www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kfosterconsultingfirm.com/
Effective URL:
https://www.paypal.com/us/home
Submission: On August 10 via manual (August 10th 2024, 2:58:07 am UTC) from CR — Scanned from US

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 76 HTTP transactions. The main IP is 151.101.1.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3677.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.185.154.250 192.185.154.250	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	172.67.131.42 172.67.131.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1 18	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
43	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
1	63.140.39.22 63.140.39.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
76	6

1 192.185.154.250 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-154-250.unifiedlayer.com

kfosterconsultingfirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.131.42 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login-faxfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.1.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.22 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-22.data.adobedc.net

i.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 3281	647 KB
24	paypal.com 2 redirects paypal.com — Cisco Umbrella Rank: 2560 www.paypal.com — Cisco Umbrella Rank: 3677 t.paypal.com — Cisco Umbrella Rank: 4582 i.paypal.com — Cisco Umbrella Rank: 95910	77 KB
2	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1812	1 KB
1	gstatic.com www.gstatic.com	211 KB
1	login-faxfiles.com 1 redirects login-faxfiles.com	450 B
1	kfosterconsultingfirm.com 1 redirects kfosterconsultingfirm.com	343 B
0	paypalinc.com Failed cdn-latest.static.engineering.dev.paypalinc.com Failed
76	7

	Domain	Requested by
39	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
18	www.paypal.com	1 redirects www.paypal.com www.paypalobjects.com
4	t.paypal.com	www.paypal.com
2	www.recaptcha.net	www.paypal.com www.gstatic.com
1	www.gstatic.com	www.recaptcha.net
1	i.paypal.com	www.paypalobjects.com
1	paypal.com	1 redirects
1	login-faxfiles.com	1 redirects
1	kfosterconsultingfirm.com	1 redirects
0	cdn-latest.static.engineering.dev.paypalinc.com Failed	www.paypalobjects.com
76	10

This site contains links to these domains. Also see Links.

Domain
developer.paypal.com
about.pypl.com
newsroom.paypal-corp.com
careers.pypl.com
investor.pypl.com
www.synchronycredit.com
www.synchronybankterms.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
misc.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
i.paypal.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-30` - `2025-05-31`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/us/home
Frame ID: D16996AEC8E0787D0AEB72A3C1E028F3
Requests: 73 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: 8853CCDB50C0B276E275BE87A01B6D3D
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=ko2j4z6dv33s
Frame ID: 73D078527B33F2E7B86FA099DF37D6A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Digital Wallets, Money Management, and More | PayPal US

Page URL History Show full URLs

https://kfosterconsultingfirm.com/ HTTP 301
https://login-faxfiles.com/ HTTP 302
https://paypal.com/ HTTP 301
https://www.paypal.com/ HTTP 302
https://www.paypal.com/us/home Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Page Statistics

76
Requests

84 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

6
IPs

1
Countries

935 kB
Transfer

2848 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://developer.paypal.com/home/
Title: Developer Documentation

Search URL Search Domain Scan URL

URL: https://about.pypl.com/about-us/default.aspx
Title: About

Search URL Search Domain Scan URL

URL: https://newsroom.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://careers.pypl.com/home/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://investor.pypl.com/home/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://about.pypl.com/how-we-work/issues-and-advocacy/default.aspx
Title: Government Relations

Search URL Search Domain Scan URL

URL: https://www.synchronycredit.com/gecrbterms/html/PayPalCashbackRewardsTerms.htm
Title: Rewards Program Terms

Search URL Search Domain Scan URL

URL: https://www.synchronybankterms.com/gecrbterms/html/PayPalCashbackApplyTerms_combo.htm
Title: Terms and Rates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kfosterconsultingfirm.com/ HTTP 301
https://login-faxfiles.com/ HTTP 302
https://paypal.com/ HTTP 301
https://www.paypal.com/ HTTP 302
https://www.paypal.com/us/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
www.paypal.com/us/
Redirect Chain

https://kfosterconsultingfirm.com/
https://login-faxfiles.com/
https://paypal.com/
https://www.paypal.com/
https://www.paypal.com/us/home

155 KB
32 KB

373ms
372ms

Document
text/html

151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69c3e0a4eb6e3d01ed48926f4f5787f9f5842396acd5248e6bd3df867fb0c28e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.paypal-mktg.com https://.qualtrics.com; script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://.qualtrics.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sat, 10 Aug 2024 02:58:01 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"26cd0-Pat1VvKYYR7yFpNhMfyopeNcbgM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f137449d40940
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f137449d40940-28cb84455f6dd08d-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
x-timer: S1723258682.506916,VS0,VE310
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
content-length: 0
date: Sat, 10 Aug 2024 02:58:01 GMT
location: https://www.paypal.com/us/home
retry-after: 0
server: Varnish
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-bur-kbur8200090-BUR

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
7 KB 381ms
193ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D3) /

Resource Hash

d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 9d3021dad441b
dc: ccg11-origin-www-1.paypal.com
content-length: 6757
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
server: ECAcc (lac/55D3)
traceparent: 00-00000000000000000009d3021dad441b-f3fdba467bde548a-01
etag: "6697f682-5a55+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 helpers-5e912b41.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 130 KB
13 KB 255ms
68ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/helpers-5e912b41.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559C) /

Resource Hash

76096ea67c92f3dd58b1d751dbd95f34b60c02956030d713158190c577c5a948

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 8db62866c91b2
dc: ccg11-origin-www-1.paypal.com
content-length: 12942
last-modified: Wed, 10 Jul 2024 02:50:58 GMT
server: ECAcc (lac/559C)
traceparent: 00-00000000000000000008db62866c91b2-42efdbab449db585-01
etag: W/"668df712-209f2"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 spotlight-9d37c972.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 616 KB
217 KB 252ms
65ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/558F) /

Resource Hash

1ca19886efd7333d95efc6c1c364d20f86f0036466a033e049a19000450af9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: c6dcfa5fd5554
dc: ccg11-origin-www-1.paypal.com
content-length: 221617
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/558F)
traceparent: 00-0000000000000000000c6dcfa5fd5554-8371ce4eeb117f56-01
etag: "66b6a275-9a0f0+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 spotlight-72e1302a.css
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 112 B
541 B 254ms
67ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-72e1302a.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55D5) /

Resource Hash

72e1302ad83a5cb02992a96c4bba2de291a7d407cd4f08d3f0ba6f33e63bbf75

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: df5c6dc8cf8fd
dc: ccg11-origin-www-1.paypal.com
content-length: 112
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55D5)
traceparent: 00-0000000000000000000df5c6dc8cf8fd-8718a6ac4bea7779-01
etag: "66b6a275-70"
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 253ms
66ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5584) /

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: bf87b588dc7b5
dc: ccg11-origin-www-1.paypal.com
content-length: 27457
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
server: ECAcc (lac/5584)
traceparent: 00-0000000000000000000bf87b588dc7b5-dbbdda7fe220bd27-01
etag: "6298f2c0-6b41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ 26 KB
26 KB 250ms
63ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55BD) /

Resource Hash

9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 30774d0c69a93
dc: ccg11-origin-www-1.paypal.com
content-length: 26700
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
server: ECAcc (lac/55BD)
traceparent: 00-000000000000000000030774d0c69a93-e65a10a3499f5192-01
etag: "6298f2c0-684c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 PayPalOpen-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 441ms
254ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Medium.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559C) /

Resource Hash

8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 7793b34d77fec
dc: ccg11-origin-www-1.paypal.com
content-length: 27633
last-modified: Thu, 11 Jan 2024 20:08:22 GMT
server: ECAcc (lac/559C)
traceparent: 00-00000000000000000007793b34d77fec-88a8c1fabfc7f0b2-01
etag: "65a04ab6-6bf1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 main-6a2213ba.css
www.paypalobjects.com/globalnav/css/ 293 KB
24 KB 380ms
193ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/globalnav/css/main-6a2213ba.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AB) /

Resource Hash

6a2213ba290552bf813bf8437dcb0f715e2bc31823e5141503774b5ca98fc842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 94a76234a4f10
dc: ccg11-origin-www-1.paypal.com
content-length: 23939
last-modified: Fri, 19 Jul 2024 08:19:53 GMT
server: ECAcc (lac/55AB)
traceparent: 00-000000000000000000094a76234a4f10-2962a4167c309482-01
etag: W/"669a21a9-495a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 main-485dc408.js Show response
www.paypalobjects.com/globalnav/js/ 56 KB
20 KB 442ms
255ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/globalnav/js/main-485dc408.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5596) /

Resource Hash

32239234176573ccfd6b8a7796b08ad77425557afbf243b3e75bc19d721f0f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: cc8d5958e0db3
dc: ccg11-origin-www-1.paypal.com
content-length: 19886
last-modified: Fri, 19 Jul 2024 08:19:53 GMT
server: ECAcc (lac/5596)
traceparent: 00-0000000000000000000cc8d5958e0db3-82d9bc2918afd1d1-01
etag: W/"669a21a9-dfdb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 homepage-component-hero-size-all.jpg
www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/hero/treatment/ 107 KB
107 KB 253ms
67ms Image
image/webp 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/hero/treatment/homepage-component-hero-size-all.jpg?quality=75&width=900&format=webp

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AB) /

Resource Hash

2fdd60fffba664a43fd7c0629a4599ce935e076d697e01744025761d91962b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-edgeio-status: OK
x-cache: HIT
paypal-debug-id: 3870d7187d89d
dc: ccg11-origin-www-1.paypal.com
content-length: 109336
last-modified: Wed, 22 May 2024 06:42:01 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (lac/55AB)
traceparent: 00-00000000000000000003870d7187d89d-6c820377a70ca78c-01
etag: "664d93b9-f3137"
content-type: image/webp
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 qr-final-CTA-size=all.svg
www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/ 201 KB
40 KB 126ms
125ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/qr-final-CTA-size=all.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/558C) /

Resource Hash

fb83a72ab7d0374139eeea4cb8c98628cc7052d6e0138fd8c2682b3365846c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 263e505049ed5
dc: ccg11-origin-www-1.paypal.com
content-length: 40964
last-modified: Fri, 01 Mar 2024 10:26:12 GMT
server: ECAcc (lac/558C)
traceparent: 00-0000000000000000000263e505049ed5-d813874c04a0244a-01
etag: W/"65e1ad44-32452"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 IntroCards-b9daddd3.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 2 KB
713 B 69ms
64ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/IntroCards-b9daddd3.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5588) /

Resource Hash

b9daddd3a8dff34ceee8a8b5a8c931e269d4a6d6d7ab0c1882f3fe022ccd5b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 7eb5c8fb21ea1
dc: ccg11-origin-www-1.paypal.com
content-length: 589
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/5588)
traceparent: 00-00000000000000000007eb5c8fb21ea1-d44ff511e8e50cfa-01
etag: "669af1a1-849+gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 Chapter2Brands-94c955fd.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 12 KB
2 KB 67ms
62ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/Chapter2Brands-94c955fd.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559E) /

Resource Hash

94c955fd9a735c5938a8fcd90f1bb5d5c59ea80636515984b16b548ae47f728a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 28872a95c1944
dc: ccg11-origin-www-1.paypal.com
content-length: 1691
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/559E)
traceparent: 00-000000000000000000028872a95c1944-6ba314b28dd11680-01
etag: "669af1a1-2e0a+gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 CtaSection-be7c8d2c.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 6 KB
1 KB 70ms
66ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/CtaSection-be7c8d2c.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5585) /

Resource Hash

be7c8d2c493c6af3f9665a8479bc12a56adc9f1e81a3a78738f870b1d5b8e7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 2adae1d315063
dc: ccg11-origin-www-1.paypal.com
content-length: 1190
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/5585)
traceparent: 00-00000000000000000002adae1d315063-f94ade5aabdda16c-01
etag: "669af1a1-1665+gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 CtaStacked-158f3e46.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 3 KB
931 B 71ms
67ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/CtaStacked-158f3e46.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55A9) /

Resource Hash

158f3e461fa08014253b764efbe0eea3de917af3bcbd2d80c4a0785da6d4ac89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 8b8d0af6b323b
dc: ccg11-origin-www-1.paypal.com
content-length: 812
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/55A9)
traceparent: 00-00000000000000000008b8d0af6b323b-14c54151531aae32-01
etag: "669af1a1-afc"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 DiscoverySection-92f50508.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 2 KB
943 B 72ms
68ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/DiscoverySection-92f50508.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5593) /

Resource Hash

92f5050836b952b4cf91c31f0690254d57ec7c48fd4d142c0acbb79e688babb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 0c542ca75f882
dc: ccg11-origin-www-1.paypal.com
content-length: 819
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/5593)
traceparent: 00-00000000000000000000c542ca75f882-3c44c198b37c9259-01
etag: "669af1a1-942+gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 Disclosure-f446eee9.css
www.paypalobjects.com/quantum-leap-component-kit/component-chunks/ 1 KB
515 B 70ms
67ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/quantum-leap-component-kit/component-chunks/Disclosure-f446eee9.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55B5) /

Resource Hash

f446eee97b161ea0660fa57e1641bf389768ca067862baa7ce431490cca8f8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: ba5b2a3f2f62b
dc: ccg11-origin-www-1.paypal.com
content-length: 384
last-modified: Fri, 19 Jul 2024 23:07:13 GMT
server: ECAcc (lac/55B5)
traceparent: 00-0000000000000000000ba5b2a3f2f62b-172f4d705d709b5f-01
etag: "669af1a1-46c+gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 ncs.js Show response
www.paypalobjects.com/ncs/ 15 KB
4 KB 73ms
70ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/ncs.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CA) /

Resource Hash

4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e49181b331517
dc: ccg11-origin-www-1.paypal.com
content-length: 3913
last-modified: Tue, 19 Mar 2024 19:04:12 GMT
server: ECAcc (lac/55CA)
traceparent: 00-0000000000000000000e49181b331517-51c9f980c2941b51-01
etag: W/"65f9e1ac-3a48"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/256620cba707a37c/ 11 KB
7 KB 217ms
214ms Script
text/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/256620cba707a37c/recaptchav3.js?_sessionID=KnAi8G_y7EDj84fdb0dh3lgigk43WNMO

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fb1abd8a4a4d1721bdf3ab5ab0e13419081b1b637e4ac3bcabb01624d5ff376

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-g9bqib/a6FiOF3CAGDLiBjElJTV/axutUc+CV5+U/jZlfXDt' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-g9bqib/a6FiOF3CAGDLiBjElJTV/axutUc+CV5+U/jZlfXDt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f1374498be68c
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f1374498be68c-790949573031e352-01
x-timer: S1723258682.350986,VS0,VE151
etag: W/"2bd0-4LQjjD+Ut6l/mtZpahLba2ATWXU"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 1 KB
889 B 107ms
106ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/globalnav/css/main-6a2213ba.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55A1) /

Resource Hash

f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/globalnav/css/main-6a2213ba.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 6935ce3411a4d
dc: ccg11-origin-www-1.paypal.com
content-length: 548
last-modified: Wed, 15 Jun 2022 22:33:20 GMT
server: ECAcc (lac/55A1)
traceparent: 00-00000000000000000006935ce3411a4d-025cd18f427174ab-01
etag: W/"62aa5e30-436"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
DATA 200
OK truncated
/ 485 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ae43ce889e681571d03d344efe658dd4ae957c10a186541aa5c59af478b92de

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 paypal-monotone.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 3 KB
1 KB 94ms
93ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-monotone.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/globalnav/css/main-6a2213ba.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AE) /

Resource Hash

5df8cf8c3a9b57515e16feefcfc8773a2c51d408e2f6e824f48a89146f5b177e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/globalnav/css/main-6a2213ba.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 76984eec4e1c4
dc: ccg11-origin-www-1.paypal.com
content-length: 1242
last-modified: Fri, 04 Nov 2022 00:14:11 GMT
server: ECAcc (lac/55AE)
traceparent: 00-000000000000000000076984eec4e1c4-c7fa34b13df6cbe4-01
etag: W/"63645953-b6a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 mapping.js Show response
www.paypalobjects.com/ncs/paypal/ 283 B
298 B 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ncs/paypal/mapping.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/558F) /

Resource Hash

9c986b81d2fb17a9948c52596451d20d7b110dc1d05d26713b000400ac12c868

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 8dfcca7764022
dc: ccg11-origin-www-1.paypal.com
content-length: 154
last-modified: Fri, 03 Feb 2023 20:39:09 GMT
server: ECAcc (lac/558F)
traceparent: 00-00000000000000000008dfcca7764022-0b60c7d6049d4e7a-01
etag: W/"63dd70ed-11b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 getBanner Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 21 KB
8 KB 246ms
246ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=paypal&tenantData={}

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

769acac101db1b973601ed0240fe342f3e448dd88edc079f5bf3a16e4fe06171

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0A8IeOKYt6OTCmk2Q0W7MSk1Rz2amMMaPUmKrxMxY3RucvrP' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: */*
Referer: https://www.paypal.com/us/home
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0A8IeOKYt6OTCmk2Q0W7MSk1Rz2amMMaPUmKrxMxY3RucvrP' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f13744909eb29
server-timing: "traceparent;desc="00-0000000000000000000f13744909eb29-c80a85aadd02ee68-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f13744909eb29-800f1636443e6d9c-01
x-timer: S1723258682.497615,VS0,VE181
etag: W/"5591-8urHzAxlYBgBpsvTkVbTo06+Vyw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 146ms
145ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-d6BxyYujh+bAjF6959MdIWxhdvA4Q8O6r8bP2v6eASRh/n6+' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-d6BxyYujh+bAjF6959MdIWxhdvA4Q8O6r8bP2v6eASRh/n6+' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050b3205f
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050b3205f-1f841f6017288c31-01
x-timer: S1723258683.514456,VS0,VE82
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET HomepageHeroRebrand-fa051a6f.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1023 B 276ms
274ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-f78ES7sUhGxL7WBJF0MJo+u0DPxVSIWEjOX/PeuGuwc7Du6n' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-f78ES7sUhGxL7WBJF0MJo+u0DPxVSIWEjOX/PeuGuwc7Du6n' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050770cc4
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200080-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050770cc4-ea75dfe7e500b3bf-01
x-timer: S1723258683.556991,VS0,VE170
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET HeroHomepageStack-b02437f0-3a81dfbb.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 225ms
223ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-HggLVh04kKAl/BsEa4UBcj7aH3dM3Q01xgtI5+hhDINracUH' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-HggLVh04kKAl/BsEa4UBcj7aH3dM3Q01xgtI5+hhDINracUH' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f5390507d0ba1
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200170-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5390507d0ba1-9be70e99d17377be-01
x-timer: S1723258683.572711,VS0,VE104
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET use-animate-232c147f.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 281ms
278ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-yy559ADAxkKfI7zkeXn+p8SnbTVNAt7Y0Cuz4uwaN1FzzHtG' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-yy559ADAxkKfI7zkeXn+p8SnbTVNAt7Y0Cuz4uwaN1FzzHtG' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050788214
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200082-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050788214-239e76a297d36488-01
x-timer: S1723258683.572942,VS0,VE161
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET use-unmount-effect-0f54ae96.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 276ms
273ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-xS64Sl4vKdReDsCIAgD5Ca0SZkTCDRndBvcMqzJJDGVWK4SS' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-xS64Sl4vKdReDsCIAgD5Ca0SZkTCDRndBvcMqzJJDGVWK4SS' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050da03a3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200109-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050da03a3-f58128bf95b8e733-01
x-timer: S1723258683.573538,VS0,VE156
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET StickyQRBadge-dd0857a7.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 217ms
215ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-WSIob+UhPpBFXXRJ2AgRfd2LT9zYfaP49/zJlRbhYkogUWvJ' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-WSIob+UhPpBFXXRJ2AgRfd2LT9zYfaP49/zJlRbhYkogUWvJ' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050b1230b
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050b1230b-53a0cd8114284060-01
x-timer: S1723258683.573486,VS0,VE97
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET ClosingCta.utils-a167880b-b8dcf05f.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

GET
H2 200 CardCarousel-b07d0ccb.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 2 KB
991 B 62ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/CardCarousel-b07d0ccb.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AE) /

Resource Hash

516fd6db906667159da88b57e174ba664b7e1c07b69d2ba9dfc22ca4cd2318e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 52e5a7f9785be
dc: ccg11-origin-www-1.paypal.com
content-length: 864
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55AE)
traceparent: 00-000000000000000000052e5a7f9785be-45fd09befa68d029-01
etag: "66b6a275-7ab+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 282ms
279ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-VtPIonIWv/tw9LDtQveqC73orynumkmfRLvARwnjtzIc2uiw' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-VtPIonIWv/tw9LDtQveqC73orynumkmfRLvARwnjtzIc2uiw' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f5390505b6505
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200146-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5390505b6505-6cbb9336e27ccddc-01
x-timer: S1723258683.574861,VS0,VE162
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET CtaMediaAnimation-bb5ec69d.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 228ms
226ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-UJEz+x+3i/VD78L4BzsRg+/XAuYq+psQnExHy1GVndoAI5m5' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-UJEz+x+3i/VD78L4BzsRg+/XAuYq+psQnExHy1GVndoAI5m5' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050549dba
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050549dba-416a4d7ea23319f8-01
x-timer: S1723258683.574983,VS0,VE106
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET use-scroll-e301fd42.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
1 KB 230ms
227ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-V2Dl8rPssPFEM6eF/CCefV7eX4kh74G7vJPFHMKwmdFEcmEI' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-V2Dl8rPssPFEM6eF/CCefV7eX4kh74G7vJPFHMKwmdFEcmEI' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050e4147c
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200168-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050e4147c-d17c3503f1383e02-01
x-timer: S1723258683.576813,VS0,VE108
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET use-spring-f0f901ff.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

GET
H2 200 HomepageHeroRebrand-fa051a6f.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 6 KB
2 KB 62ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55DD) /

Resource Hash

f6414dcdf7b5fbae8304d0d368fc94d3e2f7e6cb1c9534d161ff899ecaf853e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 79789c096b49d
dc: ccg11-origin-www-1.paypal.com
content-length: 1916
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55DD)
traceparent: 00-000000000000000000079789c096b49d-f3f17f5ca2e571dc-01
etag: "66b6a275-1986+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 StickyQRBadge-dd0857a7.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 9 KB
4 KB 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/StickyQRBadge-dd0857a7.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AA) /

Resource Hash

e1b11193c1ee0feaf8da4ad7a126fa11cfe3871961626affeabd43ab5a8b9144

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e1a0f5267fdf9
dc: ccg11-origin-www-1.paypal.com
content-length: 3529
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55AA)
traceparent: 00-0000000000000000000e1a0f5267fdf9-ca66461e5202881b-01
etag: "66b6a275-2406+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 CtaMediaAnimation-bb5ec69d.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 9 KB
3 KB 66ms
66ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/CtaMediaAnimation-bb5ec69d.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55DE) /

Resource Hash

5f90e553b5b7e27060cf9492d25923bccc0ba381c2d85192f882bfd346f2167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 956403c2fc17e
dc: ccg11-origin-www-1.paypal.com
content-length: 3087
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55DE)
traceparent: 00-0000000000000000000956403c2fc17e-efe1d9fafec43219-01
etag: "66b6a275-230d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 231ms
227ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-K0PAV7136TdDXiikcaX8LnhO56GJDOPE5I0tmGJ530JTDALJ' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-K0PAV7136TdDXiikcaX8LnhO56GJDOPE5I0tmGJ530JTDALJ' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f53905010fa5e
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200024-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f53905010fa5e-1ca2315f34d8de5b-01
x-timer: S1723258683.580110,VS0,VE116
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET Cta-5b3ab0b1.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

POST
H2 200 csp
www.paypal.com/csplog/api/log/ 2 B
2 KB 203ms
200ms Other
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/csplog/api/log/csp

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-MgnUCtxALjhNSTGbQ2BtlYF35pmbKw2K9UzkLrZIc0PJyZgq' 'self' https://.paypal.com https://.paypalobjects.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src https://.paypal.com https://.paypalobjects.com; object-src 'none'; font-src 'self' https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-MgnUCtxALjhNSTGbQ2BtlYF35pmbKw2K9UzkLrZIc0PJyZgq' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: br
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f539050e52abd
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050e52abd-60bf84cac427863f-01
x-timer: S1723258683.575385,VS0,VE94
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0, 0

GET CtaStacked-d6a62480.js
cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ 0
0

GET
H2 200 DiscoveryLinkType-17b3d618.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 3 KB
1 KB 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/DiscoveryLinkType-17b3d618.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55B8) /

Resource Hash

1de38e12c6d6e7aa7607dd14c254f6788179dd82aa4d8f151d42a38ec41d61b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 44c239a70868b
dc: ccg11-origin-www-1.paypal.com
content-length: 1344
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55B8)
traceparent: 00-000000000000000000044c239a70868b-f6b4636c94e2236f-01
etag: "66b6a275-bb9+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 Cta-5b3ab0b1.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 8 KB
3 KB 64ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/Cta-5b3ab0b1.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55B5) /

Resource Hash

e7bfade06ce597256c0a4f198c1510e54f5e56bf5ef0f9e50b178d8e0fc27119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4d9e1d545d5b6
dc: ccg11-origin-www-1.paypal.com
content-length: 2432
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55B5)
traceparent: 00-00000000000000000004d9e1d545d5b6-bd72b677fbeb9e9e-01
etag: "66b6a275-1ef8+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 CtaStacked-d6a62480.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 3 KB
2 KB 63ms
63ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/CtaStacked-d6a62480.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55C4) /

Resource Hash

cbbc739777e2814a6bc2c046cc018c6e3a5ff473a63bbecb24244e2813b97648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 68fae07c5ef10
dc: ccg11-origin-www-1.paypal.com
content-length: 1551
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55C4)
traceparent: 00-000000000000000000068fae07c5ef10-0b4a974d73999d0c-01
etag: "66b6a275-d1e+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 68 KB
25 KB 63ms
63ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CE) /

Resource Hash

06d26b40ac30d4f467f2dd70e5f81547210f8bd465c9648b26cd7af3ae9b55f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 568f0473129e0
dc: ccg11-origin-www-1.paypal.com
content-length: 25683
last-modified: Thu, 08 Aug 2024 18:33:35 GMT
server: ECAcc (lac/55CE)
traceparent: 00-0000000000000000000568f0473129e0-ea030d9f206f6182-01
etag: W/"66b50f7f-111a7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 grcenterprise_v3.html Show response
www.paypal.com/auth/recaptcha/ Frame 8853 5 KB
2 KB 141ms
140ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/256620cba707a37c/recaptchav3.js?_sessionID=KnAi8G_y7EDj84fdb0dh3lgigk43WNMO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 02:58:02 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"15c2-190dff62180"
last-modified: Tue, 23 Jul 2024 14:19:28 GMT
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f5390506911c8
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f5390506911c8-7303ef7336f2c014-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
x-timer: S1723258683.576530,VS0,VE75

GET
H2 200 HeroHomepageStack-b02437f0-3a81dfbb.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 7 KB
3 KB 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/HeroHomepageStack-b02437f0-3a81dfbb.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AB) /

Resource Hash

f4614945ecd1b0985f5acdee3e7fa129c545c7c2750f668242f0abc577e4875f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 49727a3087d8e
dc: ccg11-origin-www-1.paypal.com
content-length: 2650
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55AB)
traceparent: 00-000000000000000000049727a3087d8e-7fea233320d35091-01
etag: "66b6a275-1d11+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 use-animate-232c147f.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 5 KB
2 KB 63ms
63ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/use-animate-232c147f.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559E) /

Resource Hash

740ac93a356950accf8e5d505d120082076e3ecf9d6e2a9cc7061879837ae007

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 135d7bee12afa
dc: ccg11-origin-www-1.paypal.com
content-length: 2396
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/559E)
traceparent: 00-0000000000000000000135d7bee12afa-32681decc6f51528-01
etag: "66b6a275-1399+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 use-unmount-effect-0f54ae96.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 104 B
315 B 64ms
63ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/use-unmount-effect-0f54ae96.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55CD) /

Resource Hash

26373312744eff01e2b0930dadcc733514e207c56c0002d5659a99071ee58ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4a5e326a8422b
dc: ccg11-origin-www-1.paypal.com
content-length: 118
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55CD)
traceparent: 00-00000000000000000004a5e326a8422b-a3c675b049dc4766-01
etag: "66b6a275-68+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 ClosingCta.utils-a167880b-b8dcf05f.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 396 B
459 B 62ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ClosingCta.utils-a167880b-b8dcf05f.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55BC) /

Resource Hash

73201b71a01be1b0a36e543a1783d4e66bba57f93d5c2e2aa3259c15298ff1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/StickyQRBadge-dd0857a7.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e9fd636c49559
dc: ccg11-origin-www-1.paypal.com
content-length: 211
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55BC)
traceparent: 00-0000000000000000000e9fd636c49559-60f9b3abcf3f120b-01
etag: "66b6a275-18c+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 use-scroll-e301fd42.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 6 KB
3 KB 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/use-scroll-e301fd42.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5595) /

Resource Hash

fe824747a3ee9e974a3d76bc1aa8f46e019951cf5944111dc73ae3dfb14e70f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/CtaMediaAnimation-bb5ec69d.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 519e5c5a75a2f
dc: ccg11-origin-www-1.paypal.com
content-length: 2648
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/5595)
traceparent: 00-0000000000000000000519e5c5a75a2f-b823ebc1c8929a4b-01
etag: "66b6a275-1882+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 use-spring-f0f901ff.js Show response
www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/ 617 B
661 B 63ms
62ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/use-spring-f0f901ff.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55A1) /

Resource Hash

733cc960240a1ef7261e49857d86f6d5772c1700e525eea783b52b60756aa9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/CtaMediaAnimation-bb5ec69d.js
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1fbc19aed1765
dc: ccg11-origin-www-1.paypal.com
content-length: 423
last-modified: Fri, 09 Aug 2024 23:12:53 GMT
server: ECAcc (lac/55A1)
traceparent: 00-00000000000000000001fbc19aed1765-95b77d12ede03c44-01
etag: "66b6a275-269+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/paypal/ 316 KB
34 KB 62ms
61ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55C5) /

Resource Hash

855d90e8a12c04c3fb0f4d138ea9f5f1f5baa4c4416f8a1a21b50294f4854b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 0eefeb0517937
dc: ccg11-origin-www-1.paypal.com
content-length: 35079
last-modified: Thu, 08 Aug 2024 18:33:35 GMT
server: ECAcc (lac/55C5)
traceparent: 00-00000000000000000000eefeb0517937-b506e253ee740b13-01
etag: W/"66b50f7f-4ef18"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 alloy.min.js Show response
www.paypalobjects.com/pa/mi/3p/adobe/ 115 KB
37 KB 65ms
65ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/adobe/alloy.min.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/559B) /

Resource Hash

f88f9de203906d85fc61509ee6966b9a57f9e67d92bc228fe62a1c351a381aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 4dbbc6f82660f
dc: ccg11-origin-www-1.paypal.com
content-length: 37268
last-modified: Thu, 08 Aug 2024 18:33:35 GMT
server: ECAcc (lac/559B)
traceparent: 00-00000000000000000004dbbc6f82660f-78cbc6eb7c76d343-01
etag: "66b50f7f-1cdcf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
706 B 119ms
100ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.22&t=1723258682744&g=600&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome%3A%3A%3A&calc=f137449d40940&rsta=en_US&ccpg=us&comp=ppcmsnodeweb&xe=109335%2C109396%2C104366&xt=144780%2C148472%2C122925&lgin=out&lgcook=0&server=origin&pageurl=%2Fhome&fcp=3604.700&fcp_attr=%7B%22timeToFirstByte%22%3A%223008.900%22%2C%22firstByteToFCP%22%3A%22595.800%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%223604.700%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22poor%22%7D&e=cwv

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55A1) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 3dea95f723da6
server: ECAcc (lac/55A1)
traceparent: 00-00000000000000000003dea95f723da6-a0b45723e9d58f07-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 3dea95f723da6
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
server-timing: traceparent;desc="00-00000000000000000003dea95f723da6-590fbee533d3185d-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 10 Aug 2024 02:58:02 GMT

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
1 KB 225ms
225ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:personal:homepage:home:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/home

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ma858BMPunUjc1zzO83ScZpWww1iCj/YrMTYJ35SzLikrfha' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/us/home
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ma858BMPunUjc1zzO83ScZpWww1iCj/YrMTYJ35SzLikrfha' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f539050263c94
server-timing: "traceparent;desc="00-0000000000000000000f539050263c94-0631b2dd6a38bbb1-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f539050263c94-6dc070b620a4decc-01
x-timer: S1723258683.785172,VS0,VE164
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
513 B 117ms
106ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.22&t=1723258682753&g=600&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1723258681633&calc=f137449d40940&nsid=Ktu4ZMBEotI3XHZPGNevFji9KXvQV-vP&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=435de400c10d4a4db1f559963160e509&comp=ppcmsnodeweb&tsrce=ppcmsnodeweb&cu=0&ef_policy=ccpa&xe=110041%2C109128%2C105410%2C105409%2C104759%2C109059%2C104406%2C104407&xt=148500%2C143659%2C123956%2C123954%2C120842%2C143369%2C119037%2C119038&pp_ref_id=61cc9c9f-2a74-46da-a903-46becb188519&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_homepage&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=ppcom&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&api_name=cookieBanner&displaypage=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&userstate=CA&usercountry=US&stateaccuracy=30&countryaccuracy=80&loggedin=false&event_name=cookie_banner_shown&product=consentNodeServ&e=ac

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55A3) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: e6b12d067f7c4
server: ECAcc (lac/55A3)
traceparent: 00-0000000000000000000e6b12d067f7c4-5a2f98cc75954aac-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: e6b12d067f7c4
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
server-timing: traceparent;desc="00-0000000000000000000e6b12d067f7c4-85d5f7de084f555d-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 10 Aug 2024 02:58:02 GMT

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 8853 2 KB
1 KB 516ms
138ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6abc84548f035b7e81466748e7ef880c73d9d9d2ee2589bd48a8606a35398d82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 10 Aug 2024 02:58:03 GMT

GET
H2 200 pp32.png
www.paypalobjects.com/webstatic/icon/ 4 KB
4 KB 63ms
63ms Other
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/icon/pp32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5588) /

Resource Hash

9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 2be28aadfc47d
dc: ccg11-origin-www-1.paypal.com
content-length: 3972
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (lac/5588)
traceparent: 00-00000000000000000002be28aadfc47d-b804c9b5a238bedb-01
etag: "53611ccb-f84"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 favicon.ico
www.paypalobjects.com/webstatic/icon/ 5 KB
2 KB 62ms
62ms Other
image/x-icon 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/icon/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55BD) /

Resource Hash

1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 02:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 88fb0ddb8e899
dc: ccg11-origin-www-1.paypal.com
content-length: 1403
last-modified: Thu, 01 May 2014 21:26:45 GMT
server: ECAcc (lac/55BD)
traceparent: 00-000000000000000000088fb0ddb8e899-6caa8532d42075dd-01
etag: W/"5362bc15-1536"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/x-icon
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 10 Aug 2024 03:58:02 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
589 B 104ms
103ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.22&t=1723258683155&g=600&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome%3A%3A%3A&pgst=1723258681633&calc=f137449d40940&nsid=Ktu4ZMBEotI3XHZPGNevFji9KXvQV-vP&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=435de400c10d4a4db1f559963160e509&comp=ppcmsnodeweb&tsrce=ppcmsnodeweb&cu=0&ef_policy=ccpa&xe=109335%2C109396%2C104366&xt=144780%2C148472%2C122925&pp_ref_id=61cc9c9f-2a74-46da-a903-46becb188519&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_homepage&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=ppcom&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A4092%2C%22tcp%22%3A3605%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=Digital%20Wallets%2C%20Money%20Management%2C%20and%20More%20%7C%20PayPal%20US&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=371&t3=16&t4d=0&t4=0&t4e=2&tt=4040&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=118

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5585) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 02:58:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: d46ba1fe3e9c1
server: ECAcc (lac/5585)
traceparent: 00-0000000000000000000d46ba1fe3e9c1-b915b435e52c86a8-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d46ba1fe3e9c1
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
server-timing: traceparent;desc="00-0000000000000000000d46ba1fe3e9c1-5f59e03fdec890e2-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 10 Aug 2024 02:58:03 GMT

POST
H2 200 interact Show response
i.paypal.com/ee/v1/ 370 B
917 B 382ms
128ms Fetch
application/json 63.140.39.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.paypal.com/ee/v1/interact?configId=8a1e7181-ae23-40e2-985e-7eb68997dd65&requestId=c7739c84-d4d4-4d81-9111-7f35d58c236c

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.22 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-22.data.adobedc.net

Software

jag /

Resource Hash

5d68d205a5831b3e5c81213175e36232c7337e0dc11e611192323e4a452ef1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 10 Aug 2024 02:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: VA6;7
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: c7739c84-d4d4-4d81-9111-7f35d58c236c

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/ Frame 8853 533 KB
211 KB 369ms
123ms Script
text/javascript 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0579319097e8c725b3a3dcc597ec62fad86a379ea3c8c41c290deb379d3e6ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 14:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215162
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 00:43:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 14:16:01 GMT

GET
H2 200 anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 73D0 0
0 515ms
152ms Document
text/html 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=_ZpyzC9NQw3gYt1GHTrnprhx&size=invisible&cb=ko2j4z6dv33s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CnWdroBFvNfOLwwKwlfa2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CnWdroBFvNfOLwwKwlfa2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Aug 2024 02:58:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
560 B 94ms
93ms Image
image/gif 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.8.22&t=1723258684210&g=600&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome%3A%3A%3A&pgst=1723258681633&calc=f137449d40940&nsid=Ktu4ZMBEotI3XHZPGNevFji9KXvQV-vP&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=435de400c10d4a4db1f559963160e509&comp=ppcmsnodeweb&tsrce=ppcmsnodeweb&cu=0&ef_policy=ccpa&xe=109335%2C109396%2C104366&xt=144780%2C148472%2C122925&pp_ref_id=61cc9c9f-2a74-46da-a903-46becb188519&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_homepage&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=ppcom&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=102&t3=2&tt=105&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A105%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/55AA) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/us/home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 02:58:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 49673ce066c9d
server: ECAcc (lac/55AA)
traceparent: 00-000000000000000000049673ce066c9d-b2a4d933f15768b4-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 49673ce066c9d
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
server-timing: traceparent;desc="00-000000000000000000049673ce066c9d-b8b8fa5a6901d295-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 10 Aug 2024 02:58:04 GMT

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
2 KB 179ms
179ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:homepage:home:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/home

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qIbPzdAV+VHxAktD5KI8Jsdji7m8Mz5vAjeEelxHur5oDGgx' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/us/home
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qIbPzdAV+VHxAktD5KI8Jsdji7m8Mz5vAjeEelxHur5oDGgx' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 10 Aug 2024 02:58:05 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f2279363a9b63
server-timing: "traceparent;desc="00-0000000000000000000f2279363a9b63-cd0374286ee3fa62-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200090-BUR, cache-bur-kbur8200090-BUR
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f2279363a9b63-1638cf26a9a9148f-01
x-timer: S1723258686.786062,VS0,VE117
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST verifygrcenterprise
www.paypal.com/auth/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/HeroHomepageStack-b02437f0-3a81dfbb.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-animate-232c147f.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-unmount-effect-0f54ae96.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/StickyQRBadge-dd0857a7.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ClosingCta.utils-a167880b-b8dcf05f.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/CtaMediaAnimation-bb5ec69d.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-scroll-e301fd42.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-spring-f0f901ff.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/Cta-5b3ab0b1.js

Domain: cdn-latest.static.engineering.dev.paypalinc.com
URL: https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/CtaStacked-d6a62480.js

Domain: www.paypal.com
URL: https://www.paypal.com/auth/verifygrcenterprise

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-21 03:00:10	Name: _GRECAPTCHA Value: 09ABJXHI_kZSpoPXYs2XPKypcXO5r0D57PSp6XNDFIYWMQNUYW7NZoCKfbtL_oLX0Z1yBm5zi8_4p7JbEo7T4g1ws
.paypal.com/	1970-01-21 07:26:34	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-20 22:41:30	Name: LANG Value: en_US%3BUS
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AKnAi8G_y7EDj84fdb0dh3lgigk43WNMO.Svq8o7tcqTdUXN9KA%2Bz9vw7bHPO%2BvaVDdT472eikdE8
.paypal.com/	1970-01-21 08:16:58	Name: ts_c Value: vr%3D3a38b8dc1910a79858725c89ff3918f6%26vt%3D3a38b8dc1910a79858725c89ff3918f5
.paypal.com/	1970-01-21 07:26:34	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/	1970-01-20 22:41:00	Name: l7_az Value: dcg01.phx
.paypal.com/	1970-01-20 22:45:17	Name: tsrce Value: privacynodeweb
.paypal.com/	1970-01-21 08:09:46	Name: kndctr_5CE4123F5245B06C0A490D45_AdobeOrg_identity Value: CiYzNjI4MDQwNjIyMjM4NTgxMTgwNTI3MjI1NjgxNzY3NTU4NDQ3OVIQCOCA49GTMhgBKgNWQTYwAvAB4IDj0ZMy
.paypal.com/	1970-01-20 22:41:00	Name: kndctr_5CE4123F5245B06C0A490D45_AdobeOrg_cluster Value: va6
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTcyMzI1ODY4NTg3NyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 08:16:58	Name: ts Value: vreXpYrS%3D1817866685%26vteXpYrS%3D1723260485%26vr%3D3a38b8dc1910a79858725c89ff3918f6%26vt%3D3a38b8dc1910a79858725c89ff3918f5%26vtyp%3Dnew

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/HomepageHeroRebrand-fa051a6f.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/HeroHomepageStack-b02437f0-3a81dfbb.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-animate-232c147f.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-unmount-effect-0f54ae96.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/StickyQRBadge-dd0857a7.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/ClosingCta.utils-a167880b-b8dcf05f.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/CtaMediaAnimation-bb5ec69d.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-scroll-e301fd42.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/use-spring-f0f901ff.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/Cta-5b3ab0b1.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.paypalobjects.com/ppcmsnodeweb/kit/spotlight/spotlight-9d37c972.js(Line 39) Message: Refused to load the script 'https://cdn-latest.static.engineering.dev.paypalinc.com/ppcmsnodeweb/kit/spotlight/CtaStacked-d6a62480.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	warning	URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.paypal-mktg.com https://.qualtrics.com; script-src 'nonce-eB7zE8uttaGSvnB/qQ6mR8w0010wof1ooMimwFFWq8RJ5WOV' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://.qualtrics.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-latest.static.engineering.dev.paypalinc.com
i.paypal.com
kfosterconsultingfirm.com
login-faxfiles.com
paypal.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
cdn-latest.static.engineering.dev.paypalinc.com
www.paypal.com
151.101.1.21
151.101.65.21
172.67.131.42
192.185.154.250
192.229.210.155
2607:f8b0:4004:c09::5e
2607:f8b0:400d:c07::5e
63.140.39.22
0579319097e8c725b3a3dcc597ec62fad86a379ea3c8c41c290deb379d3e6ee0
06d26b40ac30d4f467f2dd70e5f81547210f8bd465c9648b26cd7af3ae9b55f6
0ae43ce889e681571d03d344efe658dd4ae957c10a186541aa5c59af478b92de
158f3e461fa08014253b764efbe0eea3de917af3bcbd2d80c4a0785da6d4ac89
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1ca19886efd7333d95efc6c1c364d20f86f0036466a033e049a19000450af9dc
1de38e12c6d6e7aa7607dd14c254f6788179dd82aa4d8f151d42a38ec41d61b8
26373312744eff01e2b0930dadcc733514e207c56c0002d5659a99071ee58ebd
2fdd60fffba664a43fd7c0629a4599ce935e076d697e01744025761d91962b9c
32239234176573ccfd6b8a7796b08ad77425557afbf243b3e75bc19d721f0f97
4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9
516fd6db906667159da88b57e174ba664b7e1c07b69d2ba9dfc22ca4cd2318e3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
5d68d205a5831b3e5c81213175e36232c7337e0dc11e611192323e4a452ef1e2
5df8cf8c3a9b57515e16feefcfc8773a2c51d408e2f6e824f48a89146f5b177e
5f90e553b5b7e27060cf9492d25923bccc0ba381c2d85192f882bfd346f2167b
69c3e0a4eb6e3d01ed48926f4f5787f9f5842396acd5248e6bd3df867fb0c28e
6a2213ba290552bf813bf8437dcb0f715e2bc31823e5141503774b5ca98fc842
6abc84548f035b7e81466748e7ef880c73d9d9d2ee2589bd48a8606a35398d82
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72e1302ad83a5cb02992a96c4bba2de291a7d407cd4f08d3f0ba6f33e63bbf75
73201b71a01be1b0a36e543a1783d4e66bba57f93d5c2e2aa3259c15298ff1fa
733cc960240a1ef7261e49857d86f6d5772c1700e525eea783b52b60756aa9e8
740ac93a356950accf8e5d505d120082076e3ecf9d6e2a9cc7061879837ae007
76096ea67c92f3dd58b1d751dbd95f34b60c02956030d713158190c577c5a948
769acac101db1b973601ed0240fe342f3e448dd88edc079f5bf3a16e4fe06171
855d90e8a12c04c3fb0f4d138ea9f5f1f5baa4c4416f8a1a21b50294f4854b22
8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b
8fb1abd8a4a4d1721bdf3ab5ab0e13419081b1b637e4ac3bcabb01624d5ff376
92f5050836b952b4cf91c31f0690254d57ec7c48fd4d142c0acbb79e688babb4
94c955fd9a735c5938a8fcd90f1bb5d5c59ea80636515984b16b548ae47f728a
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9c986b81d2fb17a9948c52596451d20d7b110dc1d05d26713b000400ac12c868
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
b9daddd3a8dff34ceee8a8b5a8c931e269d4a6d6d7ab0c1882f3fe022ccd5b4a
be7c8d2c493c6af3f9665a8479bc12a56adc9f1e81a3a78738f870b1d5b8e7bb
cbbc739777e2814a6bc2c046cc018c6e3a5ff473a63bbecb24244e2813b97648
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
e1b11193c1ee0feaf8da4ad7a126fa11cfe3871961626affeabd43ab5a8b9144
e7bfade06ce597256c0a4f198c1510e54f5e56bf5ef0f9e50b178d8e0fc27119
f446eee97b161ea0660fa57e1641bf389768ca067862baa7ce431490cca8f8e7
f4614945ecd1b0985f5acdee3e7fa129c545c7c2750f668242f0abc577e4875f
f6414dcdf7b5fbae8304d0d368fc94d3e2f7e6cb1c9534d161ff899ecaf853e7
f88f9de203906d85fc61509ee6966b9a57f9e67d92bc228fe62a1c351a381aad
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
fb83a72ab7d0374139eeea4cb8c98628cc7052d6e0138fd8c2682b3365846c3e
fe824747a3ee9e974a3d76bc1aa8f46e019951cf5944111dc73ae3dfb14e70f1

www.paypal.com Open in urlscan Pro 151.101.1.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

84 %HTTPS

25 %IPv6

7 Domains

10 Subdomains

6 IPs

1 Countries

935 kBTransfer

2848 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

84 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

6
IPs

1
Countries

935 kB
Transfer

2848 kB
Size

12
Cookies

76 HTTP transactions
1 data transactions