urlscan.io logo urlscan.io
SecurityTrails logo

www.sandbox.paypal.com Open in urlscan Pro
151.101.1.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mein.dk-online.works/angebote/digitalbasis/paypalexpress
Effective URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Submission Tags: @ecarlesi threat phishing paypal Search All
Submission: On January 19 via api from IT — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 40 HTTP transactions. The main IP is 151.101.1.21, located in United States and belongs to FASTLY, US. The main domain is www.sandbox.paypal.com. The Cisco Umbrella rank of the primary domain is 51553.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 11th 2023. Valid for: 6 months.
This is the only time www.sandbox.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.215.180.174 6724 (STRATO ST...)
10 151.101.1.21 54113 (FASTLY)
20 192.229.221.25 15133 (EDGECAST)
4 151.101.1.35 54113 (FASTLY)
1 2 64.4.245.84 17012 (PAYPAL)
1 2a04:4e42:400... 54113 (FASTLY)
4 151.101.129.35 54113 (FASTLY)
40 6
1    85.215.180.174 (Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: server-03.noz.viakom.cloud
mein.dk-online.works
10    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.sandbox.paypal.com
20    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
c.paypal.com
4    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
postcollector.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
4    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
26 paypal.com
www.sandbox.paypal.com — Cisco Umbrella Rank: 51553
postcollector.paypal.com — Cisco Umbrella Rank: 472161
c.paypal.com — Cisco Umbrella Rank: 7660
b.stats.paypal.com — Cisco Umbrella Rank: 6369
dub.stats.paypal.com — Cisco Umbrella Rank: 29378
c6.paypal.com — Cisco Umbrella Rank: 9116
t.paypal.com — Cisco Umbrella Rank: 3523
102 KB
15 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
303 KB
1 dk-online.works
mein.dk-online.works
573 B
40 3
Domain Requested by
15 www.paypalobjects.com www.sandbox.paypal.com
www.paypalobjects.com
10 www.sandbox.paypal.com www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
4 t.paypal.com
4 postcollector.paypal.com www.paypalobjects.com
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 mein.dk-online.works 1 redirects
40 9

This site contains links to these domains. Also see Links.

Domain
gpc-sys.pay1.de
Subject Issuer Validity Valid
www.sandbox.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-08-11 -
2024-02-19		 6 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Frame ID: 557A4AE234CB88E2637000D53930A82C
Requests: 33 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A5E31A7868745DB6998E840C8F134D04
Requests: 4 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA
Frame ID: 9A0F7C94E4314FBA2D727B7079D34AE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log på din PayPal-konto

Page URL History Show full URLs

  1. https://mein.dk-online.works/angebote/digitalbasis/paypalexpress HTTP 302
    https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns

Page Statistics

40
Requests

98 %
HTTPS

14 %
IPv6

3
Domains

9
Subdomains

6
IPs

2
Countries

404 kB
Transfer

1501 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mein.dk-online.works/angebote/digitalbasis/paypalexpress HTTP 302
    https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request webscr
www.sandbox.paypal.com/
Redirect Chain
  • https://mein.dk-online.works/angebote/digitalbasis/paypalexpress
  • https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56b3fac30ab9740fed79d8c1938168e5af744532870292c73d08cad112fbf449
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BELeNVazrYaV8E94VxQL+DIHO4XDFx93M0REniqgrfBbLVXD' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BELeNVazrYaV8E94VxQL+DIHO4XDFx93M0REniqgrfBbLVXD' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 05:30:56 GMT
etag
W/"7afa-ID3BuH8u7+i3g42PPNpA7Dm+cbM"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f402746347185
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc=gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230110-FRA, cache-cph2320049-CPH
x-timer
S1705642255.733112,VS0,VE1516
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 05:30:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
0ec34b2c64cf8ac9e34f0ab429c9b2909b504c4c4ffc9a550a4a39771d410ec8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
e9a099d1ba916
dc
ccg11-origin-www-1.paypal.com
content-length
6753
last-modified
Wed, 10 Jan 2024 18:40:10 GMT
server
ECAcc (ama/48F2)
traceparent
00-0000000000000000000e9a099d1ba916-398010f01df35363-01
etag
W/"659ee48a-5a35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
contextualLoginElementalUIv2.css
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/ 		151 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D9) /
Resource Hash
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
8f72e44d869d2
dc
ccg11-origin-www-1.paypal.com
content-length
23917
last-modified
Fri, 15 Dec 2023 05:02:53 GMT
server
ECAcc (ama/48D9)
traceparent
00-00000000000000000008f72e44d869d2-f032d8e6c8627f9a-01
etag
W/"657bddfd-25c40"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 18 Jan 2025 05:30:56 GMT
modernizr-2.6.1.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/modernizr-2.6.1.js
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A4) /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
a63ff31ad414a
dc
ccg11-origin-www-1.paypal.com
content-length
1788
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (ama/48A4)
traceparent
00-0000000000000000000a63ff31ad414a-27f3774498137c30-01
etag
W/"657bddfe-edf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 18 Jan 2025 05:30:56 GMT
close.svg
www.paypalobjects.com/paypal-ui/icons/v3/svg/ 		289 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/icons/v3/svg/close.svg
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488E) /
Resource Hash
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
868d79c23aa11
dc
ccg11-origin-www-1.paypal.com
content-length
181
last-modified
Thu, 12 May 2022 21:24:27 GMT
server
ECAcc (ama/488E)
traceparent
00-0000000000000000000868d79c23aa11-415a66c4493d068a-01
etag
W/"627d7b0b-121"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C6) /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
89d27e36e5acb
dc
ccg11-origin-www-1.paypal.com
content-length
2236
last-modified
Sat, 13 Feb 2021 00:20:23 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (ama/48C6)
traceparent
00-000000000000000000089d27e36e5acb-636a533b4fde7647-01
etag
"60271b47-8bc"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C1) /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
6b89ec0134ddf
dc
ccg11-origin-www-1.paypal.com
content-length
5828
last-modified
Fri, 12 Sep 2014 15:08:04 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (ama/48C1)
traceparent
00-00000000000000000006b89ec0134ddf-c57c6b841a3cbc91-01
etag
"54130c54-16c4"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/fn-sync-telemetry-min.js
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A6) /
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
3a2412d0e9de7
dc
ccg11-origin-www-1.paypal.com
content-length
2303
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (ama/48A6)
traceparent
00-00000000000000000003a2412d0e9de7-411e57279b3bb179-01
etag
W/"657bddfe-159e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 18 Jan 2025 05:30:56 GMT
checkout-split.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/ 		474 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/checkout-split.js
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EE) /
Resource Hash
6fc228cefa26f2917c7ef238654afd0d278c43c821ca4d537aa112b2d2c8993f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
4c925b80869de
dc
ccg11-origin-www-1.paypal.com
content-length
101412
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (ama/48EE)
traceparent
00-00000000000000000004c925b80869de-dd1ee95d52b42717-01
etag
W/"657bddfe-76922"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 18 Jan 2025 05:30:56 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.sandbox.paypal.com
URL: https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F0) /
Resource Hash
6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5363fe25e86e7
dc
ccg11-origin-www-1.paypal.com
content-length
25950
last-modified
Fri, 12 Jan 2024 17:19:48 GMT
server
ECAcc (ama/48F0)
traceparent
00-00000000000000000005363fe25e86e7-867d575932d47b99-01
etag
"65a174b4-1148a+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 19 Jan 2024 06:30:56 GMT
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		1 KB
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B5) /
Resource Hash
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
f1a2c92f06159
dc
ccg11-origin-www-1.paypal.com
content-length
548
last-modified
Wed, 15 Jun 2022 22:33:20 GMT
server
ECAcc (ama/48B5)
traceparent
00-0000000000000000000f1a2c92f06159-0ed0129bf0f25965-01
etag
"62aa5e30-436"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4889) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Origin
https://www.sandbox.paypal.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
8a1d1cb6b4802
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (ama/4889)
traceparent
00-00000000000000000008a1d1cb6b4802-67b4c1d345995f29-01
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E2) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Origin
https://www.sandbox.paypal.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
98743da4e753e
dc
ccg11-origin-www-1.paypal.com
content-length
18508
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (ama/48E2)
traceparent
00-000000000000000000098743da4e753e-be11dd1d30f74627-01
etag
"60271cda-484c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Fri, 19 Jan 2024 06:30:56 GMT
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		339 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A7) /
Resource Hash
d5616af6eb34e0d8ede9be6ccd6078cf3fdd188f80a4a08b790fda89cb40a578
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sandbox.paypal.com/
Origin
https://www.sandbox.paypal.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
d7ec86eeac332
dc
ccg11-origin-www-1.paypal.com
content-length
38258
last-modified
Fri, 12 Jan 2024 17:19:48 GMT
server
ECAcc (ama/48A7)
traceparent
00-0000000000000000000d7ec86eeac332-ae89b92a04059eb9-01
etag
W/"65a174b4-54dfd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 19 Jan 2024 06:30:56 GMT
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.4.65/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A5) /
Resource Hash
116b38773e8b975f3404a0928a999967b33dd2688c933363319d70690081572c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sandbox.paypal.com/
Origin
https://www.sandbox.paypal.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
53db57cde6906
dc
ccg11-origin-www-1.paypal.com
content-length
51011
last-modified
Fri, 12 Jan 2024 17:19:48 GMT
server
ECAcc (ama/48A5)
traceparent
00-000000000000000000053db57cde6906-09f954d02567a168-01
etag
"65a174b4-26d93+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 19 Jan 2024 06:30:56 GMT
sandboxpatlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.4.65/sandbox/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/sandbox/sandboxpatlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BF) /
Resource Hash
d62ce55eafd625dbe9d16c9b16867703406313db3e17e9d3c55d898c76cc6d21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sandbox.paypal.com/
Origin
https://www.sandbox.paypal.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
c9811e74daf7b
dc
ccg11-origin-www-1.paypal.com
content-length
2663
last-modified
Fri, 12 Jan 2024 17:19:48 GMT
server
ECAcc (ama/48BF)
traceparent
00-0000000000000000000c9811e74daf7b-7fd49a33d9ecef52-01
etag
W/"65a174b4-18f2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Fri, 19 Jan 2024 06:30:56 GMT
76938917d7504ff7a962174c021690bd
postcollector.paypal.com/collector/switch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postcollector.paypal.com/collector/switch/76938917d7504ff7a962174c021690bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.sandbox.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://www.sandbox.paypal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Fri, 19 Jan 2024 05:30:56 GMT
server
istio-envoy
strict-transport-security
max-age=31557600
vary
Accept-Encoding,Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
0
x-served-by
cache-cph2320042-CPH
x-timer
S1705642257.688189,VS0,VE287
76938917d7504ff7a962174c021690bd
postcollector.paypal.com/collector/switch/ 		1 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postcollector.paypal.com/collector/switch/76938917d7504ff7a962174c021690bd
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://www.sandbox.paypal.com/
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
367
x-cache
HIT
x-envoy-upstream-service-time
0
nodeid
wscollector-66b9bcb89d-xr7ws
content-length
21
x-served-by
cache-cph2320042-CPH
dcname
prod-dal
server
istio-envoy
x-timer
S1705642257.992886,VS0,VE0
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.sandbox.paypal.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1
client-log
www.sandbox.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d1061b8e2508139f9bc0bcba2420f6359e3ca2c098261a5bbb0fdba849abfd8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-KDX7iudHlfT0OPmSx/yeanhPMkgP7FLS02E4DxPoKYORY8wE' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-KDX7iudHlfT0OPmSx/yeanhPMkgP7FLS02E4DxPoKYORY8wE' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f569659862ae8
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230099-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.644543,VS0,VE287
etag
W/"8af-19diMnHwP07JeYVE1tNgLXakrnQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
fb.js
c.paypal.com/da/r/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/checkout-split.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7CA7) /
Resource Hash
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
c239b95f6a5dc
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
last-modified
Wed, 13 Dec 2023 22:28:54 GMT
server
ECAcc (daa/7CA7)
traceparent
00-0000000000000000000c239b95f6a5dc-6c8cc656808bf5fd-01
etag
W/"657a3026-1026d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
x-csrf-token
expires
Sat, 20 Jan 2024 05:30:56 GMT
client-log
www.sandbox.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4bd5804a5c0dbe0d1af0770f64fb35ca36544f23c2a325d0447ddaa7a164b6f2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-vxm63/Pk+T0zgvUlF9v14oBCv9PyZ73dfF0tH12zQcABy0Pm' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-vxm63/Pk+T0zgvUlF9v14oBCv9PyZ73dfF0tH12zQcABy0Pm' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f569659dcefbf
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220119-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.648387,VS0,VE299
etag
W/"7fe-IpPYn18gTF3tzoXqXcDnJY4Uyu4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
challenge.js
www.sandbox.paypal.com/auth/createchallenge/64f2857bdfa3ea05/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/auth/createchallenge/64f2857bdfa3ea05/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6acf7d4a9509d0b6ffdbe7a439b7c36d6ed4aedd669ae024f1e1f03c7b269e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-2Q8n//v1RXyL82LWk/J6JajMZDLqIUrNc3tdgTz+Sbx0fDqi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-2Q8n//v1RXyL82LWk/J6JajMZDLqIUrNc3tdgTz+Sbx0fDqi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f56965900e394
server-timing
content-encoding;desc=gzip
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220091-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.648768,VS0,VE321
etag
W/"3c79-/ePwf1rNrFgnd4nd1pz8lZx9amU"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
client-log
www.sandbox.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2dc143069911ce233c5d45b591ecd112bdd59f25aa58c7666c56fc32e62c6e4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-QDC2cV7910Q2Mlw+4rzvb5XaNh7nxxextbj3EkhfZxXt8Ez7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-QDC2cV7910Q2Mlw+4rzvb5XaNh7nxxextbj3EkhfZxXt8Ez7' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f56965902342e
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220074-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.650159,VS0,VE391
etag
W/"853-giLg3sZ/NNlct2nXJam9KwIYuGc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
cookie-banner
www.sandbox.paypal.com/signin/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/cookie-banner?flowId=EC-3YN31985UN623290W&cookieBannerVariant=hidden&
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c14cec4c92ac71b25184ce77a0c58501eb1a915c493ff908c9a2da5a9e00d5fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-fzaage1or6zuhFKXIdTzlpJvovI5AuOBmNsUAu6MCg17w1gV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-fzaage1or6zuhFKXIdTzlpJvovI5AuOBmNsUAu6MCg17w1gV' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f5696599399e0
server-timing
content-encoding;desc=gzip
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220082-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.650145,VS0,VE250
etag
W/"48ad-Q2i6bNItuWveUL7UjQC6vdG0Oow"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
load-resource
www.sandbox.paypal.com/signin/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82de11a1a43ecdcfa42ca7abb724aaddfd0990650c95cbf70e721844c9f0b153
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Q5SiPgHXBhy78jYCCG4b1zY3NjLyigYx+iIYYVLpiWrnjLAJ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Q5SiPgHXBhy78jYCCG4b1zY3NjLyigYx+iIYYVLpiWrnjLAJ' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f5696596477d9
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220093-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.661318,VS0,VE305
etag
W/"4530-juGu4oDLyM2JfuN15HBuGke+WIg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
client-log
www.sandbox.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9bef891ad0239d27beabe1ed30e456943790f86ea01a2761553ceeeefe80619
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9t5j0qYYKEQvRw9q4AjTJncazw5CmSTbOU8DdGAlsP5T8/SC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-9t5j0qYYKEQvRw9q4AjTJncazw5CmSTbOU8DdGAlsP5T8/SC' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f56965908d892
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220079-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.661699,VS0,VE291
etag
W/"800-o3oSaCpOz9vBxqOhIgN7ouFlgOs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
client-log
www.sandbox.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
055b22b15fc5c66975f257700cd7a4906dafef1ee0849c634503006d20d924af
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0Mof/4kHhkv/QvATeqxmd2Po8DTbm070K4CskUk0O6cJKlBR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-0Mof/4kHhkv/QvATeqxmd2Po8DTbm070K4CskUk0O6cJKlBR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f5696592f8e1c
server-timing
content-encoding;desc=gzip
fastly-restarts
1
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230109-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.661691,VS0,VE282
etag
W/"800-L+qB55OzUlng2DzpUISubOQPav4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
i
c.paypal.com/v1/r/d/ Frame A5E3 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandbox.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ch
sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
141
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
a5a869e00454b
date
Fri, 19 Jan 2024 05:30:56 GMT
origin-trial
A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id
a5a869e00454b
server
ECAcc (frc/4CD8)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000a5a869e00454b-1e4ab8e76cda14cb-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v1/ Frame 9A0F
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 05:30:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS03SkczNDM1MjdNNjA1NzAySiZpPTE4NS4yMzYuMjAzLjEwMCZ0PTE3MDU2NDIyNTYuMDE4JmE9MjEmcz1VTklGSUVEX0xPR0lOHUN0Dldk5Dmb-YeSE5g64_aQXfA
Date
Fri, 19 Jan 2024 05:30:57 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
p3
c6.paypal.com/v1/r/d/b/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=BA-7JG343527M605702J&s=UL_CHECKOUT_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
paypal-debug-id
f700e99da4a32
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
0
x-served-by
cache-fra-eddf8230084-FRA, cache-cph2320030-CPH
correlation-id
f700e99da4a32
traceparent
00-0000000000000000000f700e99da4a32-2ff9825eab7adbb8-01
x-timer
S1705642257.940832,VS0,VE209
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1705642256914&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1705642255961&calc=f402746347185&nsid=yccs_-MQH5SjXwG47bAwTo4uGYDZPbXZ&rsta=da_DK&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DK&csci=438a52ca7c924b0a94faf7e038b762ab&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-3YN31985UN623290W&flid=EC-3YN31985UN623290W&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-3YN31985UN623290W&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fcheckoutweb%2Fexperience&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&e=ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 Jan 2024 05:30:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5ed73b51a4b68
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220053-FRA, cache-cph2320036-CPH
pragma
no-cache
correlation-id
5ed73b51a4b68
traceparent
00-00000000000000000005ed73b51a4b68-fb5ad72237bb0932-01
x-timer
S1705642257.982728,VS0,VE180
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 05:30:57 GMT
verifychallenge
www.sandbox.paypal.com/auth/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/auth/verifychallenge
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-7KcT669l2wxcN2X7n3ilrCaynf3YcoFUHMdE8eYNpPnjw1MA' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
X-Requested-With
XMLHttpRequest
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-7KcT669l2wxcN2X7n3ilrCaynf3YcoFUHMdE8eYNpPnjw1MA' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 05:30:57 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f569659b21c02
server-timing
content-encoding;desc=br
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230043-FRA, cache-cph2320049-CPH
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1705642257.994516,VS0,VE197
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
fb.js
c.paypal.com/da/r/ Frame A5E3 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7CA7) /
Resource Hash
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 05:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
b6ae25593a4f9
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
last-modified
Wed, 13 Dec 2023 22:28:54 GMT
server
ECAcc (daa/7CA7)
traceparent
00-0000000000000000000b6ae25593a4f9-8f48d27cafa63ec6-01
etag
W/"657a3026-1026d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
x-csrf-token
expires
Sat, 20 Jan 2024 05:30:57 GMT
ts
t.paypal.com/ 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1705642257123&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1705642255961&calc=f402746347185&nsid=yccs_-MQH5SjXwG47bAwTo4uGYDZPbXZ&rsta=da_DK&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DK&csci=438a52ca7c924b0a94faf7e038b762ab&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100208%2C100183%2C100332%2C100332%2C101644%2C101644%2C100732%2C100733%2C100208%2C101644&xt=107239%2C100438%2C100927%2C100927%2C105821%2C105821%2C102335%2C102337%2C107239%2C105821&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-3YN31985UN623290W&flid=EC-3YN31985UN623290W&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-3YN31985UN623290W&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fcheckoutweb%2Fexperience&e=im&imsrc=setup&view=%7B%22t10%22%3A66%2C%22t11%22%3A5453%2C%22tcp%22%3A5191%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Log%20p%C3%A5%20din%20PayPal-konto&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=66&t1c=66&t1d=0&t1s=19&t2=1536&t3=129&t4d=0&t4=0&t4e=5&tt=5406&rdc=0&protocol=h2&cenc=gzip&res=%7B%7D&t12=5258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 Jan 2024 05:30:57 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2b3cd4a08af6f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230110-FRA, cache-cph2320036-CPH
pragma
no-cache
correlation-id
2b3cd4a08af6f
traceparent
00-00000000000000000002b3cd4a08af6f-2f40a122fd3b77b8-01
x-timer
S1705642257.131192,VS0,VE169
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 05:30:57 GMT
collectorPost
postcollector.paypal.com/collector/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postcollector.paypal.com/collector/collectorPost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltdid,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method
POST
Origin
https://www.sandbox.paypal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltdid, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods
POST
access-control-allow-origin
https://www.sandbox.paypal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Fri, 19 Jan 2024 05:30:57 GMT
server
istio-envoy
strict-transport-security
max-age=31557600
vary
Accept-Encoding,Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
0
x-served-by
cache-cph2320042-CPH
x-timer
S1705642257.183859,VS0,VE382
collectorPost
postcollector.paypal.com/collector/ 		38 B
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postcollector.paypal.com/collector/collectorPost
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Content-Encoding
gzip
X-Tealeaf-SaaS-TLTDID
46964384911327317706215357178630
X-Tealeaf
device (UIC) Lib/6.4.65
X-Tealeaf-SyncXHR
false
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
48117909690043973042076378490026
X-Requested-With
fetch
X-TealeafType
GUI
accept-language
da-DK,da;q=0.9
X-PageId
P.XAA82YVPUP8NNC7YSWL9P7V6LD3A
X-TeaLeaf-Page-Url
/webscr
Referer
https://www.sandbox.paypal.com/

Response headers

x-cache-hits
0
date
Fri, 19 Jan 2024 05:30:57 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
x-cache
MISS
tltsid
48117909690043973042076378490026
x-envoy-upstream-service-time
1
nodeid
wscollector-66b9bcb89d-j92x7
content-length
38
x-served-by
cache-cph2320042-CPH
dcname
prod-dal
server
istio-envoy
x-timer
S1705642258.600626,VS0,VE100
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.sandbox.paypal.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 31 Dec 1998 12:00:00 GMT
p1
c.paypal.com/v1/r/d/b/ Frame A5E3 		212 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A8) /
Resource Hash
9dab6be904f570f442dff8d0c90b1f681392d9f1e8f48b015a610a868e6bb4fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
disable-set-cookie
true
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
fd7ea22713d95
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
content-length
212
correlation-id
fd7ea22713d95
server
ECAcc (lhd/35A8)
traceparent
00-0000000000000000000fd7ea22713d95-92bbf5038e11ae90-01
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
e
c.paypal.com/v1/r/d/b/ Frame A5E3 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 Jan 2024 05:30:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
650ff9c1b8858
server
ECAcc (lhd/35E6)
traceparent
00-0000000000000000000650ff9c1b8858-12b6e718b1f86254-01
vary
Accept-Encoding
access-control-allow-origin
https://www.paypal.com
paypal-debug-id
650ff9c1b8858
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
traceparent;desc="00-0000000000000000000650ff9c1b8858-eb4aaa3bc8fa2c27-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1705642258124&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1705642255961&calc=f402746347185&nsid=yccs_-MQH5SjXwG47bAwTo4uGYDZPbXZ&rsta=da_DK&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DK&csci=438a52ca7c924b0a94faf7e038b762ab&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100208%2C100183%2C100332%2C100332%2C101644%2C101644%2C100732%2C100733%2C100208%2C101644&xt=107239%2C100438%2C100927%2C100927%2C105821%2C105821%2C102335%2C102337%2C107239%2C105821&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-3YN31985UN623290W&flid=EC-3YN31985UN623290W&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-3YN31985UN623290W&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fcheckoutweb%2Fexperience&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=187&t3=1&tt=188&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A0%2C%22t11%22%3A188%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 Jan 2024 05:30:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
00b3b67138f0a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230134-FRA, cache-cph2320036-CPH
pragma
no-cache
correlation-id
00b3b67138f0a
traceparent
00-000000000000000000000b3b67138f0a-5fc42e2fa20b959f-01
x-timer
S1705642258.132036,VS0,VE179
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 05:30:58 GMT
ts
t.paypal.com/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1705642258124&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1705642255961&calc=f402746347185&nsid=yccs_-MQH5SjXwG47bAwTo4uGYDZPbXZ&rsta=da_DK&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DK&csci=438a52ca7c924b0a94faf7e038b762ab&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100208%2C100183%2C100332%2C100332%2C101644%2C101644%2C100732%2C100733%2C100208%2C101644&xt=107239%2C100438%2C100927%2C100927%2C105821%2C105821%2C102335%2C102337%2C107239%2C105821&transition_name=ss_prepare_email&userRedirected=true&fltk=EC-3YN31985UN623290W&flid=EC-3YN31985UN623290W&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&context_id=EC-3YN31985UN623290W&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fcheckoutweb%2Fexperience&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=207&t3=2&tt=210&protocol=h2&cdn=edgecast&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A210%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.sandbox.paypal.com/webscr?useraction=continue&cmd=_express-checkout&token=EC-3YN31985UN623290W
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Fri, 19 Jan 2024 05:30:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
c6834403fadca
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230063-FRA, cache-cph2320036-CPH
pragma
no-cache
correlation-id
c6834403fadca
traceparent
00-0000000000000000000c6834403fadca-b9d0474fb77561dc-01
x-timer
S1705642258.132289,VS0,VE224
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 05:30:58 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| paypalADSInterceptorInjected object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| fptiOptions boolean| trackLazyData object| _ifpti object| latmconf object| laDataLayer object| pako object| TLT function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x500904 function| _0x1936 object| d function| dffaafafbaeebdbafb function| _0x5e02 object| err

16 Cookies

Domain/Path Name / Value
.mein.dk-online.works/ Name: ovs_frontend
Value: h37oggpkkk06lpq4le8uv0ls8s
.dk-online.works/ Name: creid
Value: 1788495530156199910
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: 438a52ca7c924b0a94faf7e038b762ab1705642255977
.paypal.com/ Name: LANG
Value: da_DK%3BDK
www.sandbox.paypal.com/ Name: nsid
Value: s%3Ayccs_-MQH5SjXwG47bAwTo4uGYDZPbXZ.mRd5kDz7Cqyn%2BcYw4R6NXw14tXrpISmH0ewohgZTdMc
.paypal.com/ Name: ts_c
Value: vr%3D203361da18d0a6022c7afb5df9ac75e3%26vt%3D203361da18d0a6022c7afb5df9ac75e2
.paypal.com/ Name: TLTSID
Value: 48117909690043973042076378490026
.paypal.com/ Name: TLTDID
Value: 46964384911327317706215357178630
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.stats.paypal.com/ Name: c
Value: 0784782cfbde1244de37
www.sandbox.paypal.com/ Name: _pxhd
Value: ddabda9153b95d753d3731e22848e3e2d905fd14ec326fef7b0317669ddebc43:ebbffe44-b68b-11ee-aebb-150be37c54f7
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTcwNTY0MjI1NzExMiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1800250258%26vteXpYrS%3D1705644058%26vr%3D203361da18d0a6022c7afb5df9ac75e3%26vt%3D203361da18d0a6022c7afb5df9ac75e2%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-BELeNVazrYaV8E94VxQL+DIHO4XDFx93M0REniqgrfBbLVXD' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
mein.dk-online.works
postcollector.paypal.com
t.paypal.com
www.paypalobjects.com
www.sandbox.paypal.com
151.101.1.21
151.101.1.35
151.101.129.35
192.229.221.25
2a04:4e42:400::291
64.4.245.84
85.215.180.174
055b22b15fc5c66975f257700cd7a4906dafef1ee0849c634503006d20d924af
0ec34b2c64cf8ac9e34f0ab429c9b2909b504c4c4ffc9a550a4a39771d410ec8
116b38773e8b975f3404a0928a999967b33dd2688c933363319d70690081572c
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
2dc143069911ce233c5d45b591ecd112bdd59f25aa58c7666c56fc32e62c6e4d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
4bd5804a5c0dbe0d1af0770f64fb35ca36544f23c2a325d0447ddaa7a164b6f2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b3fac30ab9740fed79d8c1938168e5af744532870292c73d08cad112fbf449
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5
6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1061b8e2508139f9bc0bcba2420f6359e3ca2c098261a5bbb0fdba849abfd8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6fc228cefa26f2917c7ef238654afd0d278c43c821ca4d537aa112b2d2c8993f
82de11a1a43ecdcfa42ca7abb724aaddfd0990650c95cbf70e721844c9f0b153
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9dab6be904f570f442dff8d0c90b1f681392d9f1e8f48b015a610a868e6bb4fe
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b9bef891ad0239d27beabe1ed30e456943790f86ea01a2761553ceeeefe80619
c14cec4c92ac71b25184ce77a0c58501eb1a915c493ff908c9a2da5a9e00d5fa
d5616af6eb34e0d8ede9be6ccd6078cf3fdd188f80a4a08b790fda89cb40a578
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
d62ce55eafd625dbe9d16c9b16867703406313db3e17e9d3c55d898c76cc6d21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6acf7d4a9509d0b6ffdbe7a439b7c36d6ed4aedd669ae024f1e1f03c7b269e5
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5