www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classic...
Submission: On December 22 via api (December 22nd 2024, 12:18:50 pm UTC) from TR — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 3 domains to perform 60 HTTP transactions. The main IP is 151.101.65.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3003.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
3	18.245.46.78 18.245.46.78	16509 (AMAZON-02) (AMAZON-02)
23	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 1	151.101.67.1 151.101.67.1	54113 (FASTLY) (FASTLY)
4	2600:1901:0:c... 2600:1901:0:c072::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.147.177.40 34.147.177.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
2	151.101.3.1 151.101.3.1	54113 (FASTLY) (FASTLY)
60	8

25 151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.46.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-78.fra56.r.cloudfront.net

ddbm2.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.67.1 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.147.177.40 (London, United Kingdom) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lhr.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.3.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 3003 ddbm2.paypal.com — Cisco Umbrella Rank: 18922 c.paypal.com — Cisco Umbrella Rank: 8145 b.stats.paypal.com — Cisco Umbrella Rank: 6750 lhr.stats.paypal.com — Cisco Umbrella Rank: 46343 c6.paypal.com — Cisco Umbrella Rank: 9713 t.paypal.com — Cisco Umbrella Rank: 3701	154 KB
24	paypalobjects.com 1 redirects www.paypalobjects.com — Cisco Umbrella Rank: 2811 paypalobjects.com — Cisco Umbrella Rank: 2786	461 KB
4	browser-intake-us5-datadoghq.com browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6900	620 B
60	3

	Domain	Requested by
23	www.paypalobjects.com	www.paypal.com www.paypalobjects.com c.paypal.com
18	www.paypal.com	www.paypalobjects.com
7	c.paypal.com	www.paypalobjects.com
4	browser-intake-us5-datadoghq.com	www.paypalobjects.com
3	ddbm2.paypal.com	www.paypal.com www.paypalobjects.com
2	t.paypal.com
1	c6.paypal.com
1	lhr.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	paypalobjects.com	1 redirects
60	10

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
ddbm.paypal.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-02`	a year	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-07-02`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2025-06-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
Frame ID: 2C309E7E3DDF271CC9ACAD5E6CC1D189
Requests: 53 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 897DB13159E7B2293681AA13C4B59C22
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw
Frame ID: 3AFF14EF42F59E5F896E3A2C04D2EE01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loggen Sie sich bei PayPal ein

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

60
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

10
Subdomains

8
IPs

2
Countries

615 kB
Transfer

1912 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js HTTP 301
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

Request Chain 43

https://b.stats.paypal.com/v1/counter.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw HTTP 302
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.paypal.com/signin/ 31 KB
12 KB 346ms
252ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

325fabffa6599f2d02917d22d003d69cc3ea1e3c6d52ee49155ec6d8b5b96589

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ADx2viMs+ltlEIiEDK4AwRK90UtCs2f3UKdkwnftqDsuYEPi' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ADx2viMs+ltlEIiEDK4AwRK90UtCs2f3UKdkwnftqDsuYEPi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sun, 22 Dec 2024 12:18:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"78be-Fe/B+wjrD6jWPFR5awaJZb2HElI"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f377453b74fbe
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f377453b74fbe-8243cbf6b62ecc83-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-timer: S1734869925.046423,VS0,VE244
x-xss-protection: 1; mode=block

GET
H2 200 tags.js Show response
ddbm2.paypal.com/ 176 KB
35 KB 42ms
6ms Script
text/javascript 18.245.46.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/tags.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

content-encoding: br
x-amz-version-id: iPQh.0jv4_GwoRqiOqbFu_kzpGqA0_Di
etag: W/"1dc8e31226cdaf246fe01ee48923829c"
age: 3232
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -3cBF0U_c1dXWvkcvyUfCjFY1Z4T7rKlyHKxmZXRh7uK9PQ6ANR8Aw==
date: Sun, 22 Dec 2024 11:24:54 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Wed, 18 Dec 2024 16:41:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
7 KB 46ms
13ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CED) /

Resource Hash

d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 6729ed606f4b1
content-encoding: br
etag: "6697f682-5a55+gzip+br"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000006729ed606f4b1-2548558857f0ae38-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 6901
server: ECAcc (frc/4CED)

GET
H2 200 contextualLoginElementalUIv5.css
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/ 199 KB
28 KB 42ms
9ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C84) /

Resource Hash

d76074479732d6fcabc94dae4a25c30178d7114eac23a3d3a305a103e22e889f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 233e9c16ee235
content-encoding: br
etag: W/"6737ef0b-31dc0"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 22 Dec 2025 12:18:45 GMT
traceparent: 00-0000000000000000000233e9c16ee235-b71aeb8ef17807f3-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: text/css
last-modified: Sat, 16 Nov 2024 01:02:03 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27843
server: ECAcc (frc/4C84)

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/ 4 KB
2 KB 42ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/modernizr-2.6.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C97) /

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 03c808c5966a2
content-encoding: br
etag: W/"6737ef18-edf"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 22 Dec 2025 12:18:45 GMT
traceparent: 00-000000000000000000003c808c5966a2-74300e3f4248e9f9-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:16 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1635
server: ECAcc (frc/4C97)

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 44ms
11ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAF) /

Resource Hash

4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4abf1c601a2fd
etag: "60271b47-8bc"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000004abf1c601a2fd-22ae4ce310be28ce-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: image/png
last-modified: Sat, 13 Feb 2021 00:20:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 2236
server: ECAcc (frc/4CAF)

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 6 KB
6 KB 44ms
11ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA8) /

Resource Hash

13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 7e4aca33794e3
etag: "54130c54-16c4"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000007e4aca33794e3-0f9a8994d0e013d4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: image/png
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 5828
server: ECAcc (frc/4CA8)

GET
H2

200

index.js Show response
www.paypalobjects.com/ae/0.16.0/atomic-events-dom/
Redirect Chain

https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

26 KB
8 KB

8ms
8ms

Script
application/javascript

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

Requested by

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB5) /

Resource Hash

7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: fb2a04a454d2b
content-encoding: br
etag: W/"67044f43-695c"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-0000000000000000000fb2a04a454d2b-a660fb78cc22e862-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 21:14:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
content-length: 8207
server: ECAcc (frc/4CB5)

Redirect headers

strict-transport-security: max-age=300
cache-control: max-age=86400
retry-after: 0
location: https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
x-timer: S1734869925.401029,VS0,VE3
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 0
date: Sun, 22 Dec 2024 12:18:45 GMT
x-served-by: cache-fra-eddf8230058-FRA
server: Varnish
x-cache-hits: 0

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/rdaAssets/fraudnet/sync/ 6 KB
3 KB 7ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/rdaAssets/fraudnet/sync/fn-sync-telemetry-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C90) /

Resource Hash

cae0af2e9035626ebcc82aedffe6939e8de145879607cc94c5f1ea379f94a12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: c74e6f52a4c00
content-encoding: br
etag: W/"67230a66-19a5"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-0000000000000000000c74e6f52a4c00-ec3362cad9e3f58c-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 04:41:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2546
server: ECAcc (frc/4C90)

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/ 255 KB
51 KB 13ms
12ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/signin-split.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

b24fa2b87e3d9cd751cbca83023fe4213d616d5051695fc9b529aba4e0f10ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 7b4a3121b3f72
content-encoding: br
etag: W/"6737ef17-3fa7b"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 22 Dec 2025 12:18:45 GMT
traceparent: 00-00000000000000000007b4a3121b3f72-84d1631375c0fa07-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:15 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51697
server: ECAcc (frc/4CD5)

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 69 KB
24 KB 8ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFA) /

Resource Hash

c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 3455e2975a9fc
content-encoding: br
etag: "67652fe1-11212"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000003455e2975a9fc-ac4eec685ca89190-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 08:50:41 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24676
server: ECAcc (frc/4CFA)

GET
H2 200 datadog-rum.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/ 159 KB
50 KB 15ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/datadog-rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C96) /

Resource Hash

ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 819c91bfcb42f
content-encoding: br
etag: W/"6737ef18-27b83"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Mon, 22 Dec 2025 12:18:45 GMT
traceparent: 00-0000000000000000000819c91bfcb42f-d909e2c7f1b75714-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:16 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51008
server: ECAcc (frc/4C96)

GET
H2 200 grcenterprise_v3_static.js Show response
www.paypalobjects.com/webcaptcha/ 6 KB
2 KB 10ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8F) /

Resource Hash

75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 09d846e0181a0
content-encoding: br
etag: W/"65f1e42c-180e"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-000000000000000000009d846e0181a0-03b7f9ee2b5df5e3-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 17:36:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 1820
server: ECAcc (frc/4C8F)

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 709 B
586 B 10ms
9ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF9) /

Resource Hash

8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: 94461365fb7cf
content-encoding: br
etag: "66d9ab63-2c5+gzip+br"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-000000000000000000094461365fb7cf-1bf39fc9bc7ff5e6-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Sep 2024 13:00:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 422
server: ECAcc (frc/4CF9)

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 53ms
15ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D9) /

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: f87f96c165350
etag: "6298f2c0-6b41"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-0000000000000000000f87f96c165350-2a39d6083eb2155c-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/font-woff2
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27457
server: ECAcc (ama/48D9)

GET
H2 200 PayPalOpen-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 55ms
17ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A6) /

Resource Hash

8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: 4c69efffb995d
etag: "65a04ab6-6bf1"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000004c69efffb995d-5f2e2b76c3932c5e-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/font-woff2
last-modified: Thu, 11 Jan 2024 20:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27633
server: ECAcc (ama/48A6)

GET
H2 200 mktgtagmanager.js Show response
www.paypalobjects.com/martech/tm/paypal/ 16 KB
7 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48BA) /

Resource Hash

efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 358cc53ac6483
content-encoding: br
etag: "67042d91-3eb4+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-0000000000000000000358cc53ac6483-a197a55bf45df924-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:50:57 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 6604
server: ECAcc (ama/48BA)

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/paypal/ 15 KB
4 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48A7) /

Resource Hash

a988b87ab698928f0f5962f63b782eb8cac80531839aea8c94249178ed91bc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 616c4d1055937
content-encoding: br
etag: "67652fe1-3b1a"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-0000000000000000000616c4d1055937-c96ec14042560ce4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 08:50:41 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4143
server: ECAcc (ama/48A7)

GET
H2 200 grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame 897D 0
0 47ms
12ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48EE) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 2084
content-type: text/html
date: Sun, 22 Dec 2024 12:18:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6633898b-19bd+gzip+br"
expires: Sun, 22 Dec 2024 13:18:45 GMT
last-modified: Thu, 02 May 2024 12:39:39 GMT
paypal-debug-id: ad908e8d795de
server: ECAcc (ama/48EE)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ad908e8d795de-f24794bcd434966d-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET 35fc1f04-f4df-4012-b9fd-e4ef4b6358c5
https://www.paypal.com/ Frame 0
0

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
340 B 211ms
185ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=91310de6-5e69-4ff5-a85a-29a0f4d3cd3a&batch_time=1734869925457

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ea9b1e90f1dd827f3550fa6a1b84340186c3aba93f4512bd4f777206b43e08f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json
dd-request-id: 91310de6-5e69-4ff5-a85a-29a0f4d3cd3a

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.137/ 203 KB
58 KB 15ms
15ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.137/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4890) /

Resource Hash

228ad520746dbdfa971029c803290f5d6e036effbfabe764050d131b046aedf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 7e97fa4cd40fd
content-encoding: br
etag: "67652fe1-32c98"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000007e97fa4cd40fd-d2ca49793035e768-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 08:50:41 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59714
server: ECAcc (ama/4890)

GET
H2 200 mktconf.js Show response
www.paypalobjects.com/martech/tm/paypal/ 327 KB
28 KB 17ms
17ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D8) /

Resource Hash

05ba6c472dea44514ecd74dfd0b70557707de09cbde0e88e456183a718c703e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 3e5fb7fb7f466
content-encoding: br
etag: "67653dd7-51c43"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000003e5fb7fb7f466-2bb1bfb76497db01-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 09:50:15 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28333
server: ECAcc (ama/48D8)

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.137/ 7 KB
3 KB 14ms
14ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.137/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4882) /

Resource Hash

f19efd70ed948ca16f507bd7f1b74bd9c6ff2022586cf62611c16ed9493758b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 6a22f42f538cf
content-encoding: br
etag: W/"67652fe1-1c7b"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-00000000000000000006a22f42f538cf-65eaddcc9e58c412-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 08:50:41 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2722
server: ECAcc (ama/4882)

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 243ms
243ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84a44aadb9cb9b3d44ae0b94e8418204998a110664b7c2acb45eec6cedf75f80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-lq/O3R4XRnLsBhcKjphJ9B6HmobNtt4rp1kQpJhE6Qoe3q7/' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350e8574a
content-encoding: gzip
etag: W/"7fb-c432eoheYKKL4tWgjHLmWk8dS3w"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350e8574a-eaf57ba486d65186-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-lq/O3R4XRnLsBhcKjphJ9B6HmobNtt4rp1kQpJhE6Qoe3q7/' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.518663,VS0,VE235
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 212ms
211ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2dc8813d77e8d02e152479b295ff3c879c2374f15091cd5736a132cbf3242ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b89520WCKt+I9DiTbtJPKIK3Hg13RYJ287Gw9uoIJsTPhLd5' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350b6c173
content-encoding: gzip
etag: W/"826-vHnVM72HQu5F34JPv2M/MppJkgk"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350b6c173-b321de5950defe67-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b89520WCKt+I9DiTbtJPKIK3Hg13RYJ287Gw9uoIJsTPhLd5' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.519467,VS0,VE203
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 fb_fp.js Show response
c.paypal.com/da/r/ 69 KB
24 KB 21ms
9ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb_fp.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/signin-split.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

154f00ee27d38857eddc2ce0bb9b8fce80743ffa96b1be02de2e4dec4d21a058

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

access-control-max-age: 86400
paypal-debug-id: 5691d6c1965d0
content-encoding: gzip
etag: W/"673387c8-113d7"
age: 2283957
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-00000000000000000005691d6c1965d0-708f4f04f74d8f9f-01
expires: Mon, 23 Dec 2024 12:18:45 GMT
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, MISS, HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 16:52:24 GMT
x-served-by: cache-sjc10060-SJC, cache-fra-etou8220073-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 4, 0, 68239
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=86400
timing-allow-origin: *
x-timer: S1734869926.530882,VS0,VE2
access-control-allow-credentials: false
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23536

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 206ms
206ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

786feaf630782e9c1db346af9bf0ddabf7ba722d9e9a9e7c0e71c80eaff9ecac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-P3ppEuZghvrclWu6Yxab4fuSl9mk6ZxqLE+kzB6oO6HhYrkV' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350af32f7
content-encoding: gzip
etag: W/"776-DBNaEvNIIYsgkvYzlY7zVuZAAxY"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350af32f7-ad9adf08c8475334-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-P3ppEuZghvrclWu6Yxab4fuSl9mk6ZxqLE+kzB6oO6HhYrkV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.521010,VS0,VE198
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 273ms
273ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

678c8e91bf4165b2ffcc3407b8c3e019df8e0b41470771e6cb886bf647a0ef2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-hPe48Xh/VBI1nBuNXiAagt/z0M9B51WRiSl1brzRP4yuRWPz' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f8473500c5d8d
content-encoding: gzip
etag: W/"79b-1LPi0KLdG9pBfL8xbTsSwV9ER3E"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f8473500c5d8d-aa7bebe6d242e42a-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-hPe48Xh/VBI1nBuNXiAagt/z0M9B51WRiSl1brzRP4yuRWPz' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.524361,VS0,VE261
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 264ms
264ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a879c6e42f6bc1b793aaa1714dbf84c0f476e543b4817b068aa5ffb7aa02f0db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-K06e2frkCIk5L592RqGfYVzbL5xMNNN5Rz9yxaFEjKT6b2Y+' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350861786
content-encoding: gzip
etag: W/"7cf-V/cpPMyFnUpR0HgUpwLgz8wltxI"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350861786-99f552316313fc98-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-K06e2frkCIk5L592RqGfYVzbL5xMNNN5Rz9yxaFEjKT6b2Y+' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.524288,VS0,VE253
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 243ms
242ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

238549fd451c07f6c261e40b98478ca23a84028dff31ecd3f83649ecdb43af30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-VdOA41DZ75YDjuOUXlDFbbwlq4aC7MWxM+EYGTPgS6GJ45WY' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f8473503c3155
content-encoding: gzip
etag: W/"7e3-BQEjsNEqxDui3mBuK32ny2CtFEo"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f8473503c3155-0d2c089fc4fa2afc-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-VdOA41DZ75YDjuOUXlDFbbwlq4aC7MWxM+EYGTPgS6GJ45WY' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.525560,VS0,VE230
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 287ms
285ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07473a0a566da005e765eb778e9ca6f47b5c5c00d89fd9878b26c0f396a902f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-oQCQQGNyg4vG70sIk3NxCsYKaGq8GdD67jqdN7SUllCpoKoQ' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f8473500938b2
content-encoding: gzip
etag: W/"82a-koCbyoEJP4UU94kztzxSU8pVNaY"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f8473500938b2-b42a60f8ea92a8fd-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-oQCQQGNyg4vG70sIk3NxCsYKaGq8GdD67jqdN7SUllCpoKoQ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.525546,VS0,VE276
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 219ms
218ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f97d111422530de5945b1ce0f14759b57593318242d98a1709f28c1ec8570bf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-cQ8eV5dNWENRz63aQJw0Ie2kMR+RuOkBtQ1hBoGs7naPfIdA' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350adbd7d
content-encoding: gzip
etag: W/"7fd-HiaLpMrEGJIthfZUQMP3lpdJEXM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350adbd7d-658d5eb2074a9234-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-cQ8eV5dNWENRz63aQJw0Ie2kMR+RuOkBtQ1hBoGs7naPfIdA' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.525505,VS0,VE207
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 291ms
288ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a01822db1a9d53dbaf126f318ec3efe591cb62755fc4f93e952a552f0d2c065

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-8wjeMaLpF3FyajbOxLYec+Rws1ZHSNW4mVZSaKPRyEEuTqtQ' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f84735028a671
content-encoding: gzip
etag: W/"7c4-04lXhCwQbm9PEU+K1Zt4zPBnkXM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f84735028a671-e147396dcd67be24-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-8wjeMaLpF3FyajbOxLYec+Rws1ZHSNW4mVZSaKPRyEEuTqtQ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.526442,VS0,VE278
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 cookie-banner Show response
www.paypal.com/signin/ 20 KB
8 KB 267ms
267ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/cookie-banner?cookieBannerVariant=hidden&

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db366f45cbaa6c7e09e9974464b395afa4de3bb24057951d86649f7800ad559c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-CiN7V7Tgxne5xLAjVdHWspDat8Rgbr4wb5LVYytFl/v2m1rw' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json

Response headers

paypal-debug-id: f84735020a259
content-encoding: gzip
etag: W/"4e7b-j5T/Mt/Np56OIUS0kPR994N16g0"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f84735020a259-a16f63e05934f12f-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-CiN7V7Tgxne5xLAjVdHWspDat8Rgbr4wb5LVYytFl/v2m1rw' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.525561,VS0,VE255
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 65 KB
16 KB 801ms
799ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

878ee902a2e558d34044725ee642ddbca0fa76c0d253eb96529d5230b26276b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dn1OH84pEYxEDoaXIQUym71z8/5vu6F5MPqrciyYat7c5WDP' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350e18853
content-encoding: gzip
etag: W/"10519-/d+KO1slYhcJB9DdNAN+ZSOmEvc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350e18853-a2255cfaa22121d5-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dn1OH84pEYxEDoaXIQUym71z8/5vu6F5MPqrciyYat7c5WDP' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.526363,VS0,VE790
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 264ms
263ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f6d7474dc30893171964053b862763fff5c8e7c823b91d69c3e8f39507fc6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Hetfdq+2wjSCBQo7zntLIZD0N9BMB7lrHGTGK8HEsoYssAku' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350e5833f
content-encoding: gzip
etag: W/"776-Ni54LAuWHLKbo9G5nkdtmniDBrI"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350e5833f-9e5f8cc1df5faa32-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Hetfdq+2wjSCBQo7zntLIZD0N9BMB7lrHGTGK8HEsoYssAku' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.526460,VS0,VE254
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 211ms
210ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60fcf20b457a585ba22dd44d8f9f398c46f3a98638b16906ef89fef858b72c38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Lu91Q1tCxkKfAY2iLrXYv/8sid/ge5GRFF9GV789HN7Trb0t' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f847350f07ad3
content-encoding: gzip
etag: W/"7a3-VB4TyqmbhnsslwZM4quYg5s/isg"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350f07ad3-5b6a7b798ddf458c-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Lu91Q1tCxkKfAY2iLrXYv/8sid/ge5GRFF9GV789HN7Trb0t' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.530376,VS0,VE200
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 pp_favicon_x.ico
www.paypalobjects.com/en_US/i/icon/ 5 KB
2 KB 9ms
9ms Other
image/x-icon 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC7) /

Resource Hash

1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 24d3439d2f8c5
content-encoding: br
etag: W/"5d5637bd-1536"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-000000000000000000024d3439d2f8c5-1240c8c31ae4cbf8-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 1471
server: ECAcc (frc/4CC7)

OPTIONS
H2 200 p1
c.paypal.com/v1/r/d/b/ Frame 0
0 176ms
161ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 8b5bc5fe17ec1
date: Sun, 22 Dec 2024 12:18:45 GMT
paypal-debug-id: 8b5bc5fe17ec1
server-timing: "traceparent;desc="00-00000000000000000008b5bc5fe17ec1-a5254d3062b9d934-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000008b5bc5fe17ec1-de0339a6b677afb7-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230133-FRA

OPTIONS
H2 200 p2
c.paypal.com/v1/r/d/b/ Frame 0
0 199ms
191ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 07321c6f8eb6e
date: Sun, 22 Dec 2024 12:18:45 GMT
paypal-debug-id: 07321c6f8eb6e
server-timing: "traceparent;desc="00-000000000000000000007321c6f8eb6e-c0fccdce35d039d8-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000007321c6f8eb6e-939f3fa9730c511c-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230133-FRA

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ 334 B
2 KB 199ms
196ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0fe53f17e8d7a383dff3e3bb39415b60956516c6bc103b86436e7641c01ff31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 9413d0efd2997
correlation-id: 9413d0efd2997
traceparent: 00-00000000000000000009413d0efd2997-0cc6431a7ac7e711-01
server-timing: "traceparent;desc="00-00000000000000000009413d0efd2997-3027d80a3576f621-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230121-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 334

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ 125 B
751 B 198ms
197ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15980a27f31345a18e0ca73d73314947b2ab8f7bbd65af3b8087b1a59f4ebd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 94785e37e0155
correlation-id: 94785e37e0155
traceparent: 00-000000000000000000094785e37e0155-e079b92c0c9c9640-01
server-timing: "traceparent;desc="00-000000000000000000094785e37e0155-2d8469746273673a-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230121-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 125

GET
H2 200 dfp.js Show response
www.paypalobjects.com/rdaAssets/fraudnet/ext/ 39 KB
14 KB 8ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/rdaAssets/fraudnet/ext/dfp.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb_fp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 82166d000933d
content-encoding: br
etag: W/"66843061-9bf0"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:45 GMT
traceparent: 00-000000000000000000082166d000933d-37d2d7a64e4c7c27-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/javascript
last-modified: Tue, 02 Jul 2024 16:52:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 13650
server: ECAcc (frc/4CBC)

GET
H/1.1

200
OK

counter2.cgi
lhr.stats.paypal.com/v1/ Frame 3AFF
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw

42 B
299 B

74ms
24ms

Image
image/jpeg

34.147.177.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw
Protocol: HTTP/1.1
Server: 34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.177.147.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

Content-Length: 42
Date: Sun, 22 Dec 2024 12:18:45 GMT
Content-Type: image/jpeg
Connection: close
Server: PayPal-B.Stats/1.0

Redirect headers

Location: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD03ODlmZWY1Njc3ODM0YjY4YjFmNDA4MTVjZmI4NDhhMiZpPTQ1LjE0MS4xNTIuNzYmdD0xNzM0ODY5OTI1LjImYT0yMSZzPVVOSUZJRURfTE9HSU7vFmY8ha1sHxvAqscpnKFwP45TSw
Content-Length: 0
Date: Sun, 22 Dec 2024 12:18:45 GMT
Content-Type: application/octet-stream
Connection: close
Server: PayPal-B.Stats/1.0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
467 B 234ms
198ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=789fef5677834b68b1f40815cfb848a2&s=UNIFIED_LOGIN_INPUT_EMAIL_TRMT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: ecb1c76d0e50c
access-control-expose-headers: Server-Timing
correlation-id: ecb1c76d0e50c
traceparent: 00-0000000000000000000ecb1c76d0e50c-7ab10fae41b15a4c-01
server-timing: "traceparent;desc="00-0000000000000000000ecb1c76d0e50c-e4891b7c07b6eb75-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
date: Sun, 22 Dec 2024 12:18:45 GMT
x-served-by: cache-fra-eddf8230075-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
x-timer: S1734869926.608290,VS0,VE190
via: 1.1 varnish
accept-ranges: bytes
content-length: 0

POST
H2 204 pa Show response
c.paypal.com/v1/r/d/b/ 0
367 B 218ms
217ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/pa

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 837b0942530cf
correlation-id: 837b0942530cf
traceparent: 00-0000000000000000000837b0942530cf-23b7c40019a7a74e-01
server-timing: "traceparent;desc="00-0000000000000000000837b0942530cf-b4e50fee7ebd83ea-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
date: Sun, 22 Dec 2024 12:18:46 GMT
x-served-by: cache-fra-eddf8230121-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com

OPTIONS
H2 200 pa
c.paypal.com/v1/r/d/b/ Frame 0
0 157ms
157ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/pa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 5e45271ff9a53
date: Sun, 22 Dec 2024 12:18:45 GMT
paypal-debug-id: 5e45271ff9a53
server-timing: "traceparent;desc="00-00000000000000000005e45271ff9a53-83cfefec0507f40a-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000005e45271ff9a53-ed4706d985465e5f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230133-FRA

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 264ms
263ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin/

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4kxVD9FPMXyNX6M0ZgPB3Fy7V4Wk092kGXWqWE+8Ky0DgEhf' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f8473501049d0
content-encoding: br
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f8473501049d0-c9477631452d6340-01
server-timing: "traceparent;desc="00-0000000000000000000f8473501049d0-4818e647446f9067-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4kxVD9FPMXyNX6M0ZgPB3Fy7V4Wk092kGXWqWE+8Ky0DgEhf' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.792573,VS0,VE252
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
902 B 204ms
167ms Image
image/gif 151.101.3.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.5&t=1734869925790&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1734869925164&calc=f377453b74fbe&nsid=Gn9kv2BsNcRyR9u8zE9o0i1S2TFh5KGE&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=789fef5677834b68b1f40815cfb848a2&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C109679%2C109059%2C104405%2C104407&xt=123956%2C123954%2C146708%2C143369%2C120151%2C119038&transition_name=ss_prepare_email&cookie_disabled_request=true&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Ftransfer%2FpayRequest%2FU-4AB4304029905523J%2FU-16346949GF582804N&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&product=cookieBanner&e=ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f48e5afeb298f
correlation-id: f48e5afeb298f
expires: Sun, 22 Dec 2024 12:18:45 GMT
traceparent: 00-0000000000000000000f48e5afeb298f-54dfdf9e52a30584-01
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-0000000000000000000f48e5afeb298f-27f93c2e7824d196-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230105-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1734869926.831007,VS0,VE159
via: 1.1 varnish
accept-ranges: bytes

OPTIONS
H2 200 /
ddbm2.paypal.com/js/ Frame 0
0 21ms
8ms Preflight 18.245.46.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-78.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Sun, 22 Dec 2024 12:18:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
x-amz-cf-id: g8HtoJTs2fNm7V0Zr-A1UKB5PuV_Z68nsy0H0-fm2ize6YX3WmpXMA==
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
x-content-type-options: nosniff

POST
H2 200 / Show response
ddbm2.paypal.com/js/ 230 B
639 B 12ms
10ms XHR
application/json 18.245.46.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-78.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

1e9e147298c509c4912ce5881ba487d9e1db57bcce5beff677e67f72de335475

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 230
x-amz-cf-id: IlZ8PqzcNig8hrzt0ZFvdEoQjFrJNBX11bw1NKs9mLZZU810GQT_JQ==
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P9
server: DataDome

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
3 KB 297ms
296ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-uA1zmoP+RYezDaHZd1j7tWnfjAeR6GvKusao8zfcqJ9fvGrI' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f8473503b7fcd
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f8473503b7fcd-17ade6109fbcec52-01
server-timing: "traceparent;desc="00-0000000000000000000f8473503b7fcd-0b58c17a1a43cac8-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:46 GMT
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-uA1zmoP+RYezDaHZd1j7tWnfjAeR6GvKusao8zfcqJ9fvGrI' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.987337,VS0,VE288
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
138 B 133ms
130ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=1d85bf12-2d2c-4fb6-86fc-52da979b121a&batch_time=1734869925998

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

b01f38293f695ec405a8cbe7d6552f1ddf6c79addda28b8f14ece3b2781b1d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sun, 22 Dec 2024 12:18:45 GMT
content-type: application/json
dd-request-id: 1d85bf12-2d2c-4fb6-86fc-52da979b121a

GET
H2 200 ts
t.paypal.com/ 42 B
607 B 200ms
200ms Image
image/gif 151.101.3.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.5&t=1734869926021&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1734869925164&calc=f377453b74fbe&nsid=Gn9kv2BsNcRyR9u8zE9o0i1S2TFh5KGE&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=789fef5677834b68b1f40815cfb848a2&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C109195%2C102028%2C105999%2C100885%2C109334%2C109334%2C101270%2C102557%2C102557%2C101408%2C101408%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C110648%2C101688%2C101821%2C101820%2C102208%2C105543%2C105544%2C105416%2C105416%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C110442%2C108653%2C108652%2C100846%2C109040%2C101875%2C109047%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101216%2C103648%2C104200%2C109195%2C108076%2C109047&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C144027%2C107258%2C127242%2C102543%2C144768%2C144768%2C106407%2C109630%2C109630%2C104576%2C104576%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C152289%2C105645%2C106327%2C106324%2C108106%2C124626%2C124629%2C125100%2C125100%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C105858%2C150775%2C141151%2C141149%2C102359%2C143321%2C106610%2C143343%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103864%2C114559%2C127485%2C144027%2C138090%2C143343&transition_name=ss_prepare_email&cookie_disabled_request=true&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Ftransfer%2FpayRequest%2FU-4AB4304029905523J%2FU-16346949GF582804N&e=im&imsrc=setup&view=%7B%22t10%22%3A94%2C%22t11%22%3A646%2C%22tcp%22%3A428%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A74%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=94&t1c=94&t1d=10&t1s=77&t2=251&t3=4&t4d=0&t4=0&t4e=3&tt=574&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&t12=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 119640bf9b6a3
correlation-id: 119640bf9b6a3
expires: Sun, 22 Dec 2024 12:18:46 GMT
traceparent: 00-0000000000000000000119640bf9b6a3-154f46d69c818257-01
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-0000000000000000000119640bf9b6a3-2b8687764c5a74db-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230105-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1734869926.024184,VS0,VE192
via: 1.1 varnish
accept-ranges: bytes

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 39 B
2 KB 179ms
177ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5bc234121be8273fdcde84f500b74e150fba3ee1c8695212e5accbcb1456992

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://.paypalobjects.com https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TeaLeaf-Page-Url: /signin/
X-PageId: P.GLTDFV28KLQJQTNA9MUZSD6SFUYR
X-TealeafType: GUI
Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.4.137c
X-Tealeaf-SaaS-AppKey: 76938917d7504ff7a962174c021690bd
X-Tealeaf-SyncXHR: false
X-Tealeaf-SaaS-TLTSID: 31765152327554957267258472550155
X-Tealeaf-TLTDID: 83703162285879481287280736001617
X-Requested-With: fetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Tealeaf-MessageTypes: 1,2,5,7,12,14
Content-Type: application/json

Response headers

paypal-debug-id: f847350fd13d8
content-encoding: br
etag: W/"27-5L2t9YsJH0SmRcsA60fk0OnzIzU"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f847350fd13d8-6f62b0a7519e8a5b-01
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869926.044192,VS0,VE165
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-xss-protection: 1; mode=block

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 7ms
7ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF1) /

Resource Hash

21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: ca1c7ef240600
etag: "60271d86-1ae61"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 13:18:46 GMT
traceparent: 00-0000000000000000000ca1c7ef240600-c8b6ff8d8fcc6475-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: image/png
last-modified: Sat, 13 Feb 2021 00:29:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 110177
server: ECAcc (frc/4CF1)

POST
H3 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
71 B 171ms
167ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=cd209a1f-b340-484b-ad39-a245f67597ad&batch_time=1734869926446

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

df6c61e5d4e04da1a3a8b809ea985e60a8619bd84ccc8071b9e17e02eb878d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: application/json
dd-request-id: cd209a1f-b340-484b-ad39-a245f67597ad

POST
H3 202 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
71 B 171ms
165ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=743b30c1-f996-4dc6-9200-1545ced01a0e

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

bdad4cc837ef42aab25da3363eafc174d5813228e34a8e65d2c883e1df4bb416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNcjIcWsyGTJvQTgg
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sun, 22 Dec 2024 12:18:46 GMT
content-type: application/json
dd-request-id: 743b30c1-f996-4dc6-9200-1545ced01a0e

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 237ms
237ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin/

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ly8/Ij1Zeqqnkt9j4xZmiW/nSLnDu1i2TqS7f+D/7ia39b2m' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f6057600f3559
content-encoding: br
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f6057600f3559-626d6224e59c5bbc-01
server-timing: "traceparent;desc="00-0000000000000000000f6057600f3559-1e35666ee5baada9-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Sun, 22 Dec 2024 12:18:49 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA, cache-fra-eddf8230121-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ly8/Ij1Zeqqnkt9j4xZmiW/nSLnDu1i2TqS7f+D/7ia39b2m' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734869929.793587,VS0,VE228
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: blob:https://www.paypal.com/35fc1f04-f4df-4012-b9fd-e4ef4b6358c5

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-21 06:13:41	Name: _GRECAPTCHA Value: 09AJNbFndBRWBwKP9ITebHt3r4nx5WTbV7fZJCYGIBhO7JijDCiGydqOYR_7aPJIWo-_JqwGkj2Oan-IPAnyB7rPY
.paypal.com/	1970-01-21 10:40:05	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-21 11:30:29	Name: cookie_check Value: yes
.paypal.com/	1970-01-21 11:30:29	Name: d_id Value: 789fef5677834b68b1f40815cfb848a21734869925173
.paypal.com/	1970-01-21 01:55:01	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AGn9kv2BsNcRyR9u8zE9o0i1S2TFh5KGE.N6e9DH3S16I%2Fs3e6cisoidEBw060pUWqf43SACOeOPI
.paypal.com/	1970-01-21 01:54:31	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 10:40:05	Name: ts_c Value: vr%3Dee4e3d051930aa30a85cc50df2b44d7e%26vt%3Dee4e3d051930aa30a85cc50df2b44d7d
.paypal.com/	1969-12-31 23:59:59	Name: TLTSID Value: 31765152327554957267258472550155
.paypal.com/	1970-01-21 10:40:05	Name: TLTDID Value: 83703162285879481287280736001617
.paypal.com/	1970-01-21 01:54:30	Name: rssk Value: d%7DC9%4097%3D%3B%3D%3A%3B%3B%3D%3A%3C%3Exqx%3Ez%7Dn%C2%82y%7D5f%3F19
.stats.paypal.com/	1970-01-21 11:30:29	Name: c Value: c00ccb15ce90c533f8a7
.paypal.com/	1970-01-21 10:40:05	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/	1970-01-21 02:37:41	Name: datadome Value: M64HE69hJ~1BxoSUw8UBZ6poiQCefwvsEAJeF0I4QlDyc8Dc14KmJWNDdWUj8XYkR1FD1Elns1Yn3KbupxuN1af07WDWPf9K3LZDtNAWwNO68yuK1I4PfSmfa56I5QQv
.paypal.com/	1970-01-21 11:30:29	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: JK7fJUi94lZ1unCRChhta4-h8_PP01nA3ZS-Yyu7NaCAbtDTcUXD8Kv7kr41He8GQxisgGtfizAuoxUW
.paypal.com/	1970-01-21 11:30:29	Name: ddi Value: MlrAdSZxpGt_K9mSCGEwhOZ2mvmOo86jfDrXMN1Z3YzZYV7AQLrCuA6hFJcJYy08Cp2cMIwUkgdfhL-sAxa4lFxXyuWxv11OnPv94jFhlWq3xe0M
.paypal.com/	1970-01-21 11:30:29	Name: sc_f Value: 9Puba0xpY-BKYOSGbLqVF184Gs9USNs4YyVoAC_ML1Xfiy_rqwQ-K4VXWqrMlVaCRfihZGyz9kv5w87B33kEoC0Pdo8WmEUTF23A50
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTczNDg2OTkyODkzOCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 01:58:49	Name: tsrce Value: privacynodeweb
.paypal.com/	1970-01-21 10:40:05	Name: ts Value: vreXpYrS%3D1766405928%26vteXpYrS%3D1734871728%26vr%3Dee4e3d051930aa30a85cc50df2b44d7e%26vt%3Dee4e3d051930aa30a85cc50df2b44d7d%26vtyp%3Dnew
www.paypal.com/	1970-01-21 01:54:30	Name: _dd_s Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22 Message: [GroupMarkerNotSet(crbug.com/242999)!:A040F116CC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.paypal.com/signin/?returnUri=/myaccount/transfer/payRequest/U-4AB4304029905523J/U-16346949GF582804N?classicUrl=/US/cgi-bin/?cmd=_prq&id=QZsYaa0BJcCAeEJHGYNHCnv.eSkicD9Bk4FwwQ&expId=p2p&onboardData={%22signUpRequest%22:{%22method%22:%22get%22 Message: [GroupMarkerNotSet(crbug.com/242999)!:A070F116CC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ADx2viMs+ltlEIiEDK4AwRK90UtCs2f3UKdkwnftqDsuYEPi' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
browser-intake-us5-datadoghq.com
c.paypal.com
c6.paypal.com
ddbm2.paypal.com
lhr.stats.paypal.com
paypalobjects.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
151.101.3.1
151.101.65.21
151.101.67.1
18.245.46.78
192.229.221.25
2600:1901:0:c072::
2a04:4e42:400::291
34.147.177.40
05ba6c472dea44514ecd74dfd0b70557707de09cbde0e88e456183a718c703e0
07473a0a566da005e765eb778e9ca6f47b5c5c00d89fd9878b26c0f396a902f8
0fe53f17e8d7a383dff3e3bb39415b60956516c6bc103b86436e7641c01ff31a
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
154f00ee27d38857eddc2ce0bb9b8fce80743ffa96b1be02de2e4dec4d21a058
15980a27f31345a18e0ca73d73314947b2ab8f7bbd65af3b8087b1a59f4ebd0c
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1e9e147298c509c4912ce5881ba487d9e1db57bcce5beff677e67f72de335475
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
228ad520746dbdfa971029c803290f5d6e036effbfabe764050d131b046aedf8
238549fd451c07f6c261e40b98478ca23a84028dff31ecd3f83649ecdb43af30
325fabffa6599f2d02917d22d003d69cc3ea1e3c6d52ee49155ec6d8b5b96589
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60fcf20b457a585ba22dd44d8f9f398c46f3a98638b16906ef89fef858b72c38
678c8e91bf4165b2ffcc3407b8c3e019df8e0b41470771e6cb886bf647a0ef2d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20
786feaf630782e9c1db346af9bf0ddabf7ba722d9e9a9e7c0e71c80eaff9ecac
7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7
84a44aadb9cb9b3d44ae0b94e8418204998a110664b7c2acb45eec6cedf75f80
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e
878ee902a2e558d34044725ee642ddbca0fa76c0d253eb96529d5230b26276b6
8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b
8f6d7474dc30893171964053b862763fff5c8e7c823b91d69c3e8f39507fc6b7
9a01822db1a9d53dbaf126f318ec3efe591cb62755fc4f93e952a552f0d2c065
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a879c6e42f6bc1b793aaa1714dbf84c0f476e543b4817b068aa5ffb7aa02f0db
a988b87ab698928f0f5962f63b782eb8cac80531839aea8c94249178ed91bc4e
b01f38293f695ec405a8cbe7d6552f1ddf6c79addda28b8f14ece3b2781b1d0a
b24fa2b87e3d9cd751cbca83023fe4213d616d5051695fc9b529aba4e0f10ac7
b5bc234121be8273fdcde84f500b74e150fba3ee1c8695212e5accbcb1456992
bdad4cc837ef42aab25da3363eafc174d5813228e34a8e65d2c883e1df4bb416
c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7
cae0af2e9035626ebcc82aedffe6939e8de145879607cc94c5f1ea379f94a12b
d2dc8813d77e8d02e152479b295ff3c879c2374f15091cd5736a132cbf3242ce
d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe
d76074479732d6fcabc94dae4a25c30178d7114eac23a3d3a305a103e22e889f
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
db366f45cbaa6c7e09e9974464b395afa4de3bb24057951d86649f7800ad559c
df6c61e5d4e04da1a3a8b809ea985e60a8619bd84ccc8071b9e17e02eb878d05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9b1e90f1dd827f3550fa6a1b84340186c3aba93f4512bd4f777206b43e08f5
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267
f19efd70ed948ca16f507bd7f1b74bd9c6ff2022586cf62611c16ed9493758b8
f97d111422530de5945b1ce0f14759b57593318242d98a1709f28c1ec8570bf8

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

95 %HTTPS

25 %IPv6

3 Domains

10 Subdomains

8 IPs

2 Countries

615 kBTransfer

1912 kBSize

21 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

95 %
HTTPS

25 %
IPv6

3
Domains

10
Subdomains

8
IPs

2
Countries

615 kB
Transfer

1912 kB
Size

21
Cookies

60 HTTP transactions
0 data transactions