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 05:19:08	Name: _gat_gtag_UA_53389718_12 Value: 1
.facebook.com/	1970-01-20 07:28:44	Name: fr Value: 0K8c36s4EEishPYDk..Bi_QOd...1.0.Bi_QOd.
.paypal.com/	1970-01-20 14:55:08	Name: d_id Value: 181eeb214a9141839961b0a72d2cb3b81660748701696
.paypal.com/	1969-12-31 23:59:59	Name: TLTSID Value: 73495710801372129244504532305321
.doubleclick.net/	1970-01-20 14:40:44	Name: IDE Value: AHWqTUlN4IJDfIhJzcQqi2XsaNMJ3R8yTeLCQjbPRdVJPK26gCSf4veEmPYVVujU
.paypal.com/	1970-01-20 05:23:27	Name: tsrce Value: authchallengenodeweb
.stats.paypal.com/	1970-01-20 14:55:08	Name: c Value: 60702133079c5e4e8dc3
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2MDc0ODcwMjY1OCIsImwiOiIwIiwibSI6IjAifQ
.c.paypal.com/	1970-01-20 14:55:08	Name: sc_f Value: w6wyBOy-yYSz1JlstVtjcUxeT29P-YpWggZjmh3oe4Mrxvo7q_N2Ty2jdTfqfmF59nv1QZE_oFYHVQUHBnNGGzYiPRfJGIbO7BOADW
.paypal.com/	1970-01-20 14:55:08	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: DgE8Jvb54bTBIoQBgluBVG_LYTKO7RCeNO87_7YS-t7PQ9tqGzR0dKnjKNF1oR8JZmJybTxTGjBtPzzd
.paypal.com/	1970-01-20 14:55:08	Name: ts Value: vreXpYrS%3D1755443103%26vteXpYrS%3D1660750503%26vr%3Dac5618a51820a78853b3b54affd5be02%26vt%3Dac5618a51820a78853b3b54affd5be01%26vtyp%3Dnew

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email Message: Access to font at 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2' from origin 'https://www.paypal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.paypal.com/za/webapps/mpp/pfs/claim/cnc-em?authType=sha1Hash&payload=5BBE88D761CEE7CB2C28349EB0770B7A2261B939&utm_source=epsilon&utm_campaign=A_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1&utm_medium=email Message: Access to font at 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2' from origin 'https://www.paypal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=861792411&cv=9&fst=1660748702037&num=1&label=TUZCCNnXxP4CEKv66t8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ngP9YsmyA--P9fgPifSjuAU&sscte=1&crd=' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://www.google.com/pagead/1p-user-list/1006288171/?random=1660748702035&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=2264532698&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/1006288171/?random=1660748702035&cv=9&fst=1660748400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin%3FreturnUri%3Dhttps%253A%252F%252Fwww.paypal.com%252Fza%252Fwebapps%252Fmpp%252Fpfs%252Fclaim%252Fcnc-em%253FauthType%253Dsha1Hash%2526payload%253D5BBE88D761CEE7CB2C28349EB0770B7A2261B939&ref=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939%26utm_source%3Depsilon%26utm_campaign%3DA_111887_W2_Launch_ZA_Jan_2022_B_ZA_en_M1%26utm_medium%3Demail&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=2264532698&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[MerchantID]=NA&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://www.google-analytics.com/collect?v=1&_v=j79&a=1943278887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPal%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=CCCACUABB~&jid=&gjid=&cid=2013689177.1660748701&tid=UA-53389718-12&_gid=89900140.1660748701&cd1=2013689177.1660748701&cd2=&cd3=0&cd4=https%3A%2F%2Fwww.paypal.com%2Fza%2Fsignin&cd5=za&cd6=en_US&cd7=&cd10=unifiedloginnodeweb&cd19=105604%2C104200%2C102557%2C101408%2C104227%2C105392%2C105416%2C105553%2C105552%2C105554%2C104039%2C104038%2C105843%2C105845%2C105844%2C102390%2C104571%2C101216%2C103648%2C104200&cd20=124898%2C121070%2C109630%2C104576%2C117972%2C123875%2C125100%2C125523%2C125528%2C125516%2C120731%2C120736%2C126378%2C126406%2C126390%2C108797%2C121328%2C103864%2C114559%2C121070&cd22=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&cd26=0&gtm=2oi4f0&z=1192845160' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".
security	error	URL: https://www.paypal.com/za/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fza%2Fwebapps%2Fmpp%2Fpfs%2Fclaim%2Fcnc-em%3FauthType%3Dsha1Hash%26payload%3D5BBE88D761CEE7CB2C28349EB0770B7A2261B939 Message: Refused to load the image 'https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif' because it violates the following Content Security Policy directive: "img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com https://6386697.fls.doubleclick.net; script-src 'nonce-bMq02+fiMcmoV1HbJQ7RaXgYpx+nUXAZYIJBwHHH5xja4FC6' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

192.55.233.1
b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
epl.paypal-communication.com
googleads.g.doubleclick.net
px.ads.linkedin.com
t.paypal.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
192.55.233.1
googleads.g.doubleclick.net
px.ads.linkedin.com
t.paypal.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.paypal.com
www.paypalobjects.com
104.17.208.240
142.250.181.226
151.101.1.35
151.101.193.35
151.101.65.21
159.127.187.100
192.229.221.25
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a03:2880:f11c:8183:face:b00c:0:25de
64.4.245.84
00a821af125923f98c2d453175a012b98a24bed2b1d8019f6232529a800842be
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
03d70e41143e5994edd62f21d1723ebf2b9946ac1d7016a3d5379b5c871ec1e1
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
0872c75690c79bd99f3f1fa8c41d4bda8bee3b0359305c2b685b44fb33ad7054
08a9efd30c8f7b121a8c318cbbaff8bfd2dc0afd42e388a0249a688759a01d0f
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95
1a87a1194b7a709565b249d5415abcffb082d3e9cb00b44639d4a9eca82dc7b8
1bb54f9d083667d9c74215fe6de324d46222a02843977c32195dc215f015176c
1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
2731c518300df0b2d9a6b0f9e52a792e7bb39eee1c57f9813a624c31efe677fe
280e7e409cee522a915d4cc96daa732825274b91ca72cb2dd6bc67b2b89ae3f1
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
328ab995b9995d6dc6a05e77f74e45a03cf6782eb9c66ab633e63699d0843b56
34405ab6cebfce72d0715cd13d5cb8efd68756dcb7cebbb05fd8eb3eaa2eede5
39d9b45916638dbcd5d9979628dfc1a454279f7fcc35b072d31743c6340d3483
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
55ee6cfd0a3e9e213c6324f3ba160593b0f5a4748cd4530bb5c59f141e5fcbf1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5df12374dac40067845218936d702e8bbaae89ec8e1e427516429855d2fd6b42
616b9cc2550ea80fb15363539467c2d318f81ead73dac693c2461ac80709f85e
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2
6aa165461cb2b4407e888cb9756306caec1a873e241b7d6df651160ba41965a4
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f7dd8d48da269bcbac566694358e9167122d704d818d33876da0fe1765cfa1f
707ba3aad39e782af22181be29794b254496ac605dca6431d62d347089ff1d48
71399ff1720fa4e82d94d92941a8fe5ec96a4449d5f83bae63da5d361d1bcdf8
7508f5a84d4ceebf3c3d0f6da60171dbd6949ca0978d9f5fd769c78a0d0bf355
77437fbd507929b6d1a1bb320582dcfd80c0de3e964ecfe2b7d072aba28aaa78
7d1bbc521b4ab779df31b331fdb7d1ed7300ce046463c3c4ca906d2df1ccd6a1
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
97862294daf540db0d8972b06a7881db31e9fde5478c9299c2de18fcc3cf650d
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9cadb2a9badf973121df95b6cadd9547011298dc869f05feee682482380b00cd
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b7e5ed4ab79932cb3d76551d06f4bc215f05217ae758f90cf527ef06d2149878
ba0679412293394fd5c7dba899a31411cee77baf7838b8dbed8a7b92b7bf58cf
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
be405902bc05fb7c9edb2e1a21202e74e9d975ed4541a2da88b71d64dc213493
c06d66a2f180e91a65cddc1b11a501ea6579f7a5851b69e929bed16893350e5b
c5972d7bc0e90c699e1b095e316a249a9bcacdeb8e33684f849f4376ae1256ac
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d4005004aa1f98f8a1f7dcde31f1a18684143223df08a2f7459bf9f9dee0bb68
df177a6a4dbdbcd0445c99acd2c64ace83d60eb918c52df68a88a382f07136cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
e675013c15aef9a9bb415be666dae4b79ecd496303a9297bd0e2f86a8017aed8
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

85 %HTTPS

43 %IPv6

14 Domains

19 Subdomains

14 IPs

4 Countries

1847 kBTransfer

5219 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

85 %
HTTPS

43 %
IPv6

14
Domains

19
Subdomains

14
IPs

4
Countries

1847 kB
Transfer

5219 kB
Size

20
Cookies

107 HTTP transactions
0 data transactions