urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
192.229.210.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://awesometools.us/de/
Effective URL: https://www.paypal.com/ch/signin
Submission: On October 20 via api from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 51 HTTP transactions. The main IP is 192.229.210.155, located in United States and belongs to EDGECAST, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2528.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 25th 2022. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 67.212.179.164 32475 (SINGLEHOP...)
1 1 192.254.230.170 46606 (UNIFIEDLA...)
17 192.229.210.155 15133 (EDGECAST)
20 151.101.2.133 54113 (FASTLY)
5 2606:4700:440... 13335 (CLOUDFLAR...)
4 151.101.65.35 54113 (FASTLY)
1 2 34.106.92.18 396982 (GOOGLE-CL...)
1 2606:2800:21f... 15133 (EDGECAST)
51 8
1    67.212.179.164 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: r119.tmd.cloud
awesometools.us
1    192.254.230.170 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.trovedigitalmarketing.com
worldcitizenstv.com
17    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
c.paypal.com
20    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
5    2606:4700:4400::ac40:911b (United States)

ASN13335 (CLOUDFLARENET, US)
paypal-api.arkoselabs.com
4    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    34.106.92.18 (Salt Lake City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.92.106.34.bc.googleusercontent.com
b.stats.paypal.com
slc.stats.paypal.com
1    2606:2800:21f:5dfa:af2c:7a6d:4339:27e7 (United States)

ASN15133 (EDGECAST, US)
c6.paypal.com
Apex Domain
Subdomains		 Transfer
24 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2528
c.paypal.com — Cisco Umbrella Rank: 5901
t.paypal.com — Cisco Umbrella Rank: 3306
b.stats.paypal.com — Cisco Umbrella Rank: 5131
slc.stats.paypal.com — Cisco Umbrella Rank: 9251
c6.paypal.com — Cisco Umbrella Rank: 6763
105 KB
20 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2248
390 KB
5 arkoselabs.com
paypal-api.arkoselabs.com — Cisco Umbrella Rank: 58799
60 KB
1 worldcitizenstv.com
worldcitizenstv.com
220 B
1 awesometools.us
awesometools.us
718 B
0 Failed
function sub() { [native code] }. Failed
51 6
Domain Requested by
20 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
12 www.paypal.com www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
5 paypal-api.arkoselabs.com www.paypalobjects.com
paypal-api.arkoselabs.com
4 t.paypal.com
1 c6.paypal.com
1 slc.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 worldcitizenstv.com 1 redirects
1 awesometools.us
0 192.55.233.1 Failed www.paypalobjects.com
51 11

This site contains no links.

Subject Issuer Validity Valid
awesometools.us
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-25 -
2023-04-25		 a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2022-09-23 -
2023-09-22		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh

This page contains 4 frames:

Primary Page: https://www.paypal.com/ch/signin
Frame ID: 349EBF058FA3DFBE1F81555703A23FD3
Requests: 38 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/arkoseRDACaptcha.html
Frame ID: 007C0E8C981687C9DA6E48E1C4E6DD0B
Requests: 6 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 5C04357A59BE723D70F106B2BAFD73AF
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v1/counter2.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng
Frame ID: 4784090ED8BEEB8B782A527EAE7394F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Page URL History Show full URLs

  1. https://awesometools.us/de/ Page URL
  2. https://worldcitizenstv.com/Ch/ HTTP 302
    https://www.paypal.com/ch/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

51
Requests

94 %
HTTPS

25 %
IPv6

6
Domains

11
Subdomains

8
IPs

1
Countries

555 kB
Transfer

1525 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://awesometools.us/de/ Page URL
  2. https://worldcitizenstv.com/Ch/ HTTP 302
    https://www.paypal.com/ch/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng HTTP 302
  • https://slc.stats.paypal.com/v1/counter2.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
awesometools.us/de/ 		621 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://awesometools.us/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.179.164 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
r119.tmd.cloud
Software
Apache /
Resource Hash
c9ae1d29a7f44e65018ca580b880f9c640c8ca7725fbcecf017e79fe206d19a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
621
content-type
text/html
date
Thu, 20 Oct 2022 14:02:33 GMT
last-modified
Mon, 08 Aug 2022 09:43:29 GMT
server
Apache
Primary Request signin
www.paypal.com/ch/
Redirect Chain
  • https://worldcitizenstv.com/Ch/
  • https://www.paypal.com/ch/signin
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D68) /
Resource Hash
fa178d2091a27f3bab5b0eb6dcd3dafd58f826fa3366138f36e22652ad82b876
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-24bh4PC2w2D2B6Vlkh1AGMWgJCpGC4cAKSICMgn2vOTh4NpI' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://awesometools.us/de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-24bh4PC2w2D2B6Vlkh1AGMWgJCpGC4cAKSICMgn2vOTh4NpI' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Thu, 20 Oct 2022 14:02:35 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6f80-b7+8jLq1avavYDkmj/qVoWcmKYA"
paypal-debug-id
08abb084784aa
server
ECAcc (dcd/7D68)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=149
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000008abb084784aa-bb1c6a498dfe6501-01
vary
Accept,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 14:02:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.paypal.com/ch/signin
pragma
no-cache
server
Apache
x-server-cache
false
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
MISS, HIT
paypal-debug-id
2f95f91af9bec
dc
ccg11-origin-www-1.paypal.com
content-length
6711
x-served-by
cache-dfw18665-DFW, cache-ewr18161-EWR
last-modified
Wed, 06 Apr 2022 10:20:48 GMT
x-timer
S1666274555.491263,VS0,VE0
etag
W/"624d6980-5940"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
0, 35500
contextualLoginElementalUI.css
www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/ 		133 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d35215423f3cccfef416351a5c1c322f66c207973a32a6c269bc6da3f38f10e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
14, 10
date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
1ff8ff794d77f
dc
ccg11-origin-www-1.paypal.com
content-length
22165
x-served-by
cache-dfw-kdfw8210044-DFW, cache-ewr18161-EWR
last-modified
Mon, 17 Oct 2022 20:58:32 GMT
traceparent
00-00000000000000000001ff8ff794d77f-75fc6245504be9ec-01
x-timer
S1666274555.491152,VS0,VE0
etag
W/"634dc1f8-21312"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 19 Oct 2023 22:28:04 GMT
modernizr-2.6.1.js
www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/lib/modernizr-2.6.1.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
8, 1094
date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
9349f2c22c051
dc
ccg11-origin-www-1.paypal.com
content-length
1788
x-served-by
cache-dfw-kdfw8210034-DFW, cache-ewr18161-EWR
last-modified
Mon, 17 Oct 2022 20:58:34 GMT
traceparent
00-00000000000000000009349f2c22c051-9d084871d5d3c1b1-01
x-timer
S1666274555.491129,VS0,VE0
etag
W/"634dc1fa-edf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 19 Oct 2023 22:24:19 GMT
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
paypal-debug-id
4532ba60d20e2
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1238
x-served-by
cache-dfw18677-DFW, cache-ewr18161-EWR
x-timer
S1666274556.531516,VS0,VE0
etag
"49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
13, 22464
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
paypal-debug-id
611de2569d9f
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1709
x-served-by
cache-dfw18626-DFW, cache-ewr18161-EWR
x-timer
S1666274556.531494,VS0,VE0
etag
"e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
245, 22493
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/lib/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/lib/fn-sync-telemetry-min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
8, 1400
date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
558a3d40a54b1
dc
ccg11-origin-www-1.paypal.com
content-length
2303
x-served-by
cache-dfw-kdfw8210071-DFW, cache-ewr18161-EWR
last-modified
Mon, 17 Oct 2022 20:58:34 GMT
traceparent
00-0000000000000000000558a3d40a54b1-acb07236404eb18f-01
x-timer
S1666274556.524315,VS0,VE0
etag
W/"634dc1fa-159e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 19 Oct 2023 22:24:19 GMT
signin-split.js
www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/ 		193 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/signin-split.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64c768faa194fe47c2bde0b0d29585690d4085515c54631b8800221dc66cdb7a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
12, 385
date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
acde6860dd8be
dc
ccg11-origin-www-1.paypal.com
content-length
46988
x-served-by
cache-dfw-kdfw8210046-DFW, cache-ewr18161-EWR
last-modified
Mon, 17 Oct 2022 20:58:33 GMT
traceparent
00-0000000000000000000acde6860dd8be-36683ab0c4892f7d-01
x-timer
S1666274556.526882,VS0,VE0
etag
W/"634dc1f9-30476"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 19 Oct 2023 22:24:19 GMT
ioc.js
www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/ioc.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
10, 160
date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
c78c8e6ce9d6b
dc
ccg11-origin-www-1.paypal.com
content-length
2005
x-served-by
cache-dfw-kdfw8210056-DFW, cache-ewr18161-EWR
last-modified
Mon, 17 Oct 2022 20:58:33 GMT
traceparent
00-0000000000000000000c78c8e6ce9d6b-be1cd26ab7a98227-01
x-timer
S1666274556.531238,VS0,VE0
etag
W/"634dc1f9-1407"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 19 Oct 2023 22:24:19 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0313530d767ba49cabd5ed42925963dac3d2484a373311ea31e004d7b556c16
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
1021395ee5103
dc
ccg11-origin-www-1.paypal.com
content-length
21559
x-served-by
cache-dfw-kdfw8210076-DFW, cache-ewr18161-EWR
last-modified
Wed, 05 Oct 2022 21:58:33 GMT
traceparent
00-00000000000000000001021395ee5103-c3799a5a68af74bb-01
x-timer
S1666274556.531536,VS0,VE0
etag
W/"633dfe09-dd26"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
13, 35411
arkoseRDA.js
www.paypalobjects.com/webcaptcha/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/arkoseRDA.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/ch/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e998a5c3498e92a3271d5ba8a15db6798e2b28de496df354f213a587300c1219
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
f735cbc783281
dc
ccg11-origin-www-1.paypal.com
content-length
4105
x-served-by
cache-dfw-kdfw8210093-DFW, cache-ewr18161-EWR
last-modified
Thu, 22 Sep 2022 14:44:08 GMT
traceparent
00-0000000000000000000f735cbc783281-ac325cb941ef2778-01
x-timer
S1666274556.531482,VS0,VE0
etag
W/"632c74b8-2d8e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 4876
momgram@2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/momgram@2x.png
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3f1bf1d5e25838bcad8535a2b700486644f4ea888e46c77d3e82783cb9da1b4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=1996 idim=60x74 ifmt=png ofsz=1768 odim=60x74 ofmt=png
paypal-debug-id
c66540b04cbd6
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1768
x-served-by
cache-dfw18642-DFW, cache-ewr18161-EWR
x-timer
S1666274556.532907,VS0,VE0
etag
"n1eiFwTHQZT8r7LMVF4RJSE9QNnoZS4jSUvEYSZDtgw"
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
2586, 4068
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
c1284d29aecd4
dc
ccg11-origin-www-1.paypal.com
content-length
47339
x-served-by
cache-dfw-kdfw8210126-DFW, cache-ewr18123-EWR
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
traceparent
00-0000000000000000000c1284d29aecd4-f22d575342638711-01
x-timer
S1666274556.590940,VS0,VE0
etag
"560b6e70-b8eb"
content-type
font/woff
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
913, 1431
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
dbe437ea2521a
dc
ccg11-origin-www-1.paypal.com
content-length
25368
x-served-by
cache-dfw18625-DFW, cache-ewr18123-EWR
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1666274556.591088,VS0,VE0
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 7310
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/css/contextualLoginElementalUI.css
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
b70e3b92613b9
dc
ccg11-origin-www-1.paypal.com
content-length
18508
x-served-by
cache-dfw18637-DFW, cache-ewr18123-EWR
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1666274556.590917,VS0,VE0
etag
"60271cda-484c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 7073
latmconf.js
www.paypalobjects.com/pa/mi/ 		292 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0385cda4e6e27f58162bd65e3d45946965ca2f4f9257c8bba8f296e4ca113f4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
4e74bad81d45a
dc
ccg11-origin-www-1.paypal.com
content-length
34784
x-served-by
cache-dfw-kdfw8210110-DFW, cache-ewr18123-EWR
last-modified
Tue, 11 Oct 2022 20:28:11 GMT
traceparent
00-00000000000000000004e74bad81d45a-e7ca64009e3e2bfe-01
x-timer
S1666274556.591065,VS0,VE0
etag
W/"6345d1db-49117"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
4, 7971
logclientdata
www.paypal.com/auth/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D81) /
Resource Hash
4aa3345bb6f8ab7962da9e189b8c04726d104cc389f4cece6a7773fa9b257bac
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-0tjS7GhRG4GhqBMOqkfuA0J9pawd5kR5RfDeG03IXahlW5TN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-0tjS7GhRG4GhqBMOqkfuA0J9pawd5kR5RfDeG03IXahlW5TN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
014301b987985
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=108
dc
ccg11-origin-www-1.paypal.com
content-length
917
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D81)
traceparent
00-0000000000000000000014301b987985-f936206af6260cc8-01
etag
W/"775-FFglALPIeeTtLpEgHTxc+iQIiew"
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
arkoseRDACaptcha.html
www.paypalobjects.com/webcaptcha/ Frame 007C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/arkoseRDACaptcha.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/arkoseRDA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
baf228234839b6a17d498c75182a55a3e5192cea391be845c996a5fb1db7f9b1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
1908
content-type
text/html
date
Thu, 20 Oct 2022 14:02:35 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"632c74b8-18a2"
last-modified
Thu, 22 Sep 2022 14:44:08 GMT
paypal-debug-id
f56b123d378f8
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000f56b123d378f8-237ecebc4e111972-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 4856
x-content-type-options
nosniff
x-served-by
cache-dfw-kdfw8210110-DFW, cache-ewr18161-EWR
x-timer
S1666274556.597055,VS0,VE0
/
paypal-api.arkoselabs.com/fc/api/ Frame 007C 		376 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-api.arkoselabs.com/fc/api/?onload=arkoseCallback
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/arkoseRDACaptcha.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e775bccc8a098060923b5f0da92fdfeafc945f7ba08a40a227434939208f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
etag
W/"7f648daea2c51c851d54e43a70239500dbd022c3|sha384-8ZrPXLsobsdfdtnO7hDJfHQrUTTz9rXHwoTtO29PCWwmbF7lvRW/ygkpFc7utXIu"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, no-cache
cf-ray
75d24ac5ad74d153-BUF
x-xss-protection
1; mode=block
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.2.0/ 		191 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
586f0eb92dcb65651bb48a4d846c39f6cb02d7f9ce88943a2a45fbac7d863334
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
885ce1890e44c
dc
ccg11-origin-www-1.paypal.com
content-length
52759
x-served-by
cache-dfw-kdfw8210077-DFW, cache-ewr18123-EWR
last-modified
Wed, 14 Sep 2022 19:41:31 GMT
traceparent
00-0000000000000000000885ce1890e44c-c4909f59bfec9aa5-01
x-timer
S1666274556.688544,VS0,VE0
etag
W/"63222e6b-2fbb4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
1, 7162
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.2.0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa3020d20fe753464cc473d2afb758a43f77a2404671c663d511f686d4f4c0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
9aabef0029688
dc
ccg11-origin-www-1.paypal.com
content-length
2673
x-served-by
cache-dfw-kdfw8210125-DFW, cache-ewr18123-EWR
last-modified
Wed, 14 Sep 2022 19:41:31 GMT
traceparent
00-00000000000000000009aabef0029688-f9f266a57b68f086-01
x-timer
S1666274556.740013,VS0,VE0
etag
W/"63222e6b-190a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
1, 7125
resourceaccesstoken
192.55.233.1/ Frame 		0
0
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D5E) /
Resource Hash
c8c16851282109c528152b0da20907a12a7abdff8f47f2762dc799dbedc5ac7c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-bff7txlOb10YlAocEjTeN2srprG0shhVBX/t+nhasY/WRCGt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-bff7txlOb10YlAocEjTeN2srprG0shhVBX/t+nhasY/WRCGt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0397030263b7a
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=113
dc
ccg11-origin-www-1.paypal.com
content-length
1099
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D5E)
traceparent
00-00000000000000000000397030263b7a-dd8892f4ee50f13c-01
etag
W/"8cd-QPyXs/xHDSDWSCjI6IaMtE65a0w"
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
fb.js
c.paypal.com/da/r/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/4a1/4f596bc41af22cdd5880e5cd9fb7f/js/signin-split.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7931) /
Resource Hash
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1108982
x-cache
HIT
paypal-debug-id
889b81acd44d7
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc
ccg11-origin-www-1.paypal.com
content-length
20053
last-modified
Tue, 09 Aug 2022 20:44:56 GMT
server
ECAcc (nya/7931)
traceparent
00-0000000000000000000889b81acd44d7-cd2fc9bd5d5ebd2d-01
etag
"62f2c748-e586"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Oct 2022 14:02:35 GMT
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D27) /
Resource Hash
31c132f11294bcdd91174db7bc6c3c7a14569903cc76269def55f052f5cc787f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-GeQbrIdHV5BsS0mo9JaASLN/cBQzaGoc1kYmn2K+QcMJg8Oy' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-GeQbrIdHV5BsS0mo9JaASLN/cBQzaGoc1kYmn2K+QcMJg8Oy' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
051a3a86651a4
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=115
dc
ccg11-origin-www-1.paypal.com
content-length
1005
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D27)
traceparent
00-0000000000000000000051a3a86651a4-394f81460279f0d0-01
etag
W/"82d-eN+t4IT6HaKj5q885dvTntPRixU"
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
challenge.js
www.paypal.com/auth/createchallenge/134599aedf75e663/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/134599aedf75e663/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D27) /
Resource Hash
d106ec2ce284c77c74920d064f0daa9d91db4cea972efbd3b725e680ca22fe9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jl4UbpjsxHIjH8+PImPQsdeCVI2h+T8na8HmbN+phJZXtswp' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jl4UbpjsxHIjH8+PImPQsdeCVI2h+T8na8HmbN+phJZXtswp' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0148300324433
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=243
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D27)
traceparent
00-00000000000000000000148300324433-a5261137e931c1c4-01
etag
W/"4647-DeRS11WeqNQk+54yr4qIiVcifXE"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D06) /
Resource Hash
eccfc01c9d92bdf965c18f6747efe3aa0ec3a890de79197bb660bfc438acf556
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-zqPwHekqySUk28TpfN6TpIAAhQRYv+fM/u9q6LXRjQzyvISF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-zqPwHekqySUk28TpfN6TpIAAhQRYv+fM/u9q6LXRjQzyvISF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
030741a22b260
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=113
dc
ccg11-origin-www-1.paypal.com
content-length
1025
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D06)
traceparent
00-0000000000000000000030741a22b260-c826609cea9258c2-01
etag
W/"85d-ZhIO1ORrusYOdpAJyBOIeDm72vU"
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
resourceaccesstoken
192.55.233.1/ 		0
0
cookie-banner
www.paypal.com/signin/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/cookie-banner?
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D69) /
Resource Hash
35e4b6f367d38a01c88fef0a2049ed851277c8b275dfd18182e23ba4e812b161
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-wi+akyROxJOSMF4qk+OaKUuF0sCgn8qkx2Wan5XiCbs33SmX' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-wi+akyROxJOSMF4qk+OaKUuF0sCgn8qkx2Wan5XiCbs33SmX' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
02a1901349319
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=137
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D69)
traceparent
00-000000000000000000002a1901349319-3485bac7e671815e-01
etag
W/"4d5e-WnTR/eLr87kSB4AyoLWlCSI7kPU"
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
load-resource
www.paypal.com/signin/ 		65 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D1D) /
Resource Hash
7f137f0ab4c7a4bcfd799cccd9048cc3cf17df86f458f88229a27369738134ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-EIHAAyed+pOZUP/M/phtdnEUsnI3nmcL6htUuw67YjZNZ1Ox' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-EIHAAyed+pOZUP/M/phtdnEUsnI3nmcL6htUuw67YjZNZ1Ox' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
09057a8952372
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=165
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D1D)
traceparent
00-000000000000000000009057a8952372-6c678850c1e1bc3f-01
etag
W/"10565-NBq2Di7fOfQ3YO1BeZmoF/g3/8A"
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
funcaptcha_api.js
paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/ Frame 007C 		125 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/funcaptcha_api.js
Requested by
Host: paypal-api.arkoselabs.com
URL: https://paypal-api.arkoselabs.com/fc/api/?onload=arkoseCallback
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b6be1adaf29a899085acbe4d7764880a9b38ce1ee35e9870e5a1421a7ccd57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
w6Owa0F8f7gNkp.5ph1ydyhxBXZB8gnn
age
47005
x-amz-request-id
WT9Z35ACTJ6F5D8S
x-amz-id-2
BWV71Ru+kihnOvklUWHA4pdVxrAxrAIJNDPA638bKzWxAOAMor8q6A4nMKXxER5qtjJiAV82GqI=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Oct 2022 06:33:39 GMT
server
cloudflare
etag
W/"a761ae8406d7b6cae07afa578ccbcbf7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
75d24ac5dd85d153-BUF
logclientdata
www.paypal.com/auth/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D5F) /
Resource Hash
0caaa872c3183ae3db4268df9140c48e8d953fa6fb50c6dbd960436ab30fc5a0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-4YzJMS9UoyYYmPT1GG4txolxC9f26JmxlvOeaOPvk6tH/AmN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-4YzJMS9UoyYYmPT1GG4txolxC9f26JmxlvOeaOPvk6tH/AmN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
08164443b3935
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=135
dc
ccg11-origin-www-1.paypal.com
content-length
918
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D5F)
traceparent
00-000000000000000000008164443b3935-bb5ce04acbc8586b-01
etag
W/"771-UWeO2JcvX//tFS7L9//t2gtmZ44"
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
dbe437ea2521a
dc
ccg11-origin-www-1.paypal.com
content-length
25368
x-served-by
cache-dfw18625-DFW, cache-ewr18123-EWR
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
x-timer
S1666274556.980191,VS0,VE0
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 7311
ts
t.paypal.com/ 		42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.3&t=1666274555960&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1666274555112&calc=08abb084784aa&nsid=8__aIILcIAwbzyq-kxp6w0h6ZVrCvlS7&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=be03923dbc5a4f638d41fbbb1adf9301&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&e=ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 20 Oct 2022 14:02:36 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
10bb695211cf4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kiad7000065-IAD, cache-ewr18120-EWR
pragma
no-cache
traceparent
00-000000000000000000010bb695211cf4-aa33383bd8b94f89-01
x-timer
S1666274556.238882,VS0,VE79
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 14:02:36 GMT
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=110177 idim=22x7296 ifmt=png ofsz=72320 odim=22x7296 ofmt=png
paypal-debug-id
82d6f1bfd0fdf
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
72320
x-served-by
cache-dfw18651-DFW, cache-ewr18161-EWR
x-timer
S1666274556.997978,VS0,VE0
etag
"XyrhkHZDOkR7RmyrX11SqXi9LE9tzruVrgkvFWDhG7A"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1, 16654
i
c.paypal.com/v1/r/d/ Frame 5C04 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D44) /
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
141
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
492bfd12968ca
date
Thu, 20 Oct 2022 14:02:35 GMT
paypal-debug-id
492bfd12968ca
server
ECAcc (dcd/7D44)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=77
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000492bfd12968ca-bd36d4fffdb76a25-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counter2.cgi
slc.stats.paypal.com/v1/ Frame 4784
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng
  • https://slc.stats.paypal.com/v1/counter2.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng
Protocol
HTTP/1.1
Server
34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
18.92.106.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 14:02:36 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD1iZTAzOTIzZGJjNWE0ZjYzOGQ0MWZiYmIxYWRmOTMwMSZpPTk2LjkuMjQ5LjM4JnQ9MTY2NjI3NDU1NS4xMzcmYT0yMSZzPVVOSUZJRURfTE9HSU7xbgMIbZpe5MLO_p7uZD8ODPBwng
Date
Thu, 20 Oct 2022 14:02:36 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
verifychallenge
www.paypal.com/auth/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifychallenge
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D3C) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-oQQXylvfLLY/lSQmobwGZ7fQnbNb9K2O8Nhix/vVGKFa7bzq' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-oQQXylvfLLY/lSQmobwGZ7fQnbNb9K2O8Nhix/vVGKFa7bzq' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
date
Thu, 20 Oct 2022 14:02:36 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (dcd/7D3C)
traceparent
00-000000000000000000007127794a7b08-b5a28d600f57db9d-01
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
paypal-debug-id
07127794a7b08
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=102
dc
ccg11-origin-www-1.paypal.com
timing-allow-origin
*
content-length
2
x-xss-protection
1; mode=block
fb.js
c.paypal.com/da/r/ Frame 5C04 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7931) /
Resource Hash
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1108983
x-cache
HIT
paypal-debug-id
889b81acd44d7
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=3
dc
ccg11-origin-www-1.paypal.com
content-length
20053
last-modified
Tue, 09 Aug 2022 20:44:56 GMT
server
ECAcc (nya/7931)
traceparent
00-0000000000000000000889b81acd44d7-cd2fc9bd5d5ebd2d-01
etag
"62f2c748-e586"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Oct 2022 14:02:36 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 5C04 		125 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D38) /
Resource Hash
2b0b300fa56662e1be2784fab4a8c4e22fa9fdda4975bb9aedd1cb8d9417d205
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 14:02:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
5ab83528a3806
server
ECAcc (dcd/7D38)
traceparent
00-00000000000000000005ab83528a3806-458fef2c36f70030-01
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
5ab83528a3806
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=124
timing-allow-origin
*
content-length
125
e
c.paypal.com/v1/r/d/b/ Frame 5C04 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D38) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 14:02:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
9e9b48a45fd1b
server
ECAcc (dcd/7D38)
traceparent
00-00000000000000000009e9b48a45fd1b-271d2a3653f18fed-01
paypal-debug-id
9e9b48a45fd1b
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=98
timing-allow-origin
*
p3
c6.paypal.com/v1/r/d/b/ Frame 5C04 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=be03923dbc5a4f638d41fbbb1adf9301&s=UNIFIED_LOGIN_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:5dfa:af2c:7a6d:4339:27e7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D43) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:35 GMT
content-encoding
gzip
correlation-id
fe81b25f577f5
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (dcd/7D43)
traceparent
00-0000000000000000000fe81b25f577f5-7a06c5a1a18c15c7-01
vary
Accept-Encoding
paypal-debug-id
fe81b25f577f5
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=136
timing-allow-origin
*
content-length
20
tealeaftarget
www.paypal.com/platform/ 		40 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D84) /
Resource Hash
c9271a1da4f8ea62fc0fb79258fdba06ed1eebfc5235b4a994fba09baf1b77a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-Tealeaf-SyncXHR
false
X-Tealeaf
device (UIC) Lib/6.2.0.2010
accept-language
en-US,en;q=0.9
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
27724269482907669117081698864042
X-Requested-With
fetch
X-TealeafType
GUI
X-PageId
P.KWD98AU86QV6LJARDUHSWYW69X28
X-TeaLeaf-Page-Url
/ch/signin
Referer
https://www.paypal.com/ch/signin

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date
Thu, 20 Oct 2022 14:02:36 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
07879a0b00394
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=75
dc
ccg11-origin-www-1.paypal.com
content-length
40
x-xss-protection
1; mode=block
server
ECAcc (dcd/7D84)
traceparent
00-000000000000000000007879a0b00394-144f18baf2ee2791-01
etag
W/"28-QwVd5hBrGa3Zokj6HnK0xgGk7vs"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.3&t=1666274556351&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1666274555112&calc=08abb084784aa&nsid=8__aIILcIAwbzyq-kxp6w0h6ZVrCvlS7&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=be03923dbc5a4f638d41fbbb1adf9301&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105604%2C104200%2C102557%2C101408%2C106031%2C106033%2C106032%2C105392%2C106035%2C106034%2C106036%2C106057%2C105416%2C104039%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124899%2C117843%2C109630%2C104576%2C127405%2C127413%2C127409%2C123875%2C127420%2C127416%2C127424%2C127561%2C125100%2C120731%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&imsrc=setup&view=%7B%22t10%22%3A164%2C%22t11%22%3A2017%2C%22tcp%22%3A1615%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A150%7D&pt=Log%20in%20to%20your%20PayPal%20account&ru=https%3A%2F%2Fawesometools.us%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=164&t1c=164&t1d=62&t1s=66&t2=176&t3=2&t4d=0&t4=0&t4e=6&tt=1870&rdc=0&protocol=h2&cdn=edgecast&res=%7B%7D&t12=707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 20 Oct 2022 14:02:36 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
26bf9e3965e25
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200150-IAD, cache-ewr18120-EWR
pragma
no-cache
traceparent
00-000000000000000000026bf9e3965e25-32806228bb2e1639-01
x-timer
S1666274556.374151,VS0,VE91
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 14:02:36 GMT
357357EC-3FA7-418F-BDD3-B4649735C883
paypal-api.arkoselabs.com/fc/gt2/public_key/ Frame 007C 		1 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paypal-api.arkoselabs.com/fc/gt2/public_key/357357EC-3FA7-418F-BDD3-B4649735C883
Requested by
Host: paypal-api.arkoselabs.com
URL: https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/funcaptcha_api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d11490b5e7ca28f15593d3390782b63bf292ffdb19c002162353f72a08ac99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 20 Oct 2022 14:02:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
hackers
www.arkoselabs.com/whitehat/
cf-cache-status
DYNAMIC
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
sregion
us-east-1
cf-ray
75d24aca3a59d157-BUF
x-xss-protection
1; mode=block
fc_bootstrap.js
paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/ Frame 007C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/fc_bootstrap.js
Requested by
Host: paypal-api.arkoselabs.com
URL: https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/funcaptcha_api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff6f26fd147dc297f86e53c290086124f7cd673f992cf857634ca3437319d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Origin
https://www.paypalobjects.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
YKtUjlfXrKD8K.g2uO6eZ5rw.z5e3FNc
age
34757
x-amz-request-id
J0QVXAVC7QHK4MKG
x-amz-id-2
+BPQgCRJLkANxXXP4vyRgIZPE0wH57eNz5j46noUmYIZGjHDaTD51gGaIoOfzdhc2ijHSjrQNjI=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Oct 2022 06:33:39 GMT
server
cloudflare
etag
W/"2233a888384717de5cca4ad71b1be7d8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
75d24acd2b12d157-BUF
/
paypal-api.arkoselabs.com/fc/a/ Frame 007C 		27 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-api.arkoselabs.com/fc/a/?callback=fcAnalytic&category=loaded&action=game%20loaded&session_token=40635154fc8846c4.0784432601&r=us-east-1&metabgclr=transparent&guitextcolor=%23000000&metaiconclr=%23757575&meta=7&meta_height=305&meta_width=330&lang=en&pk=357357EC-3FA7-418F-BDD3-B4649735C883&at=40&sup=1&rid=22&ag=101&cdn_url=https%3A%2F%2Fpaypal-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-us-east-1.arkoselabs.com&surl=https%3A%2F%2Fpaypal-api.arkoselabs.com&smurl=https%3A%2F%2Fpaypal-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&data[public_key]=357357EC-3FA7-418F-BDD3-B4649735C883&data[site]=https%3A%2F%2Fwww.paypalobjects.com
Requested by
Host: paypal-api.arkoselabs.com
URL: https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/fc_bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d582f1bad5e34889dcaad811d54b4bcd8a29f9042f25f3a3ced25cf21b54bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 14:02:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
hackers
www.arkoselabs.com/whitehat/
cf-cache-status
MISS
last-modified
Thu, 20 Oct 2022 14:02:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
sregion
us-east-1
cf-ray
75d24acd7fa7d153-BUF
x-xss-protection
1; mode=block
verifyarkoserdacaptcha
www.paypal.com/auth/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifyarkoserdacaptcha
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D73) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-lmKZ7osEB9Jd3qKDXZ62jaGpRBgzMKh++zlUtXMTRCrvLIjz' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/ch/signin
x-requested-with
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-lmKZ7osEB9Jd3qKDXZ62jaGpRBgzMKh++zlUtXMTRCrvLIjz' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; form-action 'self' https://*.paypal.com https://*.paypal.cn; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 14:02:37 GMT
server
ECAcc (dcd/7D73)
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-00000000000000000000644266933265-d3420d74e325cccb-01
vary
Accept-Encoding
paypal-debug-id
0644266933265
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=387
dc
ccg11-origin-www-1.paypal.com
timing-allow-origin
*
content-length
20
x-xss-protection
1; mode=block
ts
t.paypal.com/ 		42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.3&t=1666274557353&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1666274555112&calc=08abb084784aa&nsid=8__aIILcIAwbzyq-kxp6w0h6ZVrCvlS7&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=be03923dbc5a4f638d41fbbb1adf9301&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105604%2C104200%2C102557%2C101408%2C106031%2C106033%2C106032%2C105392%2C106035%2C106034%2C106036%2C106057%2C105416%2C104039%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124899%2C117843%2C109630%2C104576%2C127405%2C127413%2C127409%2C123875%2C127420%2C127416%2C127424%2C127561%2C125100%2C120731%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=121&t3=1&tt=123&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A123%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 20 Oct 2022 14:02:37 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
cd07f3ed0a2a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200061-IAD, cache-ewr18120-EWR
pragma
no-cache
traceparent
00-00000000000000000000cd07f3ed0a2a-2a98cef378fced15-01
x-timer
S1666274557.373787,VS0,VE88
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 14:02:37 GMT
ts
t.paypal.com/ 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.3&t=1666274557354&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1666274555112&calc=08abb084784aa&nsid=8__aIILcIAwbzyq-kxp6w0h6ZVrCvlS7&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CH&csci=be03923dbc5a4f638d41fbbb1adf9301&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105604%2C104200%2C102557%2C101408%2C106031%2C106033%2C106032%2C105392%2C106035%2C106034%2C106036%2C106057%2C105416%2C104039%2C102390%2C104571%2C101216%2C103648%2C104200&xt=124899%2C117843%2C109630%2C104576%2C127405%2C127413%2C127409%2C123875%2C127420%2C127416%2C127424%2C127561%2C125100%2C120731%2C108797%2C121328%2C103864%2C114559%2C117843&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=106&t3=1&tt=108&protocol=h2&cdn=edgecast&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A108%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/ch/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 20 Oct 2022 14:02:37 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b56a1ad44085d
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-iad-kcgs7200118-IAD, cache-ewr18120-EWR
pragma
no-cache
traceparent
00-0000000000000000000b56a1ad44085d-9c6ba9133dd2f446-01
x-timer
S1666274557.374017,VS0,VE78
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 14:02:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
192.55.233.1
URL
https://192.55.233.1/resourceaccesstoken
Domain
192.55.233.1
URL
https://192.55.233.1/resourceaccesstoken

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr boolean| paypalADSInterceptorInjected function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ function| _classCallCheck function| _typeof function| _createClass number| HTTPOK string| HTTPGET string| HTTPPOST number| DEFAULT_XHR_TIMEOUT object| fpti string| fptiserverurl object| fptiOptions boolean| trackLazyData object| _ifpti function| _0x4e90 function| _0x1c43 object| latmconf object| laDataLayer object| pako object| TLT function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x4a2a function| _0x1f7277 object| d function| fdebfcfed function| _0x5511 object| err

15 Cookies

Domain/Path Name / Value
worldcitizenstv.com/ Name: PHPSESSID
Value: 49e5dfe80e9e1c883ae90fc83db2183e
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: be03923dbc5a4f638d41fbbb1adf93011666274555121
.paypal.com/ Name: LANG
Value: en_US%3BCH
www.paypal.com/ Name: nsid
Value: s%3A8__aIILcIAwbzyq-kxp6w0h6ZVrCvlS7.6aFuPoqoAmOK4pdC1LqQ%2F6Fj%2BbVI5o2GzysGh6O0dvw
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts_c
Value: vr%3Df5b3f4d61830a78858c222e9fb888dc3%26vt%3Df5b3f4d61830a78858c222e9fb888dc2
.paypal.com/ Name: TLTSID
Value: 27724269482907669117081698864042
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.c.paypal.com/ Name: sc_f
Value: URTZB9AYD81-OVLN9OaKSfE8C9wHzVZ4lBlhqRLXURLqUnSf2uzhZMqKlWM09_JhWIwk_lzE_K0wi3FtcM84AlyTWGNpc4SZNmD0D0
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: zYAwDS7chRDzEzWgR2x9c1PrdJPkpxHk5vVam1YeC1xgyTbOwSg9LBcDPs7ipul0BmIW7PGOz1wx0x6H
.stats.paypal.com/ Name: c
Value: 792715c4db4a8d47c003
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY2NjI3NDU1NzM5MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1760968957%26vteXpYrS%3D1666276357%26vr%3Df5b3f4d61830a78858c222e9fb888dc3%26vt%3Df5b3f4d61830a78858c222e9fb888dc2%26vtyp%3Dnew

2 Console Messages

Source Level URL
Text
javascript warning URL: https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/funcaptcha_api.js(Line 1)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://paypal-api.arkoselabs.com/cdn/fc/js/7f648daea2c51c851d54e43a70239500dbd022c3/standard/funcaptcha_api.js(Line 1)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

192.55.233.1
awesometools.us
b.stats.paypal.com
c.paypal.com
c6.paypal.com
paypal-api.arkoselabs.com
slc.stats.paypal.com
t.paypal.com
worldcitizenstv.com
www.paypal.com
www.paypalobjects.com
192.55.233.1
151.101.2.133
151.101.65.35
192.229.210.155
192.254.230.170
2606:2800:21f:5dfa:af2c:7a6d:4339:27e7
2606:4700:4400::ac40:911b
34.106.92.18
67.212.179.164
07d4a44d248156a0e3d0c604d7359e54f3b021eeec70b7c3a1d127a141f76d97
0caaa872c3183ae3db4268df9140c48e8d953fa6fb50c6dbd960436ab30fc5a0
1d35215423f3cccfef416351a5c1c322f66c207973a32a6c269bc6da3f38f10e
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
2b0b300fa56662e1be2784fab4a8c4e22fa9fdda4975bb9aedd1cb8d9417d205
31c132f11294bcdd91174db7bc6c3c7a14569903cc76269def55f052f5cc787f
35e4b6f367d38a01c88fef0a2049ed851277c8b275dfd18182e23ba4e812b161
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4aa3345bb6f8ab7962da9e189b8c04726d104cc389f4cece6a7773fa9b257bac
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
4ff6f26fd147dc297f86e53c290086124f7cd673f992cf857634ca3437319d7a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
586f0eb92dcb65651bb48a4d846c39f6cb02d7f9ce88943a2a45fbac7d863334
64c768faa194fe47c2bde0b0d29585690d4085515c54631b8800221dc66cdb7a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7f137f0ab4c7a4bcfd799cccd9048cc3cf17df86f458f88229a27369738134ce
83e775bccc8a098060923b5f0da92fdfeafc945f7ba08a40a227434939208f4e
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95d582f1bad5e34889dcaad811d54b4bcd8a29f9042f25f3a3ced25cf21b54bf
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
aa3020d20fe753464cc473d2afb758a43f77a2404671c663d511f686d4f4c0e2
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b0313530d767ba49cabd5ed42925963dac3d2484a373311ea31e004d7b556c16
b0385cda4e6e27f58162bd65e3d45946965ca2f4f9257c8bba8f296e4ca113f4
b3f1bf1d5e25838bcad8535a2b700486644f4ea888e46c77d3e82783cb9da1b4
baf228234839b6a17d498c75182a55a3e5192cea391be845c996a5fb1db7f9b1
c8c16851282109c528152b0da20907a12a7abdff8f47f2762dc799dbedc5ac7c
c9271a1da4f8ea62fc0fb79258fdba06ed1eebfc5235b4a994fba09baf1b77a7
c9ae1d29a7f44e65018ca580b880f9c640c8ca7725fbcecf017e79fe206d19a3
d106ec2ce284c77c74920d064f0daa9d91db4cea972efbd3b725e680ca22fe9a
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
e6b6be1adaf29a899085acbe4d7764880a9b38ce1ee35e9870e5a1421a7ccd57
e998a5c3498e92a3271d5ba8a15db6798e2b28de496df354f213a587300c1219
eccfc01c9d92bdf965c18f6747efe3aa0ec3a890de79197bb660bfc438acf556
f5d11490b5e7ca28f15593d3390782b63bf292ffdb19c002162353f72a08ac99
fa178d2091a27f3bab5b0eb6dcd3dafd58f826fa3366138f36e22652ad82b876