www.paypal.com Open in urlscan Pro
151.101.65.21  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.billmelater.com/cm/paypal/landers/18ppcTERMS.html?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=9f3c91bc-bb4a-11ec-9150-3cecef6afc47&ppid=RT000238&cnac=US&rsta=en_US(en-US)&cust=&unptid=9f3c91bc-bb4a-11ec-9150-3cecef6afc47&calc=f751904643103&unp_tpcid=invoice-buyer-notification&page=main:email:RT000238&pgrp=main:email&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.83.2&xt=104038 Page URL
2. https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	18ppcTERMS.html Show response www.billmelater.com/cm/paypal/landers/	181 B 574 B	1176ms 149ms	Document text/html	208.76.140.143 BMLCORP
General Check archive.org Show headers Download Go to Full URL https://www.billmelater.com/cm/paypal/landers/18ppcTERMS.html?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000238&utm_unptid=9f3c91bc-bb4a-11ec-9150-3cecef6afc47&ppid=RT000238&cnac=US&rsta=en_US(en-US)&cust=&unptid=9f3c91bc-bb4a-11ec-9150-3cecef6afc47&calc=f751904643103&unp_tpcid=invoice-buyer-notification&page=main:email:RT000238&pgrp=main:email&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.83.2&xt=104038 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.76.140.143 , United States, ASN30393 (BMLCORP, US), Reverse DNS Software Apache / Resource Hash c76564555c7629829c5a301788e3db5753608b83feac5304e897d133727ec983 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 158 Content-Type text/html Date Wed, 13 Apr 2022 17:06:33 GMT Keep-Alive timeout=15, max=100 Last-Modified Mon, 26 Aug 2019 14:13:55 GMT Server Apache Strict-Transport-Security max-age=15552000; includeSubDomains Vary Accept-Encoding X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H2	200	Primary Request paypal-credit Show response www.paypal.com/us/webapps/mpp/terms/	93 KB 32 KB	530ms 491ms	Document text/html	151.101.65.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e217da7f56344956716244cc813f9ebcc67226b3e85fd1efa36467ef5ef56029 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-FMqILl8neMVui1sZYkFYEGmgJXwDUN3iD20btczqPAEdf26D' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.billmelater.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges none cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-FMqILl8neMVui1sZYkFYEGmgJXwDUN3iD20btczqPAEdf26D' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-type text/html; charset=utf-8 date Wed, 13 Apr 2022 17:06:34 GMT dc ccg11-origin-www-1.paypal.com etag W/"171a9-dRm5qvuW34G+BxoSV3wwimuggDY" paypal-debug-id f961039ebfa72 server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-content-type-options nosniff x-served-by cache-hhn4057-HHN x-timer S1649869594.517477,VS0,VE483 x-xss-protection 1; mode=block
GET H2	200	ngrlCaptcha.min.js Show response www.paypalobjects.com/webcaptcha/	22 KB 7 KB	36ms 11ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 06 Apr 2022 10:20:48 GMT etag W/"624d6980-5940" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 79a9c99493c57 cache-control s-maxage=31536000, public,max-age=3600 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 6711
GET H2	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	32ms 9ms	Font application/font-woff2	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Wed, 13 Apr 2022 17:06:34 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 03:38:51 GMT cache-control s-maxage=31536000, public,max-age=3600 etag "5a66ae4b-4790" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id 9b05cf6fc13a3 strict-transport-security max-age=31536000 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 18320
GET H2	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	45ms 21ms	Font application/font-woff2	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 02:50:53 GMT cache-control public,max-age=3600 etag "5a66a30d-47b8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id 417eb037909be strict-transport-security max-age=31536000 accept-ranges bytes dc slc-b-origin-www-3.paypal.com content-length 18360
GET H2	200	83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css www.paypalobjects.com/marketing-resources/css/b6/	330 KB 52 KB	9ms 9ms	Stylesheet text/css	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 18 Nov 2021 13:50:46 GMT etag W/"61965a36-528df" vary Accept-Encoding content-type text/css paypal-debug-id 8d0165569a7f2 cache-control public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 52621
GET H2	200	react-17_0_1-bundle.js Show response www.paypalobjects.com/marketing-resources/vendors/	132 KB 44 KB	23ms 22ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Feb 2021 21:58:19 GMT x-serial 379 etag W/"603428fb-20ee8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 3c713aef5a3a7 x-check-cacheable YES cache-control public,max-age=3600 strict-transport-security max-age=31536000 dc ccg11-origin-www-3.paypal.com content-length 44545
GET H2	200	pa.js Show response www.paypalobjects.com/pa/js/min/	54 KB 21 KB	23ms 22ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/js/min/pa.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id f2108a7e8f1c dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 21236 last-modified Tue, 05 Apr 2022 03:09:40 GMT etag W/"624bb2f4-d8fc" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	open-chat.js Show response www.paypalobjects.com/helpcenter/smartchat/sales/v1/	1 KB 1 KB	23ms 22ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:19:40 GMT cache-control public,max-age=3600 etag W/"60271b1c-5bf" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript access-control-allow-origin * paypal-debug-id 28923c006211c strict-transport-security max-age=31536000 dc phx-origin-www-3.paypal.com content-length 779
GET H2	200	marketingIntentsV2.js Show response www.paypalobjects.com/activation/js/	554 B 666 B	25ms 24ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/activation/js/marketingIntentsV2.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 12 Feb 2021 23:55:13 GMT etag W/"60271561-22a" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 7628d50e4cc0a cache-control public, max-age=86400 strict-transport-security max-age=31536000 dc ccg11-origin-www-2.paypal.com content-length 365 expires Thu, 14 Apr 2022 17:06:34 GMT
GET H2	200	recaptchav3.js Show response www.paypal.com/auth/createchallenge/c1d2b6912124812c/	10 KB 6 KB	297ms 296ms	Script text/javascript	151.101.65.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/auth/createchallenge/c1d2b6912124812c/recaptchav3.js?_sessionID=mY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f189318ce7d0909560fe8de23156a3d497c5a479818db96680f437e187c83de3 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Rl82CV5XV7Bf8ruE0bcbgpzHm/mo8SJJOvowkbmRi94lG7m8' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Rl82CV5XV7Bf8ruE0bcbgpzHm/mo8SJJOvowkbmRi94lG7m8' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; via 1.1 varnish x-content-type-options nosniff x-cache MISS paypal-debug-id f961039935593 server-timing content-encoding;desc="",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-hhn4057-HHN x-timer S1649869594.147816,VS0,VE290 date Wed, 13 Apr 2022 17:06:34 GMT vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/javascript; charset=utf-8 content-encoding br cache-control max-age=0, no-cache, no-store, must-revalidate etag W/"2766-bqwe11E3rLQcssUd1rskSvpo9L8" accept-ranges none x-cache-hits 0
GET H2	200	paypal_credit_151x39.png www.paypalobjects.com/webstatic/mktg/bml/	1 KB 2 KB	63ms 62ms	Image image/png	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/bml/paypal_credit_151x39.png Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 820337bc88625d830f30cf33df8f6db9355714867ba209ce89cdf559abe7b905 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT x-content-type-options nosniff x-check-cacheable YES x-serial 1304 etag "53c55d4a-bc9" strict-transport-security max-age=31536000 content-type image/png cache-control private, no-transform, max-age=43200 last-modified Mon, 04 Apr 2022 04:44:10 GMT content-length 1460 server Akamai Image Manager expires Thu, 14 Apr 2022 05:06:34 GMT
GET H2	200	blue-bg.jpg www.paypalobjects.com/digitalassets/c/NA/web/canvas/terms/paypal-credit/	4 KB 5 KB	74ms 74ms	Image image/webp	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/digitalassets/c/NA/web/canvas/terms/paypal-credit/blue-bg.jpg Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash b402446bdab1a13ab90c5eb0d8aa47a15cf9e42cfe67e15358c0d45f4d8a03b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT x-content-type-options nosniff x-check-cacheable YES x-serial 591 etag "AWKxJ1fv4gUzL0GkiFc2nPsQ43+9YvlBhRulgwGl6gg" strict-transport-security max-age=31536000 content-type image/webp cache-control private, no-transform, max-age=43200 last-modified Sat, 26 Feb 2022 04:25:23 GMT content-length 4364 server Akamai Image Manager expires Thu, 14 Apr 2022 05:06:34 GMT
GET H2	200	latmconf.js Show response www.paypalobjects.com/pa/mi/	136 KB 27 KB	9ms 8ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/mi/latmconf.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash c019b244965871db3b76e6042a521019104fb59cb10f27cc049eaec81cae7609 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 4c0a82a75f155 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 26745 last-modified Mon, 11 Apr 2022 23:57:58 GMT etag W/"6254c086-22008" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	eligibility Show response www.paypal.com/smartchat/open/	1 KB 2 KB	210ms 210ms	XHR application/json	151.101.65.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/webapps/mpp/terms/paypal-credit Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1cd4677683038949117e89a3cc835fea970c7fef417513a7b4511157b5288ebb Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-UoK/uAH1ZPvCKOadtvvCXCPeOMVcXbNwRoFDcg56Ob9mEOt4' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-UoK/uAH1ZPvCKOadtvvCXCPeOMVcXbNwRoFDcg56Ob9mEOt4' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com; via 1.1 varnish x-content-type-options nosniff x-cache MISS paypal-debug-id f9610390f05a6 server-timing content-encoding;desc="",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-hhn4057-HHN x-timer S1649869594.208065,VS0,VE203 date Wed, 13 Apr 2022 17:06:34 GMT vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/json; charset=utf-8 content-encoding br cache-control max-age=0, no-cache, no-store, must-revalidate etag W/"564-cR4dd+ftdlHZfc7lTc/KhM2bf2I" accept-ranges none x-cache-hits 0
GET H2	200	OrchestratorMain.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	7 KB 4 KB	8ms 8ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/js/min/pa.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Origin https://www.paypal.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id c8f16ea4b97d0 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 3329 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-1d47" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	12.2e4d3453d92fa382c1f6.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	56 KB 16 KB	75ms 75ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash 9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id c1c2646cf08e8 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 16285 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-e017" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	ts t.paypal.com/	42 B 769 B	195ms 157ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649869594344&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=f961039ebfa72&nsid=mY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=2e94d89677a640f3bb93cf22b678d54e&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104759%2C104406%2C104407&xt=120840%2C119036%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v3a&bannersource=ConsentNodeServ&eligibility_reason=false&is_native=false&cookie_disabled=false&e=ac Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id d571d194e5ac2 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4031-HHN pragma no-cache x-timer S1649869594.388255,VS0,VE149 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 13 Apr 2022 17:06:34 GMT
POST H2	200	Targeting.php Show response zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/	96 KB 8 KB	76ms 57ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49cb26f578b5b58c1c0b9fff477380b868ea54fa03370dd6284814a6dd802f39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * referrer-policy strict-origin-when-cross-origin server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://www.paypal.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true trace-id c2b422f88bb52a77 cf-ray 6fb5cb04eab590e6-FRA
GET H2	200	grcenterprise_v3.html Show response www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/ Frame F959	4 KB 2 KB	13ms 13ms	Document text/html	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html Requested by Host: www.paypal.com URL: https://www.paypal.com/auth/createchallenge/c1d2b6912124812c/recaptchav3.js?_sessionID=mY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=31536000, s-maxage=31536000 content-encoding gzip content-length 1555 content-type text/html date Wed, 13 Apr 2022 17:06:34 GMT dc ccg11-origin-www-1.paypal.com etag W/"62298aca-fb6" expires Thu, 13 Apr 2023 17:06:34 GMT last-modified Thu, 10 Mar 2022 05:21:14 GMT paypal-debug-id 6b65492dcf01b strict-transport-security max-age=31536000 surrogate-control max-age=31536000 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com vary Accept-Encoding x-content-type-options nosniff
GET H2	200	CoreModule.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	100 KB 30 KB	18ms 18ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id b7370ee1ffb36 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 30223 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-190b6" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	enterprise.js Show response www.recaptcha.net/recaptcha/ Frame F959	977 B 1 KB	45ms 17ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 37a96388d229b4876d498e49cf6f3700810bfdcefc383aa58dcc26ed55a45c69 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypalobjects.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 619 x-xss-protection 1; mode=block expires Wed, 13 Apr 2022 17:06:34 GMT
GET H2	200	4.bee7caf079144a7b9980.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	2 KB 2 KB	9ms 9ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 2df946d62e439 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 1231 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-9ed" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	1.1303dc17a61da0f506d3.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	29 KB 7 KB	82ms 81ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 5dada05555734 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 6602 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-7257" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	17.0e47ac923c1fa85e46cf.chunk.js Show response www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/	19 KB 8 KB	132ms 132ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id f7c3d06072f2d dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 7762 last-modified Tue, 11 Jan 2022 00:19:32 GMT etag W/"61dccd14-4a99" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 access-control-allow-headers x-csrf-token
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame F959	359 KB 142 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paypalobjects.com/ Origin https://www.paypalobjects.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 10:03:52 GMT content-encoding gzip x-content-type-options nosniff age 25362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144472 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Apr 2023 10:03:52 GMT
GET H2	200	anchor Show response www.recaptcha.net/recaptcha/enterprise/ Frame A961	42 KB 22 KB	33ms 32ms	Document text/html	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3704edacd088372f4846a0b1d8e67fa85d20665b689300f678e941a847e9a22f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-T8RDZF5lTLzOSGsWIEiodw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypalobjects.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22103 content-security-policy script-src 'report-sample' 'nonce-T8RDZF5lTLzOSGsWIEiodw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 13 Apr 2022 17:06:34 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame A961	51 KB 24 KB	24ms 8ms	Stylesheet text/css	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 11:07:29 GMT content-encoding gzip x-content-type-options nosniff age 21545 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Apr 2023 11:07:29 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame A961	359 KB 141 KB	26ms 11ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 10:03:52 GMT content-encoding gzip x-content-type-options nosniff age 25362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144472 x-xss-protection 0 last-modified Mon, 04 Apr 2022 04:02:58 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Apr 2023 10:03:52 GMT
GET H3	200	webworker.js www.recaptcha.net/recaptcha/enterprise/ Frame A961	102 B 132 B	16ms 15ms	Other text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110 x-xss-protection 1; mode=block expires Wed, 13 Apr 2022 17:06:34 GMT
GET H2	200	8a8b1b936f8eafc2b260434d8e8b442df66eac.js Show response www.paypalobjects.com/marketing-resources/js/80/	463 KB 126 KB	87ms 87ms	Script application/javascript	104.90.110.199 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/js/80/8a8b1b936f8eafc2b260434d8e8b442df66eac.js Requested by Host: www.paypal.com URL: https://www.paypal.com/us/webapps/mpp/terms/paypal-credit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.90.110.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-110-199.deploy.static.akamaitechnologies.com Software / Resource Hash bd94117222940d1e271088d2330c929d3c20bf73a3267abf7eb9e6803ae0b7b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 31 Mar 2022 12:20:57 GMT etag W/"62459ca9-73ad0" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 25aa7eb7952b9 cache-control s-maxage=31536000, public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 128196
POST H3	200	reload Show response www.recaptcha.net/recaptcha/enterprise/ Frame A961	32 KB 19 KB	49ms 49ms	XHR application/json	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 34573f2ca27571da2f00afa68dfe182e4aa13c5323d07b0da4b1d0fb9c1e264d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=9xgvfyhu39pe accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-protobuffer Response headers date Wed, 13 Apr 2022 17:06:34 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19040 x-xss-protection 1; mode=block expires Wed, 13 Apr 2022 17:06:34 GMT
POST H2	200	verifygrcenterprise Show response www.paypal.com/auth/	0 2 KB	256ms 256ms	XHR text/plain	151.101.65.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/auth/verifygrcenterprise Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-9ol2hqgxQYRchn6M//FBZXLNFwUIxmUAgwP4LVzpr6cK99vp' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-9ol2hqgxQYRchn6M//FBZXLNFwUIxmUAgwP4LVzpr6cK99vp' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; via 1.1 varnish x-content-type-options nosniff x-cache MISS paypal-debug-id f39216080e53f server-timing content-encoding;desc="",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-hhn4057-HHN x-timer S1649869595.015598,VS0,VE249 date Wed, 13 Apr 2022 17:06:35 GMT vary accept-encoding strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges none x-cache-hits 0
GET H2	200	ts t.paypal.com/	42 B 471 B	179ms 178ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649869595171&g=0&pgrp=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&page=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit%3A%3A%3A&pgst=Unknown&calc=f961039ebfa72&nsid=mY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=2e94d89677a640f3bb93cf22b678d54e&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A40%2C%22t11%22%3A1472%2C%22tcp%22%3A733%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A134%7D&pt=PayPal%20Credit&ru=https%3A%2F%2Fwww.billmelater.com%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=40&t1c=40&t1d=0&t1s=33&t2=491&t3=133&t4d=0&t4=0&t4e=2&tt=1337&rdc=0&protocol=h2&cdn=fastly&res=%7B%7D&rtt=196 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:35 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id ebec1ce0a54bd x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4031-HHN pragma no-cache x-timer S1649869595.177783,VS0,VE170 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 13 Apr 2022 17:06:35 GMT
GET H2	200	ts t.paypal.com/	42 B 471 B	227ms 227ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.3&t=1649869596172&g=0&pgrp=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit&page=main%3Amktg%3Apersonal%3Alegal%3Aterms-paypal-credit%3A%3A%3A&pgst=Unknown&calc=f961039ebfa72&nsid=mY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=2e94d89677a640f3bb93cf22b678d54e&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&shir=main_mktg_personal_legal&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=179&t3=1&tt=180&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A180%2C%22nt%22%3A%22res%22%7D&e=pf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/us/webapps/mpp/terms/paypal-credit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 17:06:36 GMT via 1.1 varnish x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id db93ffb0ee20 x-cache-hits 0 server-timing content-encoding;desc="",x-cdn;desc="fastly" content-length 42 x-served-by cache-hhn4031-HHN pragma no-cache x-timer S1649869596.179085,VS0,VE218 strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Wed, 13 Apr 2022 17:06:36 GMT

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| antiClickjack boolean| paypalADSInterceptorInjected object| modelData function| bindGdprEvents object| dataLayer object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| t object| React object| ReactDOM object| latmconf object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.64.1 function| hideGdprBanner function| showGdprBanner function| openSalesChat function| _0x4f70 function| _0xeede object| _qsie object| PageBundle function| _

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.recaptcha.net/recaptcha	1970-01-20 06:37:01	Name: _GRECAPTCHA Value: 09AOc_TXfELYVeDJH-QPBwE3pwlMNjuDynhdzs1MbOnJ7E5ZWRe2JRlaAH7lMHLo81YLJ7cRPHnFChn3HvIETbmAg
			.paypal.com/	1970-01-20 11:03:25	Name: enforce_policy Value: ccpa
			.paypal.com/	1970-01-23 17:58:08	Name: cookie_check Value: yes
			.paypal.com/	1970-01-20 02:18:21	Name: LANG Value: en_US%3BUS
			www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AmY1XlUtT1-6Wxc_MCFh0LVdqN4mctJfu.iejGDwIm9kJJRRvsSKiGs%2FeKQ62Q3H5wg1FFL3FsDsY
			.paypal.com/	1970-01-21 04:36:03	Name: ts_c Value: vr%3D23e41bf51800a7886e7cbdf0fcbc7cc2%26vt%3D23e41bf51800a7886e7cbdf0fcbc7cc1
			.paypal.com/	1970-01-20 02:22:08	Name: tsrce Value: authchallengenodeweb
			.paypal.com/	1970-01-20 02:17:51	Name: l7_az Value: dcg13.slc
			.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0OTg2OTU5NTE3NSIsImwiOiIwIiwibSI6IjAifQ
			.paypal.com/	1970-01-21 04:36:03	Name: ts Value: vreXpYrS%3D1744563996%26vteXpYrS%3D1649871396%26vr%3D23e41bf51800a7886e7cbdf0fcbc7cc2%26vt%3D23e41bf51800a7886e7cbdf0fcbc7cc1%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.billmelater.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.17.208.240
104.90.110.199
151.101.65.21
151.101.65.35
208.76.140.143
2a00:1450:4001:801::2003
2a00:1450:4001:812::2003
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
1cd4677683038949117e89a3cc835fea970c7fef417513a7b4511157b5288ebb
2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21
34573f2ca27571da2f00afa68dfe182e4aa13c5323d07b0da4b1d0fb9c1e264d
3704edacd088372f4846a0b1d8e67fa85d20665b689300f678e941a847e9a22f
37a96388d229b4876d498e49cf6f3700810bfdcefc383aa58dcc26ed55a45c69
49cb26f578b5b58c1c0b9fff477380b868ea54fa03370dd6284814a6dd802f39
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
820337bc88625d830f30cf33df8f6db9355714867ba209ce89cdf559abe7b905
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b402446bdab1a13ab90c5eb0d8aa47a15cf9e42cfe67e15358c0d45f4d8a03b1
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
bd94117222940d1e271088d2330c929d3c20bf73a3267abf7eb9e6803ae0b7b3
c019b244965871db3b76e6042a521019104fb59cb10f27cc049eaec81cae7609
c74939ca24c142579238ecb4998957ff5cb87e4e1f3e64a18c8603f6e0dda584
c76564555c7629829c5a301788e3db5753608b83feac5304e897d133727ec983
d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a
dde2b53dac466c2b0a51369b5c51cd170c4537de120b8c9645479ccadb7cb789
e217da7f56344956716244cc813f9ebcc67226b3e85fd1efa36467ef5ef56029
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
f189318ce7d0909560fe8de23156a3d497c5a479818db96680f437e187c83de3
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48