urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
192.229.221.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://8416822.swisposelan.co/
Effective URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Submission: On August 21 via manual from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 52 HTTP transactions. The main IP is 192.229.221.25, located in United States and belongs to EDGECAST, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2799.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 9th 2022. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 62.72.3.17 5427 (PRTL-DE)
35 192.229.221.25 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
5 151.101.193.21 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 64.4.245.84 17012 (PAYPAL)
3 151.101.129.35 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
52 7
2    62.72.3.17 (Germany)

ASN5427 (PRTL-DE, US)
8416822.swisposelan.co
35    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
www.paypalobjects.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
5    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
3    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
Apex Domain
Subdomains		 Transfer
27 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2799
c.paypal.com — Cisco Umbrella Rank: 6003
b.stats.paypal.com — Cisco Umbrella Rank: 5156
dub.stats.paypal.com — Cisco Umbrella Rank: 22124
t.paypal.com — Cisco Umbrella Rank: 3559
c6.paypal.com — Cisco Umbrella Rank: 6921
127 KB
19 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2541
364 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1978
51 KB
3 gstatic.com
www.gstatic.com
387 KB
2 swisposelan.co
8416822.swisposelan.co
511 B
52 5
Domain Requested by
19 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
16 www.paypal.com www.paypal.com
www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
4 www.recaptcha.net www.paypalobjects.com
www.gstatic.com
www.recaptcha.net
3 t.paypal.com
3 www.gstatic.com www.recaptcha.net
2 8416822.swisposelan.co 2 redirects
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
52 10

This site contains links to these domains. Also see Links.

Domain
pg-sg.aliyuncs.com
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
misc.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Frame ID: D93001FDA98BAF1CE2B4EF01B55C8A60
Requests: 37 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 5F4645E41B07F15B3FC6C08856F54359
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/csplog/api/log/csp
Frame ID: 55A4C16284140186CC7FF586B8FA2B25
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 97E515600E397AA3CC4024F284DAA86F
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
Frame ID: 6708099008FD6D1ECD08F34DFCC4B0CC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Page URL History Show full URLs

  1. http://8416822.swisposelan.co/ HTTP 302
    http://8416822.swisposelan.co/6.php HTTP 302
    https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

52
Requests

98 %
HTTPS

38 %
IPv6

5
Domains

10
Subdomains

7
IPs

2
Countries

929 kB
Transfer

2472 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://8416822.swisposelan.co/ HTTP 302
    http://8416822.swisposelan.co/6.php HTTP 302
    https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request approve
www.paypal.com/agreements/
Redirect Chain
  • http://8416822.swisposelan.co/
  • http://8416822.swisposelan.co/6.php
  • https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C92) /
Resource Hash
8f973678dbf05ecfb0acf348dce4a81864013e227b86fc57b00426ed5f35bbbd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-11ycu0LZ0NVeLJN1CMhHNZPAThOSo4+byuJt1HbVKaKpU4iR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-11ycu0LZ0NVeLJN1CMhHNZPAThOSo4+byuJt1HbVKaKpU4iR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Mon, 21 Aug 2023 07:20:29 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"8391-rLApSfQ3hU6f6Am/b8FfLUhjTcY"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
094a23926a257
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4C92)
server-timing
traceparent;desc="00-0000000000000000000094a23926a257-2e09b9ed7242ac8c-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000094a23926a257-c5ceec9dfa79f819-01
vary
Accept-Encoding Accept-Encoding Accept
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 21 Aug 2023 07:20:27 GMT
Keep-Alive
timeout=5, max=99
Location
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Server
Apache/2.4.41 (Ubuntu)
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F69F) /
Resource Hash
22fe589490037c99dce86ff43c511b1b3bfe681da71961000c5d035c398e6467
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
b7a7ab08f0f5d
dc
ccg11-origin-www-1.paypal.com
content-length
6701
last-modified
Mon, 17 Jul 2023 15:50:41 GMT
server
ECAcc (ska/F69F)
traceparent
00-0000000000000000000b7a7ab08f0f5d-9d290d13b4104116-01
etag
"64b56351-597d+gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:29 GMT
contextualLoginElementalUIv2.css
www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/ 		148 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F740) /
Resource Hash
2a313ffc7fc09af0f3ee325f63f1557268360694abcf18e95c58c8a9c0f34ecf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
00f1f6bb466e6
dc
ccg11-origin-www-1.paypal.com
content-length
23438
last-modified
Thu, 17 Aug 2023 19:04:15 GMT
server
ECAcc (ska/F740)
traceparent
00-000000000000000000000f1f6bb466e6-f6ed2e72d0f23300-01
etag
W/"64de6f2f-24e28"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 20 Aug 2024 07:20:29 GMT
modernizr-2.6.1.js
www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/lib/modernizr-2.6.1.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F762) /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
0b7068c3e6fab
dc
ccg11-origin-www-1.paypal.com
content-length
1788
last-modified
Thu, 17 Aug 2023 19:04:15 GMT
server
ECAcc (ska/F762)
traceparent
00-00000000000000000000b7068c3e6fab-dbe301288a6cb9df-01
etag
W/"64de6f2f-edf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 20 Aug 2024 07:20:29 GMT
trophy.svg
www.paypalobjects.com/paypal-ui/icons/v3/svg/ 		654 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/icons/v3/svg/trophy.svg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6E5) /
Resource Hash
91e9594557335fec24462d01931c6e1917c464747f9ba00a2fe7120246312737
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
2eb843719531c
dc
ccg11-origin-www-1.paypal.com
content-length
389
last-modified
Thu, 12 May 2022 21:24:28 GMT
server
ECAcc (ska/F6E5)
traceparent
00-00000000000000000002eb843719531c-67d5e8f128e82320-01
etag
W/"627d7b0c-28e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:29 GMT
close.svg
www.paypalobjects.com/paypal-ui/icons/v3/svg/ 		289 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/icons/v3/svg/close.svg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A1) /
Resource Hash
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
868d79c23aa11
dc
ccg11-origin-www-1.paypal.com
content-length
181
last-modified
Thu, 12 May 2022 21:24:27 GMT
server
ECAcc (ska/F7A1)
traceparent
00-0000000000000000000868d79c23aa11-415a66c4493d068a-01
etag
W/"627d7b0b-121"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:29 GMT
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F762) /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
89d27e36e5acb
dc
ccg11-origin-www-1.paypal.com
content-length
2236
last-modified
Sat, 13 Feb 2021 00:20:23 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (ska/F762)
traceparent
00-000000000000000000089d27e36e5acb-636a533b4fde7647-01
etag
"60271b47-8bc"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:29 GMT
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6D2) /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
6b89ec0134ddf
dc
ccg11-origin-www-1.paypal.com
content-length
5828
last-modified
Fri, 12 Sep 2014 15:08:04 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (ska/F6D2)
traceparent
00-00000000000000000006b89ec0134ddf-c57c6b841a3cbc91-01
etag
"54130c54-16c4"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:30 GMT
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/lib/fn-sync-telemetry-min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6C6) /
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
39cc590d4bd46
dc
ccg11-origin-www-1.paypal.com
content-length
2303
last-modified
Thu, 17 Aug 2023 19:04:15 GMT
server
ECAcc (ska/F6C6)
traceparent
00-000000000000000000039cc590d4bd46-3217d03c88f5754d-01
etag
W/"64de6f2f-159e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 20 Aug 2024 07:20:29 GMT
checkout-split.js
www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/ 		227 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/checkout-split.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F794) /
Resource Hash
b5d698aff191399c286b67bdb6a08654eeebe46b051b77d95350cddb1774c263
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
b800ba403ffa2
dc
ccg11-origin-www-1.paypal.com
content-length
53038
last-modified
Thu, 17 Aug 2023 19:04:15 GMT
server
ECAcc (ska/F794)
traceparent
00-0000000000000000000b800ba403ffa2-92cd532615418183-01
etag
W/"64de6f2f-38bf4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 20 Aug 2024 07:20:29 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F77F) /
Resource Hash
43eeb207ed701b4a0f2351cba6a4de5b29af5b00c7753c8207c8cbb170664dd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
646b043b6e4d5
dc
ccg11-origin-www-1.paypal.com
content-length
21211
last-modified
Mon, 14 Aug 2023 22:08:36 GMT
server
ECAcc (ska/F77F)
traceparent
00-0000000000000000000646b043b6e4d5-9d342c56c61d0bb9-01
etag
"64daa5e4-dac7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 21 Aug 2023 08:20:29 GMT
grcenterprise_v3_static.js
www.paypalobjects.com/webcaptcha/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A2) /
Resource Hash
e973d3f8f304299a283ed574e321331b07a2a70d4ec85cb1be5876b2bcaae4f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
62e9d84b1a1d5
dc
ccg11-origin-www-1.paypal.com
content-length
4128
last-modified
Thu, 22 Sep 2022 14:44:08 GMT
server
ECAcc (ska/F7A2)
traceparent
00-000000000000000000062e9d84b1a1d5-455c1a57ef4e957a-01
etag
"632c74b8-2dea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:30 GMT
csp
www.paypal.com/csplog/api/log/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE1) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-M8yOjOxtXCzAjZiUNyv22iSWqeYjJB2HAUYX0QeilioVKZiE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-M8yOjOxtXCzAjZiUNyv22iSWqeYjJB2HAUYX0QeilioVKZiE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Mon, 21 Aug 2023 07:20:30 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0b50008394931
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
2
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE1)
traceparent
00-00000000000000000000b50008394931-e3b2b91680bdd7f8-01
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		1 KB
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F686) /
Resource Hash
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
36532606ce5df
dc
ccg11-origin-www-1.paypal.com
content-length
548
last-modified
Wed, 15 Jun 2022 22:33:20 GMT
server
ECAcc (ska/F686)
traceparent
00-000000000000000000036532606ce5df-5b43e819cf1f272f-01
etag
W/"62aa5e30-436"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:29 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F744) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Origin
https://www.paypal.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
5afdb95f0696d
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (ska/F744)
traceparent
00-00000000000000000005afdb95f0696d-b74492ffeae800a7-01
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:30 GMT
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F74B) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/css/contextualLoginElementalUIv2.css
Origin
https://www.paypal.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d00f0e31003ec
dc
ccg11-origin-www-1.paypal.com
content-length
18508
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (ska/F74B)
traceparent
00-0000000000000000000d00f0e31003ec-346b6722378ccfe1-01
etag
"60271cda-484c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:30 GMT
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		318 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F75D) /
Resource Hash
1ab27a25e6f052a0967a32ad9da3ecf30cff47c9ed10c5dc5438383d7425161f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
605153c524fc9
dc
ccg11-origin-www-1.paypal.com
content-length
36063
last-modified
Sat, 19 Aug 2023 05:52:39 GMT
server
ECAcc (ska/F75D)
traceparent
00-0000000000000000000605153c524fc9-6bae298dfea50bb2-01
etag
W/"64e058a7-4f8aa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 21 Aug 2023 08:20:30 GMT
logclientdata
www.paypal.com/auth/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCB) /
Resource Hash
a0216c53e12198abf46163e88fabda1728e396d3bfd4b3338b1a837bed6391a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-bOYVswcJ9cCrSs1t1OqwLld7ZLpWxDYGJH9rasfaLTSGLXNn' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-bOYVswcJ9cCrSs1t1OqwLld7ZLpWxDYGJH9rasfaLTSGLXNn' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
00040b1858032
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CCB)
traceparent
00-000000000000000000000040b1858032-632bc7eb20957198-01
etag
W/"777-PH8hiixqIxHx5bOtX9o+FjRL0e0"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame 5F46 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6CA) /
Resource Hash
5c692f296519abebe9a1ad260c1bfc41677a5b4d8291b19c27260b0f4f4c65c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
1704
content-type
text/html
date
Mon, 21 Aug 2023 07:20:30 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"632c74b8-145d"
expires
Mon, 21 Aug 2023 08:20:30 GMT
last-modified
Thu, 22 Sep 2022 14:44:08 GMT
paypal-debug-id
c7f48b64e617
server
ECAcc (ska/F6CA)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000000c7f48b64e617-947d4a1b9c89e581-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
enterprise.js
www.recaptcha.net/recaptcha/ Frame 5F46 		977 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5842002cbe1bbdce116923e77e08b4ec25f830be1100728cd1c38b318c6b91d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 07:20:30 GMT
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.2.0/ 		191 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7BB) /
Resource Hash
586f0eb92dcb65651bb48a4d846c39f6cb02d7f9ce88943a2a45fbac7d863334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5ba9dca12173a
dc
ccg11-origin-www-1.paypal.com
content-length
52759
last-modified
Wed, 14 Sep 2022 19:41:31 GMT
server
ECAcc (ska/F7BB)
traceparent
00-00000000000000000005ba9dca12173a-b220db10bf2da600-01
etag
"63222e6b-2fbb4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 21 Aug 2023 08:20:30 GMT
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.2.0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.2.0/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F78B) /
Resource Hash
aa3020d20fe753464cc473d2afb758a43f77a2404671c663d511f686d4f4c0e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
4def9acce3f07
dc
ccg11-origin-www-1.paypal.com
content-length
2672
last-modified
Wed, 14 Sep 2022 19:41:31 GMT
server
ECAcc (ska/F78B)
traceparent
00-00000000000000000004def9acce3f07-133c270527bbe1ee-01
etag
W/"63222e6b-190a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 21 Aug 2023 08:20:30 GMT
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
21abf8beea828b1467fff49c529b865543be2844b68897bc4eccd15f308b1f34
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-627+UtVWLwfvVZ7sSTqMeGKcFKWN2Oghw+/oXKj34SBWQHCm' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-627+UtVWLwfvVZ7sSTqMeGKcFKWN2Oghw+/oXKj34SBWQHCm' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
002955a29b5a0
server-timing
traceparent;desc="00-0000000000000000000002955a29b5a0-920b2331818f7450-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CD8)
traceparent
00-0000000000000000000002955a29b5a0-6f979ad42c0e35f7-01
etag
W/"966-rM+YuC9GEZ2pMDEYItgndKS/Sfs"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
fb.js
c.paypal.com/da/r/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ef6/734cc252203c47a6b40f489ffa52d/js/checkout-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (daa/7D20) /
Resource Hash
bdf26bf839a21919969834fdeb91e9d39266897ec9d7245959ea5965a3891313
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
112907
date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
age
129804
x-cache
HIT
paypal-debug-id
8dfdebb2acb7b
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
21865
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Thu, 20 Jul 2023 18:49:04 GMT
server
ECAcc (daa/7D20)
traceparent
00-00000000000000000008dfdebb2acb7b-d77ed1591b172406-01
x-timer
S1692602431.576554,VS0,VE1
etag
W/"64b981a0-fbca"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 07:20:30 GMT
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
ba3c1d3a575a8209bad36f33d807a56c5cd087af34fe5fe46c64fcf72253a6ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-qUi3CMNwD/V8thFq/JRAVirExOp1M4icrmE/3W0LHhe6HF7q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-qUi3CMNwD/V8thFq/JRAVirExOp1M4icrmE/3W0LHhe6HF7q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0a97b77991982
server-timing
traceparent;desc="00-00000000000000000000a97b77991982-753892557185ed80-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CD8)
traceparent
00-00000000000000000000a97b77991982-536607f2ab0e0b8b-01
etag
W/"8b3-U1khGIYIHj0sSa3aua2eISLLA+4"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
challenge.js
www.paypal.com/auth/createchallenge/e2577fc975424f1c/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/e2577fc975424f1c/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDA) /
Resource Hash
c432939dd1dbd04e4b4aa6a20dec662b9123c1352fb1155921b389fba52f510b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-KgoMGYP64JGFwPPJODn5tQAwvU6nzQPQ2yiJCWU6hn1hCtHV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-KgoMGYP64JGFwPPJODn5tQAwvU6nzQPQ2yiJCWU6hn1hCtHV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
037009b2891b2
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CDA)
traceparent
00-0000000000000000000037009b2891b2-c0d1efa9fd2c9d77-01
etag
W/"4760-uUUG3E/KYLsDGiZfS3iakBqv7nE"
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
9b8d946165ead02425276afd7776639d94baed7134214e5aed3ac1ee071cf9fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BEA9ibJo7DdDXtcURkzVuP1INATYpft06wGYU8nNCvsOYJDP' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BEA9ibJo7DdDXtcURkzVuP1INATYpft06wGYU8nNCvsOYJDP' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
053358824970b
server-timing
traceparent;desc="00-0000000000000000000053358824970b-e57eb75b0156c9c0-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CD8)
traceparent
00-0000000000000000000053358824970b-58b6ba9559109810-01
etag
W/"908-YVZz9k3gfy9ypvB1zxr/e9p5LVk"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
cookie-banner
www.paypal.com/signin/ 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/cookie-banner?flowId=EC-90G343992E676251E&cookieBannerVariant=hidden&
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE6) /
Resource Hash
9135d9415a188c63a33da223763ea6b696364f8bdfe4e8007973fb2fdf7f3fcf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-IC5Pu9vIdKyTfbxoVjhXdJtWGRuNRgtiZH0eq95zFqaVknbr' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-IC5Pu9vIdKyTfbxoVjhXdJtWGRuNRgtiZH0eq95zFqaVknbr' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0a76b80b6055a
server-timing
traceparent;desc="00-00000000000000000000a76b80b6055a-5b3ebb75911d1996-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE6)
traceparent
00-00000000000000000000a76b80b6055a-315935b5cd0eccb6-01
etag
W/"4545-eUxvjhW4E77vFRkLcDt/WRUMpqM"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
load-resource
www.paypal.com/signin/ 		65 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCD) /
Resource Hash
edf28030679e9f93af35db7caf40ba4435ff1121737703c0a926dd9219c22110
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-YP0kCtjvxZ2L1uwV2c2HlXYPmKo5bFrPieO3EV2Z7DwQQuhq' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-YP0kCtjvxZ2L1uwV2c2HlXYPmKo5bFrPieO3EV2Z7DwQQuhq' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
05b2339114b99
server-timing
traceparent;desc="00-000000000000000000005b2339114b99-703efa8a3f306597-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CCD)
traceparent
00-000000000000000000005b2339114b99-fd6782450484bf7e-01
etag
W/"105d0-qynMMw7rc5nW/UiD31Ego5OwqRQ"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
client-log
www.paypal.com/signin/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
5d3f79c1d4ac2353964885af09d2f13e0f9d9e787f1e6e9fa3773b3b706a7f4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-MsG+9jOC50Tr+24X8hGaAuNmH9au5r7C2EycPMOMwVd5U7/L' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-MsG+9jOC50Tr+24X8hGaAuNmH9au5r7C2EycPMOMwVd5U7/L' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
03695376b5817
server-timing
traceparent;desc="00-000000000000000000003695376b5817-fe00e59aeec9b13a-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CFA)
traceparent
00-000000000000000000003695376b5817-5a20596027519871-01
etag
W/"8b3-LSZ80JH87L9HFKtoJ4pZH/AZzto"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D03) /
Resource Hash
b75dfcfc13617f66cb6ef5ce992c28f0b0042eddd157b7baf24ba00eced6d5d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-mM8PozKYw6ghYLXUaRfATYVQwaNF8CMiGr/JMPclRvnly49N' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-mM8PozKYw6ghYLXUaRfATYVQwaNF8CMiGr/JMPclRvnly49N' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0423536181007
server-timing
traceparent;desc="00-00000000000000000000423536181007-5e202c393ab57c90-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4D03)
traceparent
00-00000000000000000000423536181007-1754a8e240a1836c-01
etag
W/"8b3-dqpIJquiUn31nP9aFqCqUHU5vxU"
vary
Accept-Encoding, Accept-Encoding, Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
recaptcha__en.js
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 5F46 		450 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypalobjects.com/
Origin
https://www.paypalobjects.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185519
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 18:11:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 11:36:31 GMT
logclientdata
www.paypal.com/auth/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAC) /
Resource Hash
89bc6228de36b706e6c65e6cd9d31070d84f3d8baf5558f6df310e0d60a51bfa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jFYrc4uzIxIrnqOnfvdxivFWa/KAVG3fSa2Gx4c6YiUh81LF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-jFYrc4uzIxIrnqOnfvdxivFWa/KAVG3fSa2Gx4c6YiUh81LF' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
098ba61a72574
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CAC)
traceparent
00-0000000000000000000098ba61a72574-e7ee34f10ae483f8-01
etag
W/"77a-fI5OWOFRifX34//gZ4AXiUagErA"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
csp
www.paypal.com/csplog/api/log/ Frame 55A4 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE1) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-FNVPzxBMrESEfFket5NkXof9NVnjzCPobqtRedD/pwjrA2jf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-FNVPzxBMrESEfFket5NkXof9NVnjzCPobqtRedD/pwjrA2jf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Mon, 21 Aug 2023 07:20:30 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0b23872658767
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
2
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE1)
traceparent
00-00000000000000000000b23872658767-c2929c9bc2c389ec-01
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
i
c.paypal.com/v1/r/d/ Frame 97E5 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges
none
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
f8ab0ce889b3d
date
Mon, 21 Aug 2023 07:20:30 GMT
origin-trial
A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id
f8ab0ce889b3d
server-timing
"traceparent;desc="00-0000000000000000000f8ab0ce889b3d-f4180ccba1f35629-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000f8ab0ce889b3d-ac2c99f57d661212-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1692602431.687006,VS0,VE146
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v1/ Frame 55A4
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Mon, 21 Aug 2023 07:20:31 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02RzQzOTQwODIwNzgwODYwMyZpPTE4NS4yMDQuMS4xODImdD0xNjkyNjAyNDI5LjY5NyZhPTIxJnM9VU5JRklFRF9MT0dJTvqkjJpuClX8XktaHuDjdxvRJt_M
Date
Mon, 21 Aug 2023 07:20:30 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6B3) /
Resource Hash
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
7acccca376291
dc
ccg11-origin-www-1.paypal.com
content-length
110177
last-modified
Sat, 13 Feb 2021 00:29:58 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (ska/F6B3)
etag
"60271d86-1ae61"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 21 Aug 2023 08:20:30 GMT
ts
t.paypal.com/ 		42 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.14&t=1692602430736&g=-180&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1692602429643&calc=094a23926a257&nsid=axagSA9mIDcluSetO-BI6zdodviRXdOB&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=FI&csci=458b378cb4d64364b713e69b4a76350e&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-90G343992E676251E&flid=EC-90G343992E676251E&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-90G343992E676251E&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&e=ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 21 Aug 2023 07:20:31 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2c8a5e81f1e45
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
correlation-id
2c8a5e81f1e45
traceparent
00-00000000000000000002c8a5e81f1e45-653e5ced4421f581-01
x-timer
S1692602431.910220,VS0,VE151
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 07:20:30 GMT
fb.js
c.paypal.com/da/r/ Frame 97E5 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (daa/7D20) /
Resource Hash
bdf26bf839a21919969834fdeb91e9d39266897ec9d7245959ea5965a3891313
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
112908
date
Mon, 21 Aug 2023 07:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
age
129804
x-cache
HIT
paypal-debug-id
8dfdebb2acb7b
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
21865
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Thu, 20 Jul 2023 18:49:04 GMT
server
ECAcc (daa/7D20)
traceparent
00-00000000000000000008dfdebb2acb7b-d77ed1591b172406-01
x-timer
S1692602431.912619,VS0,VE1
etag
W/"64b981a0-fbca"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 07:20:30 GMT
verifychallenge
www.paypal.com/auth/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifychallenge
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE7) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-yxBHUHNhxKlp8o+4r4dncFT3qLoPIV/o5RptiJEZll+nzD8I' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-yxBHUHNhxKlp8o+4r4dncFT3qLoPIV/o5RptiJEZll+nzD8I' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date
Mon, 21 Aug 2023 07:20:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0764876284b04
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
2
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE7)
traceparent
00-00000000000000000000764876284b04-13abd6e5430b363b-01
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
tealeaftarget
www.paypal.com/platform/ 		39 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D08) /
Resource Hash
f81897de56f50c6d1d88efc57b851259efb3d3048641f5e1194fd1ba9f57e384
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-Tealeaf-SyncXHR
false
X-Tealeaf
device (UIC) Lib/6.2.0.2010
accept-language
fi-FI,fi;q=0.9
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
91616967892043779803373184695874
X-Requested-With
fetch
X-TealeafType
GUI
X-PageId
P.Q4UGNFCGDGRH8EPWZGQU4P6G9WT5
X-TeaLeaf-Page-Url
/agreements/approve
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date
Mon, 21 Aug 2023 07:20:31 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
02310a43b7798
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
39
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4D08)
traceparent
00-000000000000000000002310a43b7798-8f5395996871ddf1-01
etag
W/"27-JV4AnKPCzG7aDTami+95rb2osGI"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 6708 		54 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
311be5983392faa055b9f2fc9862645200e585f999d74799cbb92624567d3bc2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7Ii0PhQti8ialgB57bTODg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30560
content-security-policy
script-src 'report-sample' 'nonce-7Ii0PhQti8ialgB57bTODg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 21 Aug 2023 07:20:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p1
c.paypal.com/v1/r/d/b/ Frame 97E5 		125 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d26c87156c76e047251718e1887c9d5c15d8443272b243daaa5a425aa254c5d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Aug 2023 07:20:31 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
4e629d1eeffef
server-timing
"traceparent;desc="00-00000000000000000004e629d1eeffef-eb0bdd64bf943983-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length
125
x-served-by
cache-fra-eddf8230066-FRA
correlation-id
4e629d1eeffef
traceparent
00-00000000000000000004e629d1eeffef-8ffcea4e80e22d91-01
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.paypal.com
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
e
c.paypal.com/v1/r/d/b/ Frame 97E5 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Aug 2023 07:20:31 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
ea06eb2263f30
server-timing
"traceparent;desc="00-0000000000000000000ea06eb2263f30-af3d728c66b5490c-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230066-FRA
correlation-id
ea06eb2263f30
traceparent
00-0000000000000000000ea06eb2263f30-d2ec69892ef57f3b-01
vary
Accept-Encoding
access-control-allow-origin
https://www.paypal.com
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
p3
c6.paypal.com/v1/r/d/b/ Frame 97E5 		0
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=BA-6G439408207808603&s=UL_CHECKOUT_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:31 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
ebb0443616103
server-timing
"traceparent;desc="00-0000000000000000000ebb0443616103-b162e53877224c68-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length
0
x-served-by
cache-fra-eddf8230063-FRA, cache-hel1410024-HEL
correlation-id
ebb0443616103
traceparent
00-0000000000000000000ebb0443616103-298ff4fd24047f2e-01
x-timer
S1692602431.380051,VS0,VE194
vary
Accept-Encoding
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 6708 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 13:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 18:11:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 13:56:22 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 6708 		450 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185519
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 18:11:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 11:36:31 GMT
ts
t.paypal.com/ 		42 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.14&t=1692602431605&g=-180&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1692602429643&calc=094a23926a257&nsid=axagSA9mIDcluSetO-BI6zdodviRXdOB&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=FI&csci=458b378cb4d64364b713e69b4a76350e&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C102434%2C102434%2C100644%2C105124%2C102695%2C100391%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C100846%2C101875%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101124%2C101216%2C100942%2C103648%2C104200%2C108076&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104576%2C104576%2C109051%2C109051%2C101702%2C123242%2C110241%2C100984%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109963%2C105856%2C120731%2C120731%2C105858%2C102359%2C106610%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103402%2C103864%2C113529%2C114559%2C127485%2C138090&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-90G343992E676251E&flid=EC-90G343992E676251E&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-90G343992E676251E&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&e=im&imsrc=setup&view=%7B%22t10%22%3A140%2C%22t11%22%3A4640%2C%22tcp%22%3A3417%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A723%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=140&t1c=140&t1d=28&t1s=75&t2=812&t3=2&t4d=0&t4=0&t4e=31&tt=3937&rdc=0&protocol=h2&cdn=edgecast&res=%7B%7D&rtt=354&t12=3522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 21 Aug 2023 07:20:31 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c1dd655168196
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
correlation-id
c1dd655168196
traceparent
00-0000000000000000000c1dd655168196-73996c518b48331e-01
x-timer
S1692602432.631801,VS0,VE151
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 07:20:31 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame 6708 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:20:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 07:20:31 GMT
reload
www.recaptcha.net/recaptcha/enterprise/ Frame 6708 		34 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c932c647d845a2a903dc3b1d11f4b2bf6afb9d401d2971a5bac540f053a1c3f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=t5d27br6uztq
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 21 Aug 2023 07:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19982
x-xss-protection
1; mode=block
expires
Mon, 21 Aug 2023 07:20:32 GMT
verifygrcenterprise
www.paypal.com/auth/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB2) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-KXlOKtcdEXSKxaCkCaeHmQCg5fQfzXY3HzyvA0n9Xkmoyyr7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
x-requested-with
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-KXlOKtcdEXSKxaCkCaeHmQCg5fQfzXY3HzyvA0n9Xkmoyyr7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Aug 2023 07:20:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0056003b67a46
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CB2)
traceparent
00-00000000000000000000056003b67a46-8563a13517e6c371-01
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.14&t=1692602432606&g=-180&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1692602429643&calc=094a23926a257&nsid=axagSA9mIDcluSetO-BI6zdodviRXdOB&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=FI&csci=458b378cb4d64364b713e69b4a76350e&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C102434%2C102434%2C100644%2C105124%2C102695%2C100391%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C100846%2C101875%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101124%2C101216%2C100942%2C103648%2C104200%2C108076&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104576%2C104576%2C109051%2C109051%2C101702%2C123242%2C110241%2C100984%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109963%2C105856%2C120731%2C120731%2C105858%2C102359%2C106610%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103402%2C103864%2C113529%2C114559%2C127485%2C138090&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-90G343992E676251E&flid=EC-90G343992E676251E&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-90G343992E676251E&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=212&t3=1&tt=213&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A213%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.paypal.com/agreements/approve?ba_token=BA-6G439408207808603
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 21 Aug 2023 07:20:32 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8a05256092c76
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
correlation-id
8a05256092c76
traceparent
00-00000000000000000008a05256092c76-554930e4c8cdc160-01
x-timer
S1692602433.632213,VS0,VE149
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Aug 2023 07:20:32 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| html5 object| Modernizr boolean| paypalADSInterceptorInjected function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| fptiOptions boolean| trackLazyData object| _ifpti function| init function| setStyle function| resizeWidget function| getListenerSearchKey function| renderGRCV3Enterprise function| recaptchaClientLogPostData function| _0x2b0a function| _0x32ca object| latmconf object| laDataLayer object| pako object| TLT function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x42cfea function| _0x46a3 object| d function| _0x49d8 function| aaceeeaddadfdbade object| err

17 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AG8ZzsvQqlMKCc4o9QZhz9kK5d-PKN6iBC_wG7TklGcaP1s8LgOtJHhNny_CrqjEuqFX_Ye6AQc9ZMzem6laELE
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: 458b378cb4d64364b713e69b4a76350e1692602429654
.paypal.com/ Name: LANG
Value: en_US%3BFI
www.paypal.com/ Name: nsid
Value: s%3AaxagSA9mIDcluSetO-BI6zdodviRXdOB.9lGp2q%2BNx3xZBGl2lBUlelpJlGVJjw1NL1U8CtpB%2Bh8
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts_c
Value: vr%3D16f76ebb18a0a7885c725a05fc8c9f1a%26vt%3D16f76ebb18a0a7885c725a05fc8c9f19
.paypal.com/ Name: TLTSID
Value: 91616967892043779803373184695874
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.stats.paypal.com/ Name: c
Value: ce055bf29f17a7e6c2c0
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.c.paypal.com/ Name: sc_f
Value: wtCI7RYCxlCnreyGlk6wpZ4tQBE2CpBNrqlSCSHpk2IUJT6D-h7IespL44NqlFiAbyaIBpcB6UrMHtuciHt_fOH37pC7rHbJ9aZEeG
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: dSvmTsXI4ErqEI4LkG7tU8QV_vp0Rls39kg5fWdY9i1QNFWTQfZKBGgyrEJSI24jsEqYnKakPIG_2TXE
.paypal.com/ Name: ddi
Value: haHFczA2vMNtHUZSuS1LLUG7EIRz4kECuOIMz8qdRuE1_xiAXKvEsNSxzps15bK2lRfn-bJnZSTHnZRW7scB_3S_hGz_XDR7p51O73Zp93o6XX3f
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY5MjYwMjQzMjc2MyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1787296832%26vteXpYrS%3D1692604232%26vr%3D16f76ebb18a0a7885c725a05fc8c9f1a%26vt%3D16f76ebb18a0a7885c725a05fc8c9f19%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-11ycu0LZ0NVeLJN1CMhHNZPAThOSo4+byuJt1HbVKaKpU4iR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8416822.swisposelan.co
b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
151.101.129.35
151.101.193.21
192.229.221.25
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a04:4e42:400::291
62.72.3.17
64.4.245.84
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8
1ab27a25e6f052a0967a32ad9da3ecf30cff47c9ed10c5dc5438383d7425161f
1c932c647d845a2a903dc3b1d11f4b2bf6afb9d401d2971a5bac540f053a1c3f
1d26c87156c76e047251718e1887c9d5c15d8443272b243daaa5a425aa254c5d
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
21abf8beea828b1467fff49c529b865543be2844b68897bc4eccd15f308b1f34
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
22fe589490037c99dce86ff43c511b1b3bfe681da71961000c5d035c398e6467
2a313ffc7fc09af0f3ee325f63f1557268360694abcf18e95c58c8a9c0f34ecf
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
311be5983392faa055b9f2fc9862645200e585f999d74799cbb92624567d3bc2
43eeb207ed701b4a0f2351cba6a4de5b29af5b00c7753c8207c8cbb170664dd9
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5842002cbe1bbdce116923e77e08b4ec25f830be1100728cd1c38b318c6b91d7
586f0eb92dcb65651bb48a4d846c39f6cb02d7f9ce88943a2a45fbac7d863334
5c692f296519abebe9a1ad260c1bfc41677a5b4d8291b19c27260b0f4f4c65c2
5d3f79c1d4ac2353964885af09d2f13e0f9d9e787f1e6e9fa3773b3b706a7f4d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
89bc6228de36b706e6c65e6cd9d31070d84f3d8baf5558f6df310e0d60a51bfa
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8f973678dbf05ecfb0acf348dce4a81864013e227b86fc57b00426ed5f35bbbd
9135d9415a188c63a33da223763ea6b696364f8bdfe4e8007973fb2fdf7f3fcf
91e9594557335fec24462d01931c6e1917c464747f9ba00a2fe7120246312737
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9b8d946165ead02425276afd7776639d94baed7134214e5aed3ac1ee071cf9fd
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
a0216c53e12198abf46163e88fabda1728e396d3bfd4b3338b1a837bed6391a5
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
aa3020d20fe753464cc473d2afb758a43f77a2404671c663d511f686d4f4c0e2
b5d698aff191399c286b67bdb6a08654eeebe46b051b77d95350cddb1774c263
b75dfcfc13617f66cb6ef5ce992c28f0b0042eddd157b7baf24ba00eced6d5d1
ba3c1d3a575a8209bad36f33d807a56c5cd087af34fe5fe46c64fcf72253a6ba
bdf26bf839a21919969834fdeb91e9d39266897ec9d7245959ea5965a3891313
c432939dd1dbd04e4b4aa6a20dec662b9123c1352fb1155921b389fba52f510b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e973d3f8f304299a283ed574e321331b07a2a70d4ec85cb1be5876b2bcaae4f4
edf28030679e9f93af35db7caf40ba4435ff1121737703c0a926dd9219c22110
f81897de56f50c6d1d88efc57b851259efb3d3048641f5e1194fd1ba9f57e384
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5