urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.193.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/qwtn5p2
Effective URL: https://www.paypal.com/ch/signin
Submission: On April 19 via manual from MO — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 50 HTTP transactions. The main IP is 151.101.193.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2500.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 11th 2022. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.209.124.82 14618 (AMAZON-AES)
1 1 162.240.70.144 46606 (UNIFIEDLA...)
11 151.101.193.21 54113 (FASTLY)
19 192.229.210.155 15133 (EDGECAST)
6 151.101.65.35 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.106.92.18 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 23.73.236.19 16625 (AKAMAI-AS)
50 8
1    54.209.124.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-124-82.compute-1.amazonaws.com
rebrand.ly
1    162.240.70.144 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5830462.acordeon.site
secure00-id2543-apple.com
11    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
19    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
6    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
c6.paypal.com
4    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
www.recaptcha.net
2    34.106.92.18 (Salt Lake City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.92.106.34.bc.googleusercontent.com
b.stats.paypal.com
slc.stats.paypal.com
3    2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    23.73.236.19 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-236-19.deploy.static.akamaitechnologies.com
t.paypal.com
Apex Domain
Subdomains		 Transfer
23 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2500
c.paypal.com — Cisco Umbrella Rank: 5906
b.stats.paypal.com — Cisco Umbrella Rank: 4652
slc.stats.paypal.com — Cisco Umbrella Rank: 8802
t.paypal.com — Cisco Umbrella Rank: 3392
c6.paypal.com — Cisco Umbrella Rank: 6738
108 KB
19 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1886
403 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2004
42 KB
3 gstatic.com
www.gstatic.com
306 KB
1 secure00-id2543-apple.com
secure00-id2543-apple.com
204 B
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 76949
294 B
0 Failed
function sub() { [native code] }. Failed
50 7
Domain Requested by
19 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
11 www.paypal.com www.paypal.com
www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
4 t.paypal.com
4 www.recaptcha.net www.paypalobjects.com
www.gstatic.com
www.recaptcha.net
3 www.gstatic.com www.recaptcha.net
1 c6.paypal.com
1 slc.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 secure00-id2543-apple.com 1 redirects
1 rebrand.ly 1 redirects
0 192.55.233.1 Failed www.paypalobjects.com
50 12

This site contains no links.

Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-02-11 -
2023-03-14		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-17 -
2022-10-18		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/ch/signin
Frame ID: 9A6144F9170EF3727982754014F42425
Requests: 35 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html
Frame ID: DD2124A433BA403E1B1C5DA922100298
Requests: 3 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: B1532D6FB1CC76FBD2DB0EE8DCCE1B82
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v1/counter2.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww
Frame ID: B80D1B4D7BFB8FE20443D6612A48A43C
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
Frame ID: 038B8282D49C12D2A47EF9B238742227
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Page URL History Show full URLs

  1. https://rebrand.ly/qwtn5p2 HTTP 301
    https://secure00-id2543-apple.com/ HTTP 302
    https://www.paypal.com/ch/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

50
Requests

94 %
HTTPS

22 %
IPv6

7
Domains

12
Subdomains

8
IPs

1
Countries

859 kB
Transfer

1998 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/qwtn5p2 HTTP 301
    https://secure00-id2543-apple.com/ HTTP 302
    https://www.paypal.com/ch/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww HTTP 302
  • https://slc.stats.paypal.com/v1/counter2.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
www.paypal.com/ch/
Redirect Chain
  • https://rebrand.ly/qwtn5p2
  • https://secure00-id2543-apple.com/
  • https://www.paypal.com/ch/signin
26 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5e615b20eb8e53f0d9d272684fd18fc30e2a1b2f6047af2e7bd9644beecdab2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-W50/0BQK/rzeTTwZzFkR+AZXXng34lnA+AF3f0RW7Pn1t+UC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-W50/0BQK/rzeTTwZzFkR+AZXXng34lnA+AF3f0RW7Pn1t+UC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Tue, 19 Apr 2022 02:05:57 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"67cb-6pTXdObHptF+EfJ5mhE56Fwd0RA"
paypal-debug-id
f6527489bea4c
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kjyo7100077-IAD, cache-ewr18165-EWR
x-timer
S1650333958.634983,VS0,VE173
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 02:05:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.paypal.com/ch/signin
pragma
no-cache
server
Apache
recaptchav3.js
www.paypal.com/auth/createchallenge/5602023948224f8d/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/5602023948224f8d/recaptchav3.js?_sessionID=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6eec59ff6b5d052ee22aebcf5cbd8b9841837f395c6864db6d9c791bb4ee134
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-tAArqD/mA5aSMoenxvmvYuRhgk5P3NFOT5ml64yycg8UsFcK' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-tAArqD/mA5aSMoenxvmvYuRhgk5P3NFOT5ml64yycg8UsFcK' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f6527485dcb0a
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000058-IAD, cache-ewr18165-EWR
x-timer
S1650333958.839404,VS0,VE187
date
Tue, 19 Apr 2022 02:05:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/javascript; charset=utf-8
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"2764-8vrTKWAPZPz52SJZDm7dZtg2ols"
accept-ranges
none
x-cache-hits
0, 0
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/799A) /
Resource Hash
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
2beb16eada650
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
6711
last-modified
Wed, 06 Apr 2022 10:20:48 GMT
server
ECAcc (nya/799A)
etag
"624d6980-5940"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 19 Apr 2022 03:05:57 GMT
contextualLoginElementalUI.css
www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/ 		124 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D2) /
Resource Hash
351c0672ef8bc96d4d21bda4b9b116f0b327d898e1e925e6aec336aef53d6680
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
80967ed253e4d
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
20847
last-modified
Mon, 18 Apr 2022 21:43:46 GMT
server
ECAcc (nya/78D2)
etag
W/"625ddb92-1f1e5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 19 Apr 2023 02:05:57 GMT
modernizr-2.6.1.js
www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/lib/modernizr-2.6.1.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7955) /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
dacc3ce56dfa8
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
1788
last-modified
Mon, 18 Apr 2022 21:43:47 GMT
server
ECAcc (nya/7955)
etag
W/"625ddb93-edf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 19 Apr 2023 02:05:57 GMT
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7989) /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:20:23 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
etag
"60271b47-8bc"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/png
paypal-debug-id
42e2a8b8a39ff
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
2236
server
ECAcc (nya/7989)
expires
Tue, 19 Apr 2022 03:05:57 GMT
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7892) /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Sep 2014 15:08:04 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
etag
"54130c54-16c4"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/png
paypal-debug-id
d1e8f59f24b7
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
5828
server
ECAcc (nya/7892)
expires
Tue, 19 Apr 2022 03:05:57 GMT
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/lib/fn-sync-telemetry-min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79F3) /
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
70fe4d485dc74
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
2303
last-modified
Mon, 18 Apr 2022 21:43:47 GMT
server
ECAcc (nya/79F3)
etag
W/"625ddb93-159e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 19 Apr 2023 02:05:57 GMT
signin-split.js
www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/ 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/signin-split.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78D9) /
Resource Hash
ce3de58450082143a0a8dfcd4dcf58075e8285655aca0ce0a720f12c20118373
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
360406b0dd12b
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
44149
last-modified
Mon, 18 Apr 2022 21:43:47 GMT
server
ECAcc (nya/78D9)
etag
W/"625ddb93-2cdfc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 19 Apr 2023 02:05:57 GMT
ioc.js
www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/ioc.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7885) /
Resource Hash
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
df7dd3a1a8702
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
2005
last-modified
Mon, 18 Apr 2022 21:43:47 GMT
server
ECAcc (nya/7885)
etag
W/"625ddb93-1407"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 19 Apr 2023 02:05:57 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78CA) /
Resource Hash
a1f784afe7066cad9fbdd63479511fa529c5d14fbe26de7b1076aa29dc7c2f94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
af3667294e57c
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
21254
last-modified
Fri, 15 Apr 2022 23:50:27 GMT
server
ECAcc (nya/78CA)
etag
"625a04c3-d921"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 19 Apr 2022 03:05:57 GMT
momgram@2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/momgram@2x.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D6) /
Resource Hash
1c9dd1b0663ba2324632f0ffebb21112a92f039305241661c289c88af523cb1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:20:23 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
etag
"60271b47-7cc"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/png
paypal-debug-id
8bd535ae83cc3
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
1996
server
ECAcc (nya/79D6)
expires
Tue, 19 Apr 2022 03:05:57 GMT
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C65) /
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
server
ECAcc (nya/1C65)
etag
"560b6e70-b8eb"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
paypal-debug-id
a957130434936
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
47339
expires
Tue, 19 Apr 2022 03:05:57 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E1) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
17bf2f37cb6da
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (nya/78E1)
etag
"60271cda-6318"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 19 Apr 2022 03:05:57 GMT
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C4A) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
532d43eacb66f
dc
ccg11-origin-www-1.paypal.com
content-length
18508
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (nya/1C4A)
etag
"60271cda-484c"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 19 Apr 2022 03:05:57 GMT
latmconf.js
www.paypalobjects.com/pa/mi/ 		136 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7933) /
Resource Hash
d6589df4cf2ba51eaef84efb65209b51d178e8010e6c375c32dc348e9367caf6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
dca049dd6229d
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
26807
last-modified
Fri, 15 Apr 2022 23:50:27 GMT
server
ECAcc (nya/7933)
etag
"625a04c3-22125"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 19 Apr 2022 03:05:57 GMT
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/ 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/793A) /
Resource Hash
8b1da8f8b8cfef3ab25d01ef99eeca9a590a39c9d084a70cce7c1fb795a9f28a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
4c532b38b37f7
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
42889
last-modified
Fri, 04 Feb 2022 17:30:49 GMT
server
ECAcc (nya/793A)
etag
"61fd62c9-1fe33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 19 Apr 2022 03:05:57 GMT
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.1.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.1.0/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79D6) /
Resource Hash
de08a17239ff8dd61d236d4cb5e994bd588a12c2d4f1d0431ffb9683a2734908
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
14cc06940c26
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
2478
last-modified
Fri, 04 Feb 2022 17:30:49 GMT
server
ECAcc (nya/79D6)
etag
"61fd62c9-1556"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 19 Apr 2022 03:05:58 GMT
grcenterprise_v3.html
www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/ Frame DD21 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/5602023948224f8d/recaptchav3.js?_sessionID=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78B2) /
Resource Hash
e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31536000, s-maxage=31536000
content-encoding
gzip
content-length
1555
content-type
text/html
date
Tue, 19 Apr 2022 02:05:58 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"62298aca-fb6"
expires
Wed, 19 Apr 2023 02:05:58 GMT
last-modified
Thu, 10 Mar 2022 05:21:14 GMT
paypal-debug-id
6d266f1cbd602
server
ECAcc (nya/78B2)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
resourceaccesstoken
192.55.233.1/ Frame 		0
0
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f49619f717829c4c71111346e7aafe76575d6964837f6b45596b181716af4f70
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-IUmKPjtYI7jLONrieAzPX0Bf6Ahr6Ng0lbuT4PzvQyMZfN/q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-IUmKPjtYI7jLONrieAzPX0Bf6Ahr6Ng0lbuT4PzvQyMZfN/q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f652748882abb
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000029-IAD, cache-ewr18165-EWR
x-timer
S1650333958.065074,VS0,VE140
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"8c9-lZVEmEa2o8JgUuh4nfX0JhJsp/Y"
accept-ranges
none
x-cache-hits
0, 0
fb.js
c.paypal.com/da/r/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/3f6/d179097ed9edbee7bd9c7258b67b9/js/signin-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933081
x-cache
HIT, HIT
paypal-debug-id
b8c8e4846b0c2
x-cache-hits
291173
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19339
via
1.1 varnish
x-served-by
cache-ewr18157-EWR
last-modified
Mon, 28 Mar 2022 22:49:15 GMT
server
ECAcc (nya/7974)
x-timer
S1650333958.100890,VS0,VE2
etag
W/"62423b6b-de68"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:05:58 GMT
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eeca2d598addf4894567283e218fd482fde3d649dabac74bd3b398f152c32a9e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-/CizD252VgKGynFeiEVvvaPllQ892np09mS39EgTEZO1i1HC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-/CizD252VgKGynFeiEVvvaPllQ892np09mS39EgTEZO1i1HC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f652748c5ea29
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100117-IAD, cache-ewr18165-EWR
x-timer
S1650333958.068516,VS0,VE124
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"82d-ZpRnjy+JcG+HvCaBUVILLJ5aXfI"
accept-ranges
none
x-cache-hits
0, 0
challenge.js
www.paypal.com/auth/createchallenge/13b2f5a1235afb0b/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/13b2f5a1235afb0b/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdcb7be4620409071345c48c229d7325094cfc5ebc350555c4559379e157302a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Dh13QFPIX7U4XACNJgIotJqzlv443PSubXagQHTdSiCBFF/D' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Dh13QFPIX7U4XACNJgIotJqzlv443PSubXagQHTdSiCBFF/D' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f652748ab3c31
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100065-IAD, cache-ewr18165-EWR
x-timer
S1650333958.069275,VS0,VE221
date
Tue, 19 Apr 2022 02:05:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
content-encoding
gzip
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"464e-hPDPPOFgBReG6mchqT3sYRdhREw"
accept-ranges
none
x-cache-hits
0, 0
client-log
www.paypal.com/signin/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b84fdfdef1807de96ef573662bcf170b105f05866f1b413fa745be7c67d4b5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dpYcqsRK52VByveOGAQRsFPWqZ460IpvJMf+GDjKsBpp1Toj' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dpYcqsRK52VByveOGAQRsFPWqZ460IpvJMf+GDjKsBpp1Toj' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f6527483d40ad
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100023-IAD, cache-ewr18165-EWR
x-timer
S1650333958.070522,VS0,VE128
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"859-GSam6O/BKlsdk6dNefbe06a48S8"
accept-ranges
none
x-cache-hits
0, 0
resourceaccesstoken
192.55.233.1/ 		0
0
cookie-banner
www.paypal.com/signin/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/cookie-banner?
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8bcee844888cc32583fa8a5143342cf44fc6b3ed03369c74b85a773e9e02b44
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BGQy+i8Cy0QKUFVI7+0u7OjIpc88/DtKFtRWCBDzlA54roDd' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BGQy+i8Cy0QKUFVI7+0u7OjIpc88/DtKFtRWCBDzlA54roDd' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f652748378a55
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100171-IAD, cache-ewr18165-EWR
x-timer
S1650333958.071135,VS0,VE140
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"481d-qIWm/BmHuetrjusIzcz0Cp0jVuw"
accept-ranges
none
x-cache-hits
0, 0
load-resource
www.paypal.com/signin/ 		65 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94e8ede3d51c6b319146ed4a90aed2d98c8f05cf19ae63e6c8d78cf7e45c4d52
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0BcCPMXDNcYpWuknjDnQhy0FlXP0sjB59FH8xVfxaQmd26fi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0BcCPMXDNcYpWuknjDnQhy0FlXP0sjB59FH8xVfxaQmd26fi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f6527480eaf9a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000040-IAD, cache-ewr18165-EWR
x-timer
S1650333958.071549,VS0,VE200
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"10561-xmv2VfTXxy8BPp179Yh857YVXPc"
accept-ranges
none
x-cache-hits
0, 0
enterprise.js
www.recaptcha.net/recaptcha/ Frame DD21 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
724729ed999c5e8215be4392e355c544183f7d4a31db384e7bf9669d852f1c0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
620
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 02:05:58 GMT
i
c.paypal.com/v1/r/d/ Frame B153 		160 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
f8e4b786c02b9
date
Tue, 19 Apr 2022 02:05:58 GMT
paypal-debug-id
f8e4b786c02b9
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kiad7000133-IAD, cache-ewr18157-EWR
x-timer
S1650333958.131426,VS0,VE87
x-xss-protection
1; mode=block
counter2.cgi
slc.stats.paypal.com/v1/ Frame B80D
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww
  • https://slc.stats.paypal.com/v1/counter2.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww
Protocol
HTTP/1.1
Server
34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
18.92.106.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 19 Apr 2022 02:05:58 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD03NzlhNTllYjU4NTg0YWVjOWU2YTFiYjNjOWMzN2I1MCZpPTUuMTgxLjIzNC4xNTcmdD0xNjUwMzMzOTU3Ljc0JmE9MjEmcz1VTklGSUVEX0xPR0lOZxAcmstAkZx4n_5Kjwl8kftP3ww
Date
Tue, 19 Apr 2022 02:05:58 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame DD21 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypalobjects.com/
Origin
https://www.paypalobjects.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 01:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 01:07:48 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 038B 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
001e7f879148bf6ee573759e61f6948073fe4f213ba900bc56cbc6568db54a14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ONPBfP/NBLDOthCkcQyzjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22062
content-security-policy
script-src 'report-sample' 'nonce-ONPBfP/NBLDOthCkcQyzjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Apr 2022 02:05:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78E1) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
17bf2f37cb6da
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (nya/78E1)
etag
"60271cda-6318"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 19 Apr 2022 03:05:58 GMT
ts
t.paypal.com/ 		42 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650333958224&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1650333957684&calc=f6527489bea4c&nsid=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=779a59eb58584aec9e6a1bb3c9c37b50&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104406%2C103662%2C104405%2C103660%2C103661%2C104407&xt=119036%2C114646%2C119034%2C115446%2C116862%2C119038&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.236.19 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-236-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 02:05:58 GMT
Timing-Allow-Origin
*
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
P3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id
daf8244a1093d
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
content-encoding;desc="",x-cdn;desc="akamai"
Content-Type
image/gif
Content-Length
42
Expires
Tue, 19 Apr 2022 02:05:58 GMT
fb.js
c.paypal.com/da/r/ Frame B153 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933081
x-cache
HIT, HIT
paypal-debug-id
b8c8e4846b0c2
x-cache-hits
291174
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19339
via
1.1 varnish
x-served-by
cache-ewr18157-EWR
last-modified
Mon, 28 Mar 2022 22:49:15 GMT
server
ECAcc (nya/7974)
x-timer
S1650333958.255066,VS0,VE2
etag
W/"62423b6b-de68"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 02:05:58 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 038B 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 01:07:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 038B 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 01:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144314
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 01:07:48 GMT
p1
c.paypal.com/v1/r/d/b/ Frame B153 		125 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f253c58842f3cbbcea853a7db2fa0a7a813fcf436c9d07f3a9575343978a56b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Tue, 19 Apr 2022 02:05:58 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
139f002c28e97
x-served-by
cache-iad-kcgs7200079-IAD, cache-ewr18157-EWR
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
139f002c28e97
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame B153 		15 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
7a68887fbfe1d
x-served-by
cache-iad-kiad7000152-IAD, cache-ewr18157-EWR
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
7a68887fbfe1d
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame B153 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=779a59eb58584aec9e6a1bb3c9c37b50&s=UNIFIED_LOGIN_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
dca19ed8baddd
x-timer
S1650333958.315088,VS0,VE117
x-served-by
cache-iad-kiad7000132-IAD, cache-ewr18157-EWR
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
dca19ed8baddd
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0, 0
verifychallenge
www.paypal.com/auth/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifychallenge
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-rKlCh5tX18Y2JPIpLBOHW83x1wQmqxR6bU4TIcZiFkPJNxdI' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-rKlCh5tX18Y2JPIpLBOHW83x1wQmqxR6bU4TIcZiFkPJNxdI' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f6527482fed59
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000106-IAD, cache-ewr18165-EWR
x-timer
S1650333958.306198,VS0,VE132
date
Tue, 19 Apr 2022 02:05:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
accept-ranges
none
x-cache-hits
0, 0
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 038B 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 02:05:58 GMT
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C50) /
Resource Hash
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d69699f5b1635
dc
ccg11-origin-www-1.paypal.com
content-length
110177
last-modified
Sat, 13 Feb 2021 00:29:58 GMT
server
ECAcc (nya/1C50)
etag
"60271d86-1ae61"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/png
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 19 Apr 2022 03:05:58 GMT
reload
www.recaptcha.net/recaptcha/enterprise/ Frame 038B 		32 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aba0ce955a63fd77eb6ad95aa4d2f414e9834af0add4fbc803daa521c104542b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mb9dptg1dwj4
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 19 Apr 2022 02:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19052
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 02:05:58 GMT
verifygrcenterprise
www.paypal.com/auth/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-GX/SRPfH099aAqtK0/2JKsRmbzoZ6OjY0oWv6HSMy6j37t1g' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
x-requested-with
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-GX/SRPfH099aAqtK0/2JKsRmbzoZ6OjY0oWv6HSMy6j37t1g' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f29437415f8ad
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100126-IAD, cache-ewr18165-EWR
x-timer
S1650333959.570039,VS0,VE207
date
Tue, 19 Apr 2022 02:05:58 GMT
vary
accept-encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
none
x-cache-hits
0, 0
tealeaftarget
www.paypal.com/platform/ 		39 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d4e1d0cd7f70c9229001ef249c093a4ffbbd32ad1ef53cf76682e63ff348016
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-PageId
P.ZV49GW54MGVDHWN86QC4YS5CCHCT
X-Tealeaf
device (UIC) Lib/6.1.0.1989
X-Tealeaf-SyncXHR
false
accept-language
en-US,en;q=0.9
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
13870386800041048382896613121485
X-Requested-With
fetch
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/ch/signin
Referer
https://www.paypal.com/ch/signin

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f2943742dfa5e
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000067-IAD, cache-ewr18165-EWR
x-timer
S1650333959.642312,VS0,VE98
x-frame-options
SAMEORIGIN
date
Tue, 19 Apr 2022 02:05:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"27-cfwciUzcKD5pIR0YCL1/9g0DNdk"
accept-ranges
none
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650333958799&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1650333957684&calc=f6527489bea4c&nsid=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=779a59eb58584aec9e6a1bb3c9c37b50&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104200%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200&xt=117843%2C109630%2C104577%2C117972%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&imsrc=setup&view=%7B%22t10%22%3A168%2C%22t11%22%3A1881%2C%22tcp%22%3A1227%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A500%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=168&t1c=168&t1d=10&t1s=152&t2=179&t3=2&t4d=0&t4=0&t4e=6&tt=1385&rdc=0&protocol=h2&cenc=br&cdn=fastly&res=%7B%7D&rtt=168
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.236.19 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-236-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 02:05:58 GMT
Timing-Allow-Origin
*
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
P3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id
4fad3b5affff1
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
content-encoding;desc="",x-cdn;desc="akamai"
Content-Type
image/gif
Content-Length
42
Expires
Tue, 19 Apr 2022 02:05:58 GMT
ts
t.paypal.com/ 		42 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650333959800&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1650333957684&calc=f6527489bea4c&nsid=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=779a59eb58584aec9e6a1bb3c9c37b50&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104200%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200&xt=117843%2C109630%2C104577%2C117972%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=96&t3=1&tt=98&protocol=http%2F1.1&cdn=akamai&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A98%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.236.19 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-236-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 02:05:59 GMT
Timing-Allow-Origin
*
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
P3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id
95bd8a0b7d811
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
content-encoding;desc="",x-cdn;desc="akamai"
Content-Type
image/gif
Content-Length
42
Expires
Tue, 19 Apr 2022 02:05:59 GMT
ts
t.paypal.com/ 		42 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.4&t=1650333959801&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1650333957684&calc=f6527489bea4c&nsid=Q7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=779a59eb58584aec9e6a1bb3c9c37b50&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=104200%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200&xt=117843%2C109630%2C104577%2C117972%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=98&t3=1&tt=99&protocol=h2&cenc=br&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A99%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.236.19 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-236-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Apr 2022 02:05:59 GMT
Timing-Allow-Origin
*
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
P3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id
2ad750911f253
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
content-encoding;desc="",x-cdn;desc="akamai"
Content-Type
image/gif
Content-Length
42
Expires
Tue, 19 Apr 2022 02:05:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
192.55.233.1
URL
https://192.55.233.1/resourceaccesstoken
Domain
192.55.233.1
URL
https://192.55.233.1/resourceaccesstoken

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails boolean| paypalADSInterceptorInjected object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ function| _classCallCheck function| _typeof function| _createClass number| HTTPOK string| HTTPGET string| HTTPPOST number| DEFAULT_XHR_TIMEOUT object| fpti string| fptiserverurl object| _ifpti object| latmconf object| laDataLayer object| pako object| TLT function| _0x399c function| _0x236f function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x104b4b function| _0x2704 object| d function| feffeeca function| _0x55f0 object| err

16 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09ALG5ZwzDRk9ZcjVNU9PxfGbCJYyufrm_cFoDP60mkk0Qc8jGUTJ1Urz_85LgC-S2s72E9OmUAtLn3yLn3zSMUHg
secure00-id2543-apple.com/ Name: PHPSESSID
Value: 62042fb5e79f9e572d4040381dcfa145
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: 779a59eb58584aec9e6a1bb3c9c37b501650333957723
.paypal.com/ Name: LANG
Value: en_US%3BCH
www.paypal.com/ Name: nsid
Value: s%3AQ7vSuLoU8K8u4t85jc0EbJ17oeVZS0BF.hiy4OxUJU6spZuvDtHOGhLq%2FXFqvwhKvyWsRx77qSxU
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts_c
Value: vr%3D3f91be261800ad0075300c4dfb9b9d76%26vt%3D3f91be261800ad0075300c4dfb9b9d75
.paypal.com/ Name: TLTSID
Value: 13870386800041048382896613121485
.stats.paypal.com/ Name: c
Value: e00aae7f06a1a6d22e77
.c.paypal.com/ Name: sc_f
Value: _sdw9tP-GVnx4gIff-1TKXmhFLyXdbtQVW0uIMjAbVVE4wal0-al0oStcek2esuG5wJdxUI4RxS4d_1Lj6fsIld-AkuhO6aVVB90mW
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: S683ppyFDwJtK0OU6jWJLkO6JGy6S_UgRrz4lSUDnbMh7K2OD-BZSJq0a0ZKPh8QL763_YfAZWAsFq_W
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY1MDMzMzk1ODcyMCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1745028359%26vteXpYrS%3D1650335759%26vr%3D3f91be261800ad0075300c4dfb9b9d76%26vt%3D3f91be261800ad0075300c4dfb9b9d75%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-W50/0BQK/rzeTTwZzFkR+AZXXng34lnA+AF3f0RW7Pn1t+UC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

192.55.233.1
b.stats.paypal.com
c.paypal.com
c6.paypal.com
rebrand.ly
secure00-id2543-apple.com
slc.stats.paypal.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
192.55.233.1
151.101.193.21
151.101.65.35
162.240.70.144
192.229.210.155
23.73.236.19
2607:f8b0:4006:809::2003
2607:f8b0:4006:80e::2003
34.106.92.18
54.209.124.82
001e7f879148bf6ee573759e61f6948073fe4f213ba900bc56cbc6568db54a14
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
0b84fdfdef1807de96ef573662bcf170b105f05866f1b413fa745be7c67d4b5f
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1c9dd1b0663ba2324632f0ffebb21112a92f039305241661c289c88af523cb1a
1eaf6916b7bd86df3543dd6c34db33a1abc02581ae2650f2ea288dabcc7518fb
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
351c0672ef8bc96d4d21bda4b9b116f0b327d898e1e925e6aec336aef53d6680
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
724729ed999c5e8215be4392e355c544183f7d4a31db384e7bf9669d852f1c0e
7d4e1d0cd7f70c9229001ef249c093a4ffbbd32ad1ef53cf76682e63ff348016
8b1da8f8b8cfef3ab25d01ef99eeca9a590a39c9d084a70cce7c1fb795a9f28a
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
94e8ede3d51c6b319146ed4a90aed2d98c8f05cf19ae63e6c8d78cf7e45c4d52
a1f784afe7066cad9fbdd63479511fa529c5d14fbe26de7b1076aa29dc7c2f94
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
aba0ce955a63fd77eb6ad95aa4d2f414e9834af0add4fbc803daa521c104542b
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b442e9ec49c9f90ab11f2d87a368a99a92a05b5acd9bcaf865aa551ba1f8cb8d
bdcb7be4620409071345c48c229d7325094cfc5ebc350555c4559379e157302a
c5e615b20eb8e53f0d9d272684fd18fc30e2a1b2f6047af2e7bd9644beecdab2
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
ce3de58450082143a0a8dfcd4dcf58075e8285655aca0ce0a720f12c20118373
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d6589df4cf2ba51eaef84efb65209b51d178e8010e6c375c32dc348e9367caf6
d8bcee844888cc32583fa8a5143342cf44fc6b3ed03369c74b85a773e9e02b44
de08a17239ff8dd61d236d4cb5e994bd588a12c2d4f1d0431ffb9683a2734908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c
eeca2d598addf4894567283e218fd482fde3d649dabac74bd3b398f152c32a9e
f253c58842f3cbbcea853a7db2fa0a7a813fcf436c9d07f3a9575343978a56b5
f49619f717829c4c71111346e7aafe76575d6964837f6b45596b181716af4f70
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6eec59ff6b5d052ee22aebcf5cbd8b9841837f395c6864db6d9c791bb4ee134