www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/rgDxyg
Effective URL:
https://www.paypal.com/signin
Submission: On December 19 via manual (December 19th 2024, 9:07:53 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 60 HTTP transactions. The main IP is 151.101.1.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3003.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	103.61.228.11 103.61.228.11	134367 (GIBZTECH-...) (GIBZTECH-AS-AP GIBSON)
1 1	185.208.164.58 185.208.164.58	41079 (CF-GDA Cy...) (CF-GDA Cyber_Folks S.A.)
2 2	151.101.3.1 151.101.3.1	54113 (FASTLY) (FASTLY)
22	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	18.245.46.2 18.245.46.2	16509 (AMAZON-02) (AMAZON-02)
24	151.101.195.1 151.101.195.1	54113 (FASTLY) (FASTLY)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	2600:1901:0:c... 2600:1901:0:c072::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1 2	34.147.177.40 34.147.177.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
60	9

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.61.228.11 (Australia) 2 redirects

ASN134367 (GIBZTECH-AS-AP GIBSON, ADAM GORDON TA GIBZTECH, AU)

www.achaa.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.208.164.58 (Poland) 1 redirects

ASN41079 (CF-GDA Cyber_Folks S.A., PL)
PTR: s58.cyber-folks.pl

dashboard-paypal-user.cfolks.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.3.1 (San Francisco, United States) 2 redirects

ASN54113 (FASTLY, US)

paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.46.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-2.fra56.r.cloudfront.net

ddbm2.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.195.1 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.147.177.40 (London, United Kingdom) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lhr.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	paypal.com 2 redirects paypal.com — Cisco Umbrella Rank: 2253 www.paypal.com — Cisco Umbrella Rank: 3003 ddbm2.paypal.com — Cisco Umbrella Rank: 18922 c.paypal.com — Cisco Umbrella Rank: 8145 b.stats.paypal.com — Cisco Umbrella Rank: 6750 lhr.stats.paypal.com — Cisco Umbrella Rank: 46343 c6.paypal.com — Cisco Umbrella Rank: 9713 t.paypal.com — Cisco Umbrella Rank: 3701	154 KB
24	paypalobjects.com 1 redirects www.paypalobjects.com — Cisco Umbrella Rank: 2811 paypalobjects.com — Cisco Umbrella Rank: 2786	418 KB
4	browser-intake-us5-datadoghq.com browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6900	752 B
2	achaa.com.au 2 redirects www.achaa.com.au	719 B
1	cfolks.pl 1 redirects dashboard-paypal-user.cfolks.pl	284 B
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 175187	360 B
60	6

	Domain	Requested by
23	www.paypalobjects.com	www.paypal.com www.paypalobjects.com c.paypal.com
18	www.paypal.com	www.paypalobjects.com
7	c.paypal.com	www.paypalobjects.com
4	browser-intake-us5-datadoghq.com	www.paypalobjects.com
3	ddbm2.paypal.com	www.paypal.com www.paypalobjects.com
2	t.paypal.com
2	www.achaa.com.au	2 redirects
1	c6.paypal.com
1	lhr.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	paypalobjects.com	1 redirects
1	paypal.com	1 redirects
1	dashboard-paypal-user.cfolks.pl	1 redirects
1	is.gd	1 redirects
60	14

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
ddbm.paypal.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-02`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2024-08-26` - `2025-08-25`	a year	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-07-02`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2025-06-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/signin
Frame ID: FA1FB4AEFD1565ADC01502FAAA0BED20
Requests: 53 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: C04406A719E0B899485899DA9A90DE38
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM
Frame ID: 1D2D422EFBAFE2EDD05BA2185F700B5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loggen Sie sich bei PayPal ein

Page URL History Show full URLs

https://is.gd/rgDxyg HTTP 301
https://www.achaa.com.au/paypal/pay_red_868?471916861749 HTTP 301
https://www.achaa.com.au/paypal/pay_red_868/?471916861749 HTTP 302
https://dashboard-paypal-user.cfolks.pl/paypal/dashboard/index.php HTTP 302
https://paypal.com/signin HTTP 301
https://www.paypal.com/signin Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

60
Requests

95 %
HTTPS

25 %
IPv6

6
Domains

14
Subdomains

9
IPs

4
Countries

573 kB
Transfer

1870 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/rgDxyg HTTP 301
https://www.achaa.com.au/paypal/pay_red_868?471916861749 HTTP 301
https://www.achaa.com.au/paypal/pay_red_868/?471916861749 HTTP 302
https://dashboard-paypal-user.cfolks.pl/paypal/dashboard/index.php HTTP 302
https://paypal.com/signin HTTP 301
https://www.paypal.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js HTTP 301
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

Request Chain 43

https://b.stats.paypal.com/v1/counter.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM HTTP 302
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
www.paypal.com/
Redirect Chain

https://is.gd/rgDxyg
https://www.achaa.com.au/paypal/pay_red_868?471916861749
https://www.achaa.com.au/paypal/pay_red_868/?471916861749
https://dashboard-paypal-user.cfolks.pl/paypal/dashboard/index.php
https://paypal.com/signin
https://www.paypal.com/signin

33 KB
13 KB

274ms
243ms

Document
text/html

151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5d409f5006b66be52dc60512804199f8ec15ea27832d4089c41c42e394b2dce6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ZUm27UvGTua4cAZzFtzEBkvEWPQl5MozPzlYYArKBmOA30F0' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ZUm27UvGTua4cAZzFtzEBkvEWPQl5MozPzlYYArKBmOA30F0' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 19 Dec 2024 09:07:47 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"7f9e-uBKyzThb6n5copGKAU0P5ClFRNc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f939651ff3fe6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f939651ff3fe6-b0e836f1956a11a7-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-timer: S1734599268.502339,VS0,VE236
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
cache-control: max-age=86400
content-length: 0
date: Thu, 19 Dec 2024 09:07:47 GMT
location: https://www.paypal.com/signin
retry-after: 0
server: Varnish
strict-transport-security: max-age=300
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230146-FRA
x-timer: S1734599267.462334,VS0,VE1

GET
H2 200 tags.js Show response
ddbm2.paypal.com/ 176 KB
35 KB 48ms
10ms Script
text/javascript 18.245.46.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/tags.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-2.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

content-encoding: br
x-amz-version-id: iPQh.0jv4_GwoRqiOqbFu_kzpGqA0_Di
etag: W/"1dc8e31226cdaf246fe01ee48923829c"
age: 1453
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: AQ0jUKsR8dkZz2QmKzABfK2j2mfdasTq8ewedamQLWVCue5JHKd5Sw==
date: Thu, 19 Dec 2024 08:43:35 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Wed, 18 Dec 2024 16:41:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 6c21a88f98dc05bf345d31b96407e6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
7 KB 47ms
11ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: a77965c451857
content-encoding: br
etag: W/"6697f682-5a55"
x-content-type-options: nosniff
traceparent: 00-0000000000000000000a77965c451857-4b2e123352761e2c-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
x-served-by: cache-sjc10023-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 4, 64849
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.816446,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 6477

GET
H2 200 contextualLoginElementalUIv4.css
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/ 199 KB
27 KB 44ms
8ms Stylesheet
text/css 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6bfdec2051cd5e64a40a3115dced7bffee57b4ce96b6d4c0dfb65c2bf6905f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 28dab6720b5a7
content-encoding: br
etag: W/"6737ef0b-31ca6"
x-content-type-options: nosniff
access-control-allow-methods: GET
expires: Sun, 16 Nov 2025 01:31:19 GMT
traceparent: 00-000000000000000000028dab6720b5a7-917b4d4b831f1b34-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: text/css
last-modified: Sat, 16 Nov 2024 01:02:03 GMT
x-served-by: cache-sjc1000122-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 7, 17844
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.816030,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27887

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/ 4 KB
2 KB 43ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/modernizr-2.6.1.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 34d9ac37c8666
content-encoding: br
etag: W/"6737ef18-edf"
x-content-type-options: nosniff
access-control-allow-methods: GET
expires: Sun, 16 Nov 2025 01:27:58 GMT
traceparent: 00-000000000000000000034d9ac37c8666-3274c8cbd63264c0-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:16 GMT
x-served-by: cache-sjc10063-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 7, 34720
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.816011,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1635

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 1 KB
1 KB 46ms
10ms Image
image/png 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

fastly-io-info: ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
paypal-debug-id: 21ccfda19d674
etag: "juRbjo28Q9q7Ca+T2l9coQ3XNXGGGPrTLd30UBTHy+M"
x-content-type-options: nosniff
traceparent: 00-000000000000000000021ccfda19d674-94cdccbf21580c30-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: image/png
x-served-by: cache-sjc10049-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 10, 47656
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.817032,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1238
fastly-io-served-by: vpop-haf2300710

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 47ms
11ms Image
image/png 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

fastly-io-info: ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
paypal-debug-id: 1ebda5f5a8b15
etag: "06e7g2A2uh9gOtrAR/AAX1pvXevadwBfhbhh/bNOQEI"
x-content-type-options: nosniff
traceparent: 00-00000000000000000001ebda5f5a8b15-e3a3313765eb9f32-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: image/png
x-served-by: cache-sjc1000122-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 1724, 47642
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.816815,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1709
fastly-io-served-by: vpop-haf2300705

GET
H2

200

index.js Show response
www.paypalobjects.com/ae/0.16.0/atomic-events-dom/
Redirect Chain

https://paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

26 KB
8 KB

7ms
6ms

Script
application/javascript

151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4ec5db9f5bb7f
content-encoding: br
etag: W/"67044f43-695c"
x-content-type-options: nosniff
traceparent: 00-00000000000000000004ec5db9f5bb7f-2e90af2e2d7562a4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 21:14:43 GMT
x-served-by: cache-sjc1000136-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 2, 48063
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.854047,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 7699

Redirect headers

strict-transport-security: max-age=300
cache-control: max-age=86400
retry-after: 0
location: https://www.paypalobjects.com/ae/0.16.0/atomic-events-dom/index.js
x-timer: S1734599268.836294,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 0
date: Thu, 19 Dec 2024 09:07:47 GMT
x-served-by: cache-fra-eddf8230146-FRA
server: Varnish
x-cache-hits: 0

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/rdaAssets/fraudnet/sync/ 6 KB
3 KB 8ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/rdaAssets/fraudnet/sync/fn-sync-telemetry-min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae0af2e9035626ebcc82aedffe6939e8de145879607cc94c5f1ea379f94a12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 7a9828e64c48c
content-encoding: br
etag: W/"67230a66-19a5"
access-control-allow-methods: GET
x-content-type-options: nosniff
traceparent: 00-00000000000000000007a9828e64c48c-7f7b944868c92c65-01
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 04:41:10 GMT
x-served-by: cache-sjc10059-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 0, 58875
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.830198,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2546

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/ 255 KB
51 KB 8ms
8ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/signin-split.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b24fa2b87e3d9cd751cbca83023fe4213d616d5051695fc9b529aba4e0f10ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 73858b030426f
content-encoding: br
etag: W/"6737ef17-3fa7b"
x-content-type-options: nosniff
access-control-allow-methods: GET
expires: Sun, 16 Nov 2025 01:27:58 GMT
traceparent: 00-000000000000000000073858b030426f-6a1741cfc418d39c-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:15 GMT
x-served-by: cache-sjc10022-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 11, 5309
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.840880,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51697

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 69 KB
25 KB 12ms
12ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 38b4909fabe9c
content-encoding: br
etag: W/"675a7485-11212"
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-000000000000000000038b4909fabe9c-39a82f7a24c66422-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 05:28:37 GMT
x-served-by: cache-sjc1000121-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 4, 15493
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.841185,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24676

GET
H2 200 datadog-rum.js Show response
www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/ 159 KB
50 KB 7ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/lib/datadog-rum.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4f893b11004d6
content-encoding: br
etag: W/"6737ef18-27b83"
x-content-type-options: nosniff
access-control-allow-methods: GET
expires: Sun, 16 Nov 2025 01:27:59 GMT
traceparent: 00-00000000000000000004f893b11004d6-ec038e85e90f7c0f-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 01:02:16 GMT
x-served-by: cache-sjc1000091-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 11, 7232
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.841084,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51008

GET
H2 200 grcenterprise_v3_static.js Show response
www.paypalobjects.com/webcaptcha/ 6 KB
2 KB 8ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 25fd6825c69f6
content-encoding: br
etag: W/"65f1e42c-180e"
x-content-type-options: nosniff
traceparent: 00-000000000000000000025fd6825c69f6-74883839e4754c2d-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 17:36:44 GMT
x-served-by: cache-sjc10072-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 7, 53933
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.841057,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1680

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 709 B
606 B 12ms
11ms Image
image/svg+xml 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Response headers

paypal-debug-id: 1ffebe234027c
content-encoding: br
etag: W/"66d9ab63-2c5"
x-content-type-options: nosniff
traceparent: 00-00000000000000000001ffebe234027c-3da441485e82e581-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Sep 2024 13:00:19 GMT
x-served-by: cache-sjc10044-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 3, 53662
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.844219,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 396

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 22ms
8ms Font
application/font-woff2 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Response headers

paypal-debug-id: 6ebaf6db24abf
etag: "6298f2c0-6b41"
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
x-served-by: cache-sjc10020-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 1754, 17818
content-type: application/font-woff2
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
log-origin: shield=SJC,src_ip=157.52.96.20,alternate_path=0,ip=157.52.96.20,port=443,name=shield_ssl_cache_sjc10020_SJC,status=200,reason=OK,method=GET,url="/paypal-ui/fonts/PayPalOpen-Regular.woff2",host=www.paypalobjects.com
x-timer: S1734599268.867015,VS0,VE0
via: 1.1 varnish, 1.1 varnish
log-timing: fetch=149072,misspass=88,do_stream=0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27457

GET
H2 200 PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ 26 KB
27 KB 21ms
7ms Font
application/font-woff2 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Bold.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/css/contextualLoginElementalUIv4.css

Response headers

paypal-debug-id: 4289e4f0d808d
etag: "6298f2c0-684c"
access-control-allow-methods: GET
x-content-type-options: nosniff
traceparent: 00-00000000000000000004289e4f0d808d-758dc4815fa8a3ba-01
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
x-served-by: cache-sjc1000126-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 2, 14626
content-type: application/font-woff2
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.867002,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26700

GET
H2 200 mktgtagmanager.js Show response
www.paypalobjects.com/martech/tm/paypal/ 16 KB
6 KB 7ms
6ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 6d094eca696e8
content-encoding: br
etag: W/"67042d91-3eb4"
access-control-allow-methods: GET
x-content-type-options: nosniff
traceparent: 00-00000000000000000006d094eca696e8-26c35fad44a6c71b-01
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:50:57 GMT
x-served-by: cache-sjc10061-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 1, 26802
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.885564,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6260

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/paypal/ 15 KB
4 KB 8ms
8ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a2d75690a2a969570d48e4f86351e06dc99da07cb3f8dac74f03de55850f0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 0737736fa4f9c
content-encoding: br
etag: W/"675a7485-3adf"
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-00000000000000000000737736fa4f9c-d8d74a07e6232b60-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 05:28:37 GMT
x-served-by: cache-sjc1000117-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 6, 14240
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.885773,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4129

GET
H2 200 grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame C044 0
0 79ms
17ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C97) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 1880
content-type: text/html
date: Thu, 19 Dec 2024 09:07:47 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6633898b-19bd"
expires: Thu, 19 Dec 2024 10:07:47 GMT
last-modified: Thu, 02 May 2024 12:39:39 GMT
paypal-debug-id: 5c8f7450badc3
server: ECAcc (frc/4C97)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005c8f7450badc3-9d357118f9285a0c-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET b2927916-2232-4935-b1ef-5604f7e02ad1
https://www.paypal.com/ Frame 0
0

GET
H2 200 mktconf.js Show response
www.paypalobjects.com/martech/tm/paypal/ 326 KB
28 KB 7ms
6ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ac9a40e3d9f8c16b6ad83f112ab91498a7dd9aad71a7abdce585c2506a128a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4e73565807071
content-encoding: br
etag: W/"675a8fbb-519b8"
access-control-allow-methods: GET
x-content-type-options: nosniff
traceparent: 00-00000000000000000004e73565807071-30e87fc0d1b23581-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 07:24:43 GMT
x-served-by: cache-sjc1000113-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 10, 14113
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
vary: Accept-Encoding, Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.908724,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28229

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.137/ 203 KB
59 KB 7ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.137/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

228ad520746dbdfa971029c803290f5d6e036effbfabe764050d131b046aedf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: f7ebf8029fa09
content-encoding: br
etag: W/"675a7485-32c98"
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-0000000000000000000f7ebf8029fa09-7611a91dc5295ff1-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 05:28:37 GMT
x-served-by: cache-sjc10030-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 4, 13667
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.910369,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59714

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
340 B 213ms
160ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=6a8a305d-711b-4f17-bf25-6d2d3a4ab7b1&batch_time=1734599267924

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

29c6df0a89d6035a3d64023b7e7bc9f31e3e2e3fd82618aaf937fd3986ec6157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/json
dd-request-id: 6a8a305d-711b-4f17-bf25-6d2d3a4ab7b1

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.137/ 7 KB
3 KB 8ms
7ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.137/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f19efd70ed948ca16f507bd7f1b74bd9c6ff2022586cf62611c16ed9493758b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 662244abb24c4
content-encoding: br
etag: W/"675a7485-1c7b"
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-0000000000000000000662244abb24c4-2bccad82b626b08b-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 05:28:37 GMT
x-served-by: cache-sjc1000128-SJC, cache-fra-eddf8230054-FRA
x-cache-hits: 3, 13640
vary: Accept-Encoding, Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.934139,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2722

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 219ms
217ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51644938a4a54724b7ef40a8be83d98a34d4ce1f8e37eaa5a96feaf46c0ef8e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-YvRnRhN0g+uz1BdYESW4KIZaxyvcL9cfuXrwNmT0/6+9XOaH' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f93965128f416
content-encoding: gzip
etag: W/"7fb-LiIQ6OXUaQ0QOMaNvVbQmxMDVcc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f93965128f416-3d755d1b60250a57-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-YvRnRhN0g+uz1BdYESW4KIZaxyvcL9cfuXrwNmT0/6+9XOaH' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.989930,VS0,VE209
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 216ms
216ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3414f3d97c24434504ff85ef94ac26834efc27918ea495450c5521a605458cb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b5rPVaSs2a7jkTYve9K4YWdrxJ7IjT5ATfXc3RbIhQHr2X9L' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651e653a6
content-encoding: gzip
etag: W/"827-rCPgGNmW9SUUu1VyZrk3cuj8UjU"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651e653a6-0e2160800241dea9-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b5rPVaSs2a7jkTYve9K4YWdrxJ7IjT5ATfXc3RbIhQHr2X9L' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.989493,VS0,VE208
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 fb_fp.js Show response
c.paypal.com/da/r/ 69 KB
24 KB 51ms
31ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb_fp.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/087/9f731d8bcedd5b7e7a3975c024278/js/signin-split.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

154f00ee27d38857eddc2ce0bb9b8fce80743ffa96b1be02de2e4dec4d21a058

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

access-control-max-age: 86400
paypal-debug-id: 5691d6c1965d0
content-encoding: gzip
etag: W/"673387c8-113d7"
age: 2013299
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-00000000000000000005691d6c1965d0-708f4f04f74d8f9f-01
expires: Fri, 20 Dec 2024 09:07:48 GMT
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, MISS, HIT
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 16:52:24 GMT
x-served-by: cache-sjc10060-SJC, cache-fra-etou8220073-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 4, 0, 193216
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=86400
timing-allow-origin: *
x-timer: S1734599268.030661,VS0,VE2
access-control-allow-credentials: false
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23536

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 231ms
230ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b40135d2cb63c0b163eff198900cb04672acbdb9e702fa8d68e24738c0660b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-S1IIfPDby5rc4DiQQSpBklvwHgHUY+XiG9G5uAFBH8AQ9Npp' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651f40837
content-encoding: gzip
etag: W/"776-R7perI7yKFg+bGEC62i+Ccg+QmQ"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651f40837-c7c19788389a2935-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-S1IIfPDby5rc4DiQQSpBklvwHgHUY+XiG9G5uAFBH8AQ9Npp' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.990951,VS0,VE223
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 340ms
339ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a79abb420d3c3959aeaffac39b9e1c99add33ffb3f8676d86c42d247dc63e3d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Do68ld/4Sa6GK/EoymxUfeuaXXqkEhQ04SDlXEFbEfu0mhdU' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651f9bfee
content-encoding: gzip
etag: W/"79b-YngDP467EupxRxLKNBXVRY8Hpig"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651f9bfee-086629d7ef405710-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Do68ld/4Sa6GK/EoymxUfeuaXXqkEhQ04SDlXEFbEfu0mhdU' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.991270,VS0,VE331
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 218ms
217ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0cda4e6038b5eac291701bc280593f62e625dbb80042a38577b87efb0bb39ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-lWWVOjlDSd221Fmf1njXziY52onhok8/mC+8PSAWjsH1rSbz' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651786f2a
content-encoding: gzip
etag: W/"7cd-W/GMw4V8w0ZhSFZ13kWS5wz/EPo"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651786f2a-7f59847172cdd65c-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-lWWVOjlDSd221Fmf1njXziY52onhok8/mC+8PSAWjsH1rSbz' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.996198,VS0,VE205
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 255ms
254ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bac63e7dbdbcd213328172d45303eaa739b508b0556df0c9a154ad48a7f73c09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ZDUleUydVflmkw9PwokKiqB1xGEfujHqNNrzCvCyYIqJI3rO' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651e5bf3f
content-encoding: gzip
etag: W/"7e6-7IDPWkCzeEwB3LIO8Nc1pKeFz/I"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651e5bf3f-41f6d798f706feda-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ZDUleUydVflmkw9PwokKiqB1xGEfujHqNNrzCvCyYIqJI3rO' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.998063,VS0,VE241
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 261ms
260ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03a403d06377c5e9c18bfd1f1ffa39ed9c24b4470121286070f3f6b46377fa2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b3+07wgCW5ea+VIM3j+qY6lFGwYglNQzmbPu/UCi8OljL8fT' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f93965142ad2b
content-encoding: gzip
etag: W/"829-d/GZ/I0Al+XiCwyfC8NDZieTErM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f93965142ad2b-cea6bd65b367e12c-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-b3+07wgCW5ea+VIM3j+qY6lFGwYglNQzmbPu/UCi8OljL8fT' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.998420,VS0,VE247
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 265ms
263ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62c9e0e8f9b068832352496b25dc2d91f4531a64c4dc274f03f82e6314cce1c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-1AKTiXwnLnxfw5u7eW2YkFVybta5wbgkUOjSvjNoz1nh5eSi' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651aa9d87
content-encoding: gzip
etag: W/"7fb-Gkc1/3uwjHNrEjpV4yPyu3MHrsE"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651aa9d87-fb0a102dc1f708a5-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-1AKTiXwnLnxfw5u7eW2YkFVybta5wbgkUOjSvjNoz1nh5eSi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.019151,VS0,VE230
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 233ms
233ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2047a07e8a00aa49fac869eae4b2ab0e3f8aea723e1f823596df2d48e9c8003b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-qTcHgpQfHhN2Mmf0pbt0PLHTU4ZdxW0nCji97U+72v/bZmrY' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f939651a5ad01
content-encoding: gzip
etag: W/"7b9-OQuL8/N5GYkIgYLQ/EQQxiniRSo"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651a5ad01-8d5cb1a7db1278f5-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-qTcHgpQfHhN2Mmf0pbt0PLHTU4ZdxW0nCji97U+72v/bZmrY' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.998826,VS0,VE219
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 cookie-banner Show response
www.paypal.com/signin/ 20 KB
8 KB 284ms
284ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/cookie-banner?cookieBannerVariant=hidden&

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

313aa7d81d43a63765b510de41e4340f47ed70ff1e0ae41f843531f5c359f587

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-exlVSdTK1Waii5BkbI0VJr7P/0vdXTKGoDhwxjvUba2NenTr' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json

Response headers

paypal-debug-id: f939651ccb5e9
content-encoding: gzip
etag: W/"4e7b-d0g6aotsVPWUthhU/v+SPvlynz0"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f939651ccb5e9-f766262ee10dc5f4-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-exlVSdTK1Waii5BkbI0VJr7P/0vdXTKGoDhwxjvUba2NenTr' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.998791,VS0,VE271
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 65 KB
16 KB 1707ms
1705ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2880313f69be71c091b95112ebbc86ec1bb245c5dd6c27c3d7c428f49ec521ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-/F89IvNMQbM28TXJW8CatXxKcP22OJt3bSBNTD4nGd/hcXB3' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f9396518d26e3
content-encoding: gzip
etag: W/"10519-mEbYn8hLnQ3ryy6uDvQkrPak5BU"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f9396518d26e3-dcdfeb9e8c5ad340-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:49 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-/F89IvNMQbM28TXJW8CatXxKcP22OJt3bSBNTD4nGd/hcXB3' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.000408,VS0,VE1692
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 261ms
261ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2446f5091f8f4fb8a732626497014f2d518cca4b6777c76a290f98f2d5786d0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-GqcFjELfCfQhAGV6moMF5gNBvpkbKphGYTDbdvBi1g6L0pPN' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f9396516e257d
content-encoding: gzip
etag: W/"776-HIeApsabwJdeT0WnCb2Z7plN4H8"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f9396516e257d-2a5ade77528fa71f-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-GqcFjELfCfQhAGV6moMF5gNBvpkbKphGYTDbdvBi1g6L0pPN' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.019148,VS0,VE228
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 241ms
239ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae4f58b9f70ad49a239542052acfeb9ea89e51078616a5b4937c0de2a5e19b54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-pBIBKPGYoTyBS6a+09rGXf9+iuYcnVBLcCoY9K8J36Vn0oTc' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f93965119c8cc
content-encoding: gzip
etag: W/"7a5-qtS5PwpAhtLWl3h0bWWqlcRMGnw"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f93965119c8cc-5a79ca2badaf16eb-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-pBIBKPGYoTyBS6a+09rGXf9+iuYcnVBLcCoY9K8J36Vn0oTc' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.020380,VS0,VE210
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 pp_favicon_x.ico
www.paypalobjects.com/en_US/i/icon/ 5 KB
2 KB 7ms
7ms Other
image/x-icon 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 71335001fc588
content-encoding: br
etag: W/"5d5637bd-1536"
x-content-type-options: nosniff
traceparent: 00-000000000000000000071335001fc588-bc1855abbe5884d0-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:47 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
x-served-by: cache-sjc10033-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 14164, 36068
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
log-origin: shield=SJC,src_ip=157.52.96.33,alternate_path=0,ip=157.52.96.33,port=443,name=shield_ssl_cache_sjc10033_SJC,status=200,reason=OK,method=GET,url="/en_US/i/icon/pp_favicon_x.ico",host=www.paypalobjects.com
x-timer: S1734599268.997619,VS0,VE0
via: 1.1 varnish, 1.1 varnish
log-timing: fetch=154275,misspass=100,do_stream=0
accept-ranges: bytes
content-length: 1309

OPTIONS
H2 200 p1
c.paypal.com/v1/r/d/b/ Frame 0
0 184ms
169ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 6a788994a09fd
date: Thu, 19 Dec 2024 09:07:48 GMT
paypal-debug-id: 6a788994a09fd
server-timing: "traceparent;desc="00-00000000000000000006a788994a09fd-9d96f82e97365a82-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000006a788994a09fd-4189944a66438066-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230062-FRA

OPTIONS
H2 200 p2
c.paypal.com/v1/r/d/b/ Frame 0
0 180ms
172ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 270e08fe774c5
date: Thu, 19 Dec 2024 09:07:48 GMT
paypal-debug-id: 270e08fe774c5
server-timing: "traceparent;desc="00-0000000000000000000270e08fe774c5-c18b95c97fb08c55-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000270e08fe774c5-7a11ad143529d752-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230062-FRA

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ 334 B
2 KB 195ms
194ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f14773e6fb61ec5798ae360c95c33b79d5e94bfa81e12a42ccfac66789b98f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: b2a4413223076
correlation-id: b2a4413223076
traceparent: 00-0000000000000000000b2a4413223076-2e330c48f2e96cc2-01
server-timing: "traceparent;desc="00-0000000000000000000b2a4413223076-3db77705fb0650ea-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230162-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 334

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ 15 B
468 B 190ms
190ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f00577f6e126a
correlation-id: f00577f6e126a
traceparent: 00-0000000000000000000f00577f6e126a-57ad83df2e666779-01
server-timing: "traceparent;desc="00-0000000000000000000f00577f6e126a-cdc33c2366f004ac-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230162-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 15

GET
H2 200 dfp.js Show response
www.paypalobjects.com/rdaAssets/fraudnet/ext/ 39 KB
13 KB 9ms
9ms Script
application/javascript 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/rdaAssets/fraudnet/ext/dfp.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb_fp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 0e36cbe61afdb
content-encoding: br
etag: W/"66843061-9bf0"
access-control-allow-methods: GET
x-content-type-options: nosniff
traceparent: 00-00000000000000000000e36cbe61afdb-a15fc2558a7feceb-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/javascript
last-modified: Tue, 02 Jul 2024 16:52:49 GMT
x-served-by: cache-sjc1000102-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 1, 23118
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599268.065385,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12953

GET
H/1.1

200
OK

counter2.cgi
lhr.stats.paypal.com/v1/ Frame 1D2D
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM
https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM

42 B
299 B

73ms
22ms

Image
image/jpeg

34.147.177.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM
Protocol: HTTP/1.1
Server: 34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.177.147.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

Content-Length: 42
Date: Thu, 19 Dec 2024 09:07:48 GMT
Content-Type: image/jpeg
Connection: close
Server: PayPal-B.Stats/1.0

Redirect headers

Location: https://lhr.stats.paypal.com/v1/counter2.cgi?r=cD02YmVhZDUwZjhlZTU0MDZmYjY4ODJmNGFjNWY2MTgzNiZpPTE4NS4yMTMuMTU1LjE3MSZ0PTE3MzQ1OTkyNjcuNjUyJmE9MjEmcz1VTklGSUVEX0xPR0lORM69wPLo4rtCmyZ-MZO4403uWKM
Content-Length: 0
Date: Thu, 19 Dec 2024 09:07:48 GMT
Content-Type: application/octet-stream
Connection: close
Server: PayPal-B.Stats/1.0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
469 B 246ms
203ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=6bead50f8ee5406fb6882f4ac5f61836&s=UNIFIED_LOGIN_INPUT_EMAIL_TRMT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 1950d72414b3c
access-control-expose-headers: Server-Timing
correlation-id: 1950d72414b3c
traceparent: 00-00000000000000000001950d72414b3c-8c058aa037d64e7e-01
server-timing: "traceparent;desc="00-00000000000000000001950d72414b3c-c13effd7bc365f8b-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
x-served-by: cache-fra-eddf8230139-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
x-timer: S1734599268.109696,VS0,VE196
via: 1.1 varnish
accept-ranges: bytes
content-length: 0

OPTIONS
H2 200 pa
c.paypal.com/v1/r/d/b/ Frame 0
0 183ms
183ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/pa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 8fee31875e2a4
date: Thu, 19 Dec 2024 09:07:48 GMT
paypal-debug-id: 8fee31875e2a4
server-timing: "traceparent;desc="00-00000000000000000008fee31875e2a4-f5bb137837291955-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000008fee31875e2a4-d452cbabe63c0c67-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230062-FRA

POST
H2 204 pa Show response
c.paypal.com/v1/r/d/b/ 0
368 B 185ms
184ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/pa

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 87c095a244f9b
correlation-id: 87c095a244f9b
traceparent: 00-000000000000000000087c095a244f9b-5fd85adda338fed8-01
server-timing: "traceparent;desc="00-000000000000000000087c095a244f9b-1ebb746ba40beb2b-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
x-served-by: cache-fra-eddf8230162-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 232ms
232ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-WZhqltXpxYAuqzLa/IboUKEsn4ElzD9YQHjbJDZWhf9RhQWC' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f9396517f4d0a
content-encoding: br
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f9396517f4d0a-52934a4b09a8ad94-01
server-timing: "traceparent;desc="00-0000000000000000000f9396517f4d0a-dd2553f5691e5baf-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-WZhqltXpxYAuqzLa/IboUKEsn4ElzD9YQHjbJDZWhf9RhQWC' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599268.280638,VS0,VE224
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
901 B 196ms
174ms Image
image/gif 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.5&t=1734599268278&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1734599267615&calc=f939651ff3fe6&nsid=biItijdjBrm0SZxlN2qlOsz4bCxcQ31n&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=6bead50f8ee5406fb6882f4ac5f61836&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C109679%2C109059%2C104405%2C104407&xt=123956%2C123954%2C146708%2C143369%2C120151%2C119038&transition_name=ss_prepare_email&cookie_disabled_request=true&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&product=cookieBanner&e=ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 1b305f2620ae2
correlation-id: 1b305f2620ae2
expires: Thu, 19 Dec 2024 09:07:48 GMT
traceparent: 00-00000000000000000001b305f2620ae2-8b96645d49934055-01
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-00000000000000000001b305f2620ae2-65ae040bd64593db-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1734599268.303499,VS0,VE168
via: 1.1 varnish
accept-ranges: bytes

OPTIONS
H2 200 /
ddbm2.paypal.com/js/ Frame 0
0 23ms
9ms Preflight 18.245.46.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-2.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Thu, 19 Dec 2024 09:07:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
x-amz-cf-id: kBNqFaqlnH4hNHGOfpdV5mGWTbfGhqkD1d9VrQTnK4VIf1ont6a17g==
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
x-content-type-options: nosniff

POST
H2 200 / Show response
ddbm2.paypal.com/js/ 230 B
640 B 11ms
10ms XHR
application/json 18.245.46.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-2.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

5f17d4215de585c8e406ed02505f67169f0ba28b3f96f74ce4669ef23a10f7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 230
x-amz-cf-id: q0jbBj-ueUzjN3GmREb14IDF96kU3OPZLtsFO2RryJlwJsDvXg26UQ==
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: FRA56-P9
server: DataDome

GET
H2 200 ts
t.paypal.com/ 42 B
259 B 164ms
164ms Image
image/gif 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.5&t=1734599268468&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1734599267615&calc=f939651ff3fe6&nsid=biItijdjBrm0SZxlN2qlOsz4bCxcQ31n&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=6bead50f8ee5406fb6882f4ac5f61836&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C109195%2C102028%2C105999%2C100885%2C109334%2C109334%2C101270%2C102557%2C102557%2C101408%2C101408%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C110648%2C101688%2C101821%2C101820%2C102208%2C105543%2C105544%2C105416%2C105416%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C110442%2C108653%2C108652%2C100846%2C109040%2C101875%2C109047%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101216%2C103648%2C104200%2C109195%2C108076%2C109047&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C144027%2C107258%2C127242%2C102543%2C144768%2C144768%2C106407%2C109630%2C109630%2C104576%2C104576%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C152289%2C105645%2C106327%2C106324%2C108106%2C124626%2C124629%2C125100%2C125100%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C105858%2C150774%2C141151%2C141149%2C102359%2C143321%2C106610%2C143343%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103864%2C114559%2C127485%2C144027%2C138090%2C143343&transition_name=ss_prepare_email&cookie_disabled_request=true&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&imsrc=setup&view=%7B%22t10%22%3A31%2C%22t11%22%3A4570%2C%22tcp%22%3A4383%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=31&t1c=31&t1d=14&t1s=11&t2=242&t3=5&t4d=0&t4=0&t4e=3&tt=4521&rdc=0&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&t12=4421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 81650ba60013f
correlation-id: 81650ba60013f
expires: Thu, 19 Dec 2024 09:07:48 GMT
traceparent: 00-000000000000000000081650ba60013f-6b4da58b7836fd4b-01
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-000000000000000000081650ba60013f-a56f2916ac26f13a-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230132-FRA
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1734599268.471486,VS0,VE157
via: 1.1 varnish
accept-ranges: bytes

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 40 B
2 KB 197ms
194ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e9ba4253382f817e9232a122f9f4d8dc8939da2c4b48c69bb5e3a8fccc7b774

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://.paypalobjects.com https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TeaLeaf-Page-Url: /signin
X-PageId: P.LW5P8ZBJF6HA4J2GZENJV6WVMWCZ
X-TealeafType: GUI
Referer: https://www.paypal.com/signin
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.4.137c
X-Tealeaf-SaaS-AppKey: 76938917d7504ff7a962174c021690bd
X-Tealeaf-SyncXHR: false
X-Tealeaf-SaaS-TLTSID: 56477654940220373174936321214249
X-Tealeaf-TLTDID: 42986573853202743326565280525524
X-Requested-With: fetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Tealeaf-MessageTypes: 1,2,5,7,12,14
Content-Type: application/json

Response headers

paypal-debug-id: f446202c758df
content-encoding: br
etag: W/"28-Y7nSlrtmeMVANMH2qvwSHH52Wzg"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f446202c758df-70b35effff025bd6-01
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599269.510418,VS0,VE187
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-xss-protection: 1; mode=block

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
137 B 184ms
177ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=7ba2a692-bba6-4158-b20e-b16082918165&batch_time=1734599268889

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ae018b97a4800736b6a3243818857aa28d674c2b08ff8c479044a1580674430f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json
dd-request-id: 7ba2a692-bba6-4158-b20e-b16082918165

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
138 B 143ms
141ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=d383cd9f-b86d-45da-a706-e42a3123a4a6&batch_time=1734599268890

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

e11017ddf07d4d6b26d11ddd290f363bb3204404036a39cbd86a5f3fbfa075f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json
dd-request-id: d383cd9f-b86d-45da-a706-e42a3123a4a6

POST
H2 202 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
137 B 164ms
158ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=3c36a863-fbd3-4374-97a0-4d1aa5beea9e

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

a406b65093ed0b8b9594aea8149ed5bc6d54f0610634cd6c0d055f5334d84385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary59tbM5UI2xXxmyEO
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 19 Dec 2024 09:07:48 GMT
content-type: application/json
dd-request-id: 3c36a863-fbd3-4374-97a0-4d1aa5beea9e

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
3 KB 323ms
321ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-UEkoXhSZ8gQ3T+fEYM9ePYWHpds7kR4FV8F4BUWsKlx2kmVn' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f446202e9a60f
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f446202e9a60f-cd9c3e3114d8f233-01
server-timing: "traceparent;desc="00-0000000000000000000f446202e9a60f-2cf8dc3105801bfb-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:49 GMT
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-UEkoXhSZ8gQ3T+fEYM9ePYWHpds7kR4FV8F4BUWsKlx2kmVn' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599269.087618,VS0,VE314
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 71 KB
71 KB 7ms
6ms Image
image/png 151.101.195.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

fastly-io-info: ifsz=110177 idim=22x7296 ifmt=png ofsz=72320 odim=22x7296 ofmt=png
paypal-debug-id: e5f152b29fa73
etag: "Nuylfp+to+eBvo2TUOG5pjOz26CVaqgZXN1uHvjtDMM"
x-content-type-options: nosniff
traceparent: 00-0000000000000000000e5f152b29fa73-148c9faa49f1e90b-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 19 Dec 2024 09:07:49 GMT
content-type: image/png
x-served-by: cache-sjc10054-SJC, cache-fra-eddf8230109-FRA
x-cache-hits: 2, 45996
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-timer: S1734599270.992714,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 72320
fastly-io-served-by: vpop-haf2300703

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 253ms
252ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-owdtxru1b8HrddlWvGGTB60lQ/fO+BCPfXbVrsEgfbHJ1t6E' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f385459db19bb
content-encoding: br
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f385459db19bb-d1c77c662c794441-01
server-timing: "traceparent;desc="00-0000000000000000000f385459db19bb-f48956daeae3efdf-01"";content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS
date: Thu, 19 Dec 2024 09:07:51 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-fra-eddf8230162-FRA, cache-fra-eddf8230162-FRA
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-owdtxru1b8HrddlWvGGTB60lQ/fO+BCPfXbVrsEgfbHJ1t6E' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1734599271.281079,VS0,VE245
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: blob:https://www.paypal.com/b2927916-2232-4935-b1ef-5604f7e02ad1

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-21 06:09:11	Name: _GRECAPTCHA Value: 09AJNbFneISv8Ooh0ThdkyMSdc5HPTkmUF5bpxqr3xF3H0sabbaLWzmGIxYYWX7BS4iAmEmmKFyPDzSOecMscNWXE
.is.gd/	1970-01-21 01:50:01	Name: __cf_bm Value: df4Xl8dwOpmsxTVAdU2kS_X96KLDMaNRmfEvAnd6jT0-1734599263-1.0.1.1-J1ec_M2C_Rd0BncUJ86x0YeMPsNWX2rL1mkBXd6yz9K1ioYhHp8ELbJV.9fhQB3rmLiFL_oKNdYxUrUAzAd1Dg
www.achaa.com.au/	1969-12-31 23:59:59	Name: PHPSESSID Value: e99339ffc9215e0e2db4e103475d42c8
.paypal.com/	1970-01-21 10:35:35	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-21 11:25:59	Name: cookie_check Value: yes
.paypal.com/	1970-01-21 11:25:59	Name: d_id Value: 6bead50f8ee5406fb6882f4ac5f618361734599267631
.paypal.com/	1970-01-21 01:50:30	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AbiItijdjBrm0SZxlN2qlOsz4bCxcQ31n.b4r21wyW2HtiemVZW3mMuLRulfDdT7Fm2OaCfMC1PkU
.paypal.com/	1970-01-21 01:50:01	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 10:35:35	Name: ts_c Value: vr%3Dde2c54fb1930a79810aa308bf368563c%26vt%3Dde2c54fb1930a79810aa308bf368563b
.paypal.com/	1969-12-31 23:59:59	Name: TLTSID Value: 56477654940220373174936321214249
.paypal.com/	1970-01-21 10:35:35	Name: TLTDID Value: 42986573853202743326565280525524
.paypal.com/	1970-01-21 01:50:00	Name: rssk Value: d%7DC9%4097%3A%3E%3D3%3F%3DAA%3C%3Exqx%3E%C2%82%3Dy%7Cwxqq%3F11
.stats.paypal.com/	1970-01-21 11:25:59	Name: c Value: de7fcdf004188d90e755
.paypal.com/	1970-01-21 10:35:35	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/	1970-01-21 02:33:11	Name: datadome Value: ntby70l8q~HOqtA5ima6dg8YsJqtSsDonymScbBQQWR9VfNy9DEQZ3cU3V39F~pMwY4FOziXzv0y5yZCTa1NPweVCQ6ddT5AIpRBR9GlAfV_hDGijQFRrtbBKpc1UhqR
.paypal.com/	1970-01-21 11:25:59	Name: sc_f Value: zNq7wUsS-eNOmrgYTJUwv6dKn7PMOeTJDM7tJXM9JKXr9EJMDiXP12lCADzIPW2vT7rbt_x_FIAp56HfjUBg0zSBPBUsAJLElLvYg0
.paypal.com/	1970-01-21 11:25:59	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: DFKDJXhC-RI6Zm0YPQo2iIgT9F4sZHQ386szCE9ptNdd3DvcfnqOQahJe9FwE56RTehjAE_DmT62GH2b
.paypal.com/	1970-01-21 11:25:59	Name: ddi Value: l9LzC2auUEHRSgi-TbOzOspgp5V_hQbPhvf6Ntp34gyIHwsBOh7yIE9z2oez5XjsA40vo5QwzLwgaVsEbRU2dlTSA_cMz1p0AR4hYSnFfbuwocLf
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTczNDU5OTI3MTQzMSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 01:54:18	Name: tsrce Value: privacynodeweb
.paypal.com/	1970-01-21 10:35:35	Name: ts Value: vreXpYrS%3D1766135271%26vteXpYrS%3D1734601071%26vr%3Dde2c54fb1930a79810aa308bf368563c%26vt%3Dde2c54fb1930a79810aa308bf368563b%26vtyp%3Dnew
www.paypal.com/	1970-01-21 01:50:00	Name: _dd_s Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.paypal.com/signin Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://www.paypal.com/signin Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00C4290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.paypal.com/signin Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00C4290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ZUm27UvGTua4cAZzFtzEBkvEWPQl5MozPzlYYArKBmOA30F0' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
browser-intake-us5-datadoghq.com
c.paypal.com
c6.paypal.com
dashboard-paypal-user.cfolks.pl
ddbm2.paypal.com
is.gd
lhr.stats.paypal.com
paypal.com
paypalobjects.com
t.paypal.com
www.achaa.com.au
www.paypal.com
www.paypalobjects.com
www.paypal.com
103.61.228.11
151.101.1.21
151.101.193.21
151.101.195.1
151.101.3.1
18.245.46.2
185.208.164.58
192.229.221.25
2600:1901:0:c072::
2606:4700:20::6819:ea35
2a04:4e42:600::291
34.147.177.40
03a403d06377c5e9c18bfd1f1ffa39ed9c24b4470121286070f3f6b46377fa2d
154f00ee27d38857eddc2ce0bb9b8fce80743ffa96b1be02de2e4dec4d21a058
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
2047a07e8a00aa49fac869eae4b2ab0e3f8aea723e1f823596df2d48e9c8003b
228ad520746dbdfa971029c803290f5d6e036effbfabe764050d131b046aedf8
2446f5091f8f4fb8a732626497014f2d518cca4b6777c76a290f98f2d5786d0e
2880313f69be71c091b95112ebbc86ec1bb245c5dd6c27c3d7c428f49ec521ca
29c6df0a89d6035a3d64023b7e7bc9f31e3e2e3fd82618aaf937fd3986ec6157
313aa7d81d43a63765b510de41e4340f47ed70ff1e0ae41f843531f5c359f587
3414f3d97c24434504ff85ef94ac26834efc27918ea495450c5521a605458cb5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a2d75690a2a969570d48e4f86351e06dc99da07cb3f8dac74f03de55850f0a2
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
51644938a4a54724b7ef40a8be83d98a34d4ce1f8e37eaa5a96feaf46c0ef8e1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d409f5006b66be52dc60512804199f8ec15ea27832d4089c41c42e394b2dce6
5f17d4215de585c8e406ed02505f67169f0ba28b3f96f74ce4669ef23a10f7a7
62c9e0e8f9b068832352496b25dc2d91f4531a64c4dc274f03f82e6314cce1c8
64b40135d2cb63c0b163eff198900cb04672acbdb9e702fa8d68e24738c0660b
6bfdec2051cd5e64a40a3115dced7bffee57b4ce96b6d4c0dfb65c2bf6905f5b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20
7f083991dcd0f426a91fef258e7a1ce9a3b58c1ad459fb3a9a5cec584a06b1c7
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
8777ff5948bf23d0ecb45a52aa01b591df316a2604aa1f391fd76ef5906c145e
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
9e9ba4253382f817e9232a122f9f4d8dc8939da2c4b48c69bb5e3a8fccc7b774
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
a406b65093ed0b8b9594aea8149ed5bc6d54f0610634cd6c0d055f5334d84385
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a79abb420d3c3959aeaffac39b9e1c99add33ffb3f8676d86c42d247dc63e3d0
ac9a40e3d9f8c16b6ad83f112ab91498a7dd9aad71a7abdce585c2506a128a1b
ae018b97a4800736b6a3243818857aa28d674c2b08ff8c479044a1580674430f
ae4f58b9f70ad49a239542052acfeb9ea89e51078616a5b4937c0de2a5e19b54
b24fa2b87e3d9cd751cbca83023fe4213d616d5051695fc9b529aba4e0f10ac7
bac63e7dbdbcd213328172d45303eaa739b508b0556df0c9a154ad48a7f73c09
c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7
cae0af2e9035626ebcc82aedffe6939e8de145879607cc94c5f1ea379f94a12b
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d56750f319ff862ed72f5413c56d9bcb79e8cd1ef827444c9e469c76f6050dbe
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
e11017ddf07d4d6b26d11ddd290f363bb3204404036a39cbd86a5f3fbfa075f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267
f0cda4e6038b5eac291701bc280593f62e625dbb80042a38577b87efb0bb39ac
f14773e6fb61ec5798ae360c95c33b79d5e94bfa81e12a42ccfac66789b98f77
f19efd70ed948ca16f507bd7f1b74bd9c6ff2022586cf62611c16ed9493758b8

www.paypal.com Open in urlscan Pro 151.101.1.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

95 %HTTPS

25 %IPv6

6 Domains

14 Subdomains

9 IPs

4 Countries

573 kBTransfer

1870 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

95 %
HTTPS

25 %
IPv6

6
Domains

14
Subdomains

9
IPs

4
Countries

573 kB
Transfer

1870 kB
Size

23
Cookies

60 HTTP transactions
0 data transactions