www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.paypalcredit.com/
Effective URL:
https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2022, 10:57:49 pm UTC) — Scanned from DE

Summary HTTP 70 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 70 HTTP transactions. The main IP is 151.101.65.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2527.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 11th 2022. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.76.140.155 208.76.140.155	30393 (BMLCORP) (BMLCORP)
5	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
35	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
70	12

1 208.76.140.155 (United States) 1 redirects

ASN30393 (BMLCORP, US)

www.paypalcredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1810	984 KB
9	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 2692	730 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2527 t.paypal.com — Cisco Umbrella Rank: 3344	64 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	338 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 1708	22 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2007	42 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	7 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 214	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	qualtrics.com zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 17105	8 KB
1	paypalcredit.com 1 redirects www.paypalcredit.com	373 B
70	11

	Domain	Requested by
35	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
9	www.youtube-nocookie.com	www.paypalobjects.com www.youtube-nocookie.com
5	www.gstatic.com	www.recaptcha.net www.youtube-nocookie.com www.gstatic.com
5	www.paypal.com	www.paypal.com www.paypalobjects.com
4	jnn-pa.googleapis.com	www.youtube-nocookie.com
4	www.recaptcha.net	www.paypalobjects.com www.gstatic.com www.recaptcha.net
3	t.paypal.com	www.paypal.com
1	i.ytimg.com
1	yt3.ggpht.com
1	www.google.com	www.youtube-nocookie.com
1	fonts.gstatic.com	www.youtube-nocookie.com
1	zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com	www.paypalobjects.com
1	www.paypalcredit.com	1 redirects
70	13

This site contains links to these domains. Also see Links.

Domain
developer.paypal.com
www.ebay.com
goto.target.com
bestbuy.7tiv.net
www.tkqlhce.com
about.pypl.com
newsroom.paypal-corp.com
investor.paypal-corp.com
publicpolicy.paypal-corp.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
misc.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
Frame ID: C35CB25C43162A657FCED7009452F293
Requests: 43 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html
Frame ID: 34B496DACD08D194086BDAAB746CDBD6
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
Frame ID: 7875CD4B67563A3F75043776550F7FD1
Requests: 18 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=o2a97omhwe0a
Frame ID: E4ECBF5AAC83B10402571748D20B45BC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal Credit | Sign In | PayPal US

Page URL History Show full URLs

https://www.paypalcredit.com/ HTTP 301
https://www.paypal.com/us/webapps/mpp/paypal-credit-signin Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Page Statistics

70
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

2210 kB
Transfer

5954 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://developer.paypal.com/home
Title: Developer

Search URL Search Domain Scan URL

URL: https://www.ebay.com/?mkcid=1&mkrid=711-53200-19255-0&siteid=0&campid=5338797146&customid=PPCSignInLP&toolid=10001&mkevt=1

Search URL Search Domain Scan URL

URL: https://goto.target.com/c/71614/79235/2092?subId1=2019PPCMLFeatured

Search URL Search Domain Scan URL

URL: https://bestbuy.7tiv.net/c/71614/615614/10014?subId1=2019PPCMLFeatured

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/click-4033845-13620980&afftrack=2019PPCHomeGard

Search URL Search Domain Scan URL

URL: https://about.pypl.com/home/default.aspx
Title: About

Search URL Search Domain Scan URL

URL: http://newsroom.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://investor.paypal-corp.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://about.pypl.com/values-in-action/default.aspx
Title: Values in Action

Search URL Search Domain Scan URL

URL: https://publicpolicy.paypal-corp.com/
Title: Public Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paypalcredit.com/ HTTP 301
https://www.paypal.com/us/webapps/mpp/paypal-credit-signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request paypal-credit-signin Show response
www.paypal.com/us/webapps/mpp/
Redirect Chain

https://www.paypalcredit.com/
https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

119 KB
38 KB

497ms
470ms

Document
text/html

151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

65b26938eee9d08c28014e806f8f5c401c4249dcfd2c64cd4eec873e92b93100

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com; script-src 'nonce-VpmuSo2mF3KS1qd3V8F9DCZTVHyMMGvM3iw/ZQ2fCkCqcX1A' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-VpmuSo2mF3KS1qd3V8F9DCZTVHyMMGvM3iw/ZQ2fCkCqcX1A' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"1da0b-W1qchvqZffuQSZDrFiYotoiJops"
paypal-debug-id: f3742842f2ca7
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
date: Thu, 24 Mar 2022 22:57:44 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4046-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1648162664.560263,VS0,VE463
vary: Accept-Encoding
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-encoding: br

Redirect headers

Date: Thu, 24 Mar 2022 22:57:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Location: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
Content-Length: 266
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Strict-Transport-Security: max-age=15552000; includeSubDomains

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
7 KB 50ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4D) /

Resource Hash

3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: df8e4e8b1fd86
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 6352
last-modified: Wed, 10 Nov 2021 09:36:56 GMT
server: ECAcc (frc/8F4D)
etag: "618b92b8-5428"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 48ms
9ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD3) /

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: ebabe928e6079
dc: ccg11-origin-www-1.paypal.com
content-length: 18320
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
server: ECAcc (frc/8FD3)
etag: "5a66ae4b-4790"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 48ms
10ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F5F) /

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
server: ECAcc (frc/8F5F)
etag: "5a66a30d-47b8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
paypal-debug-id: 2475506973341
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 18360
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css
www.paypalobjects.com/marketing-resources/css/b6/ 330 KB
52 KB 10ms
10ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F3E) /

Resource Hash

d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 13eb60367aa54
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 52621
last-modified: Thu, 18 Nov 2021 13:50:46 GMT
server: ECAcc (frc/8F3E)
etag: W/"61965a36-528df"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 spot.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/spot.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FCF) /

Resource Hash

8d0efcbe295fe47b7bec8ed85ffe1fbadff6d878691f7e5cb5c753f35136a995

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 74cd768ddb182
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 2121
last-modified: Wed, 29 Sep 2021 07:40:35 GMT
server: ECAcc (frc/8FCF)
etag: W/"61541873-13bf"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 launch-spot.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 1 KB
868 B 8ms
8ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/launch-spot.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F3F) /

Resource Hash

e9cb41ae47c707079889a1916a6f1534f484432e4d709088dcb34f8f8b71eca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 153a2f50283c2
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 749
last-modified: Mon, 04 Oct 2021 08:51:43 GMT
server: ECAcc (frc/8F3F)
etag: W/"615ac09f-5e6"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 pricing-blue.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 2 KB
973 B 26ms
25ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/pricing-blue.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1B) /

Resource Hash

337b34f91b622a538904b8647f810ea42e5f0a7b76af261229774bcddc16df2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: ec7a6ae083814
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 892
last-modified: Mon, 04 Oct 2021 10:34:16 GMT
server: ECAcc (frc/8F1B)
etag: W/"615ad8a8-8e4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 pin-blue.svg
www.paypalobjects.com/marketing/web/us/en/home-merchant/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/home-merchant/pin-blue.svg

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD4) /

Resource Hash

d571e48dd85ed1670b5a326d862a103273657ce5fe2a4b1d1bb921fcbddc51ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 5982eb7155f04
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 999
last-modified: Mon, 04 Oct 2021 10:34:16 GMT
server: ECAcc (frc/8FD4)
etag: W/"615ad8a8-748"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 PayPalCredit_logo_blue_RETINA_step1_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 11 KB
11 KB 25ms
24ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/PayPalCredit_logo_blue_RETINA_step1_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F87) /

Resource Hash

b04b7ec3ac99dd6e2290cae470fb622c4def4cfe565d58d405f7ea43274d5dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-2bbe"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 646d5fed5bc00
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 11198
server: ECAcc (frc/8F87)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 mobile_hero.gif
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 137 KB
137 KB 13ms
12ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/mobile_hero.gif

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E9F) /

Resource Hash

e543ced70662ba813ff315aec5fb6df17637977970abdb73f58b6dfe5b74a0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
server: ECAcc (frc/8E9F)
etag: "60271c76-222e4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 1a363c4c87c39
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 140004
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Mod5_step1_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 44 KB
44 KB 25ms
25ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Mod5_step1_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F08) /

Resource Hash

35919af9203324e616c645bc8d0694e505556660b1d35d35c10db8180f44edc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-afb4"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 9925ed7cf0a9e
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 44980
server: ECAcc (frc/8F08)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Mod5_step2_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 42 KB
42 KB 20ms
20ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Mod5_step2_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F7D) /

Resource Hash

b6a099854aaa744abfd9fcf83d4a0aa6607d0c7c15ce487b66098be03d4b3046

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-a92f"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: ea8b1b4738f0a
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 43311
server: ECAcc (frc/8F7D)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Mod5_step3_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 65 KB
65 KB 25ms
25ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Mod5_step3_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1E) /

Resource Hash

899f393525ca9f1cf5b0bdfe64aace116a74a23868ebbd9237390673f8037235

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-1039b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: a8a19ac453d16
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 66459
server: ECAcc (frc/8F1E)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 react-17_0_1-bundle.js Show response
www.paypalobjects.com/marketing-resources/vendors/ 132 KB
44 KB 20ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 1602a843d2c8a
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 44545
last-modified: Mon, 22 Feb 2021 21:58:19 GMT
server: ECAcc (frc/8E92)
etag: W/"603428fb-20ee8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 54 KB
21 KB 19ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F58) /

Resource Hash

e761a178fd6dd117371dd9b09aacbf802985c65304c8c30ed69d3dc279941384

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 828f48cf23d5e
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 21180
last-modified: Mon, 28 Feb 2022 22:36:17 GMT
server: ECAcc (frc/8F58)
etag: "621d4e61-d87f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 open-chat.js Show response
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 1 KB
884 B 21ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F38) /

Resource Hash

15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 944ad8e381b1c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 779
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
server: ECAcc (frc/8F38)
etag: W/"60271b1c-5bf"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
491 B 21ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA7) /

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4bf842eb1d809
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 365
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
server: ECAcc (frc/8FA7)
etag: "60271561-22a"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 25 Mar 2022 22:57:44 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/c3229c325a95f88d/ 10 KB
6 KB 255ms
254ms Script
text/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/c3229c325a95f88d/recaptchav3.js?_sessionID=Nf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

324258a2d3543c3226021c57b713ead7ce0bcef890dc973974154c8dc576f08d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-sAysi0tsfAlOMuNMmdmQokiDO0lpJGw3RggpAEb2oGYN7t3J' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-sAysi0tsfAlOMuNMmdmQokiDO0lpJGw3RggpAEb2oGYN7t3J' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f374284339b6a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4046-HHN
x-timer: S1648162664.176394,VS0,VE247
date: Thu, 24 Mar 2022 22:57:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"279a-yeaap+ceV5zBAjjcnYpceQRIijk"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 1 KB
645 B 9ms
8ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E93) /

Resource Hash

c856574dfeaa824fad939e38f7d06a76160e2d204721948303d8455efd37c3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: ad437e372dc3c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 540
last-modified: Fri, 22 Oct 2021 22:34:04 GMT
server: ECAcc (frc/8E93)
etag: "61733c5c-4f8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Desktop_Hero.gif
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 176 KB
176 KB 12ms
12ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Desktop_Hero.gif

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F6A) /

Resource Hash

ca6b197d5a18dc0edfadd3cbd8157d3fdf056925e19edaa419c152059c32ed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:25 GMT
server: ECAcc (frc/8F6A)
etag: "60271c75-2be1b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 11786063a86d4
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 179739
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 paypal-credit-signin
www.paypal.com/us/webapps/mpp/ 14 KB
14 KB 552ms
552ms Image
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com; script-src 'nonce-FF+e1r9qSimxHcrcam3iShjkXmRVJ69wqBcm9e6bq47Q1y5n' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.qualtrics.com https://*.paypal-mktg.com; script-src 'nonce-FF+e1r9qSimxHcrcam3iShjkXmRVJ69wqBcm9e6bq47Q1y5n' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f374284d298bd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4046-HHN
x-timer: S1648162664.198122,VS0,VE545
date: Thu, 24 Mar 2022 22:57:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"1da5d-S9bKpr4za+jeHX64jTFchAEVg7w"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 yellow-tick_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 3 KB
3 KB 8ms
7ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/yellow-tick_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB8) /

Resource Hash

1dfa365404f02cbb0052c3e2bff986030d0190473dac781d0c1f678b02363756

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-b7f"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 811c0114adc0b
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 2943
server: ECAcc (frc/8FB8)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 white-tick_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 4 KB
4 KB 13ms
13ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/white-tick_2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

eee85ae6d25355ddf8e726bb0e6a08c9a08a926ad19d3ba9f053202b1ef3437c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-e76"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 4e884a28d472a
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 3702
server: ECAcc (frc/8F24)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 25 KB
25 KB 9ms
9ms Font
application/font-woff2 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FB3) /

Resource Hash

1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/b6/83345d7c19ad7bb4b09106e2ab9a6f866a29f2.css
Origin: https://www.paypal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 4b61dcf9973b3
dc: ccg11-origin-www-1.paypal.com
content-length: 25368
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
server: ECAcc (frc/8FB3)
etag: "60271cda-6318"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/ 133 KB
26 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFB) /

Resource Hash

afcf87dd397928dd8615c513df903c0df3945167d61b31104cc308e1efe5a176

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: da37942f1354c
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 26263
last-modified: Thu, 24 Mar 2022 20:57:18 GMT
server: ECAcc (frc/8FFB)
etag: W/"623cdb2e-2155e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 eligibility Show response
www.paypal.com/smartchat/open/ 1 KB
2 KB 198ms
198ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/webapps/mpp/paypal-credit-signin

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca8dc0fc0284b104249a48278888280106296684dcbac174c592af7f4a20348b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn; script-src 'nonce-t3LCT1UI6RkmA42jPoK8M49XCQ5RyTxLHnR2ZHn91agv6Xo/' 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn 'unsafe-inline' https://.kampyle.com https://.qualtrics.com; font-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn data:; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-t3LCT1UI6RkmA42jPoK8M49XCQ5RyTxLHnR2ZHn91agv6Xo/' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f3742847da050
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4046-HHN
x-timer: S1648162664.239524,VS0,VE190
date: Thu, 24 Mar 2022 22:57:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"564-zolfYzceTzVjFvGMqaym6DzZGR4"
accept-ranges: none
x-cache-hits: 0

GET
H2 200 OrchestratorMain.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 7 KB
3 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F33) /

Resource Hash

8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Origin: https://www.paypal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 7cb7190e64133
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 3329
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F33)
etag: "61dccd14-1d47"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 12.2e4d3453d92fa382c1f6.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 56 KB
16 KB 9ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F39) /

Resource Hash

9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 26142c1bd2838
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 16285
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F39)
etag: "61dccd14-e017"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

POST
H2 200 Targeting.php Show response
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 99 KB
8 KB 200ms
143ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1yNnlIufRcT75CB&Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff1beb59b35f78865af9c15dfca83306870e05aafad47accf74f2c750aef8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 16787aeed6157d96
cf-ray: 6f1301ec9b6b9bb2-FRA

GET
H2 200 ts
t.paypal.com/ 42 B
772 B 218ms
183ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.1&t=1648162664361&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=f3742842f2ca7&nsid=Nf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=ece5cb4c44464fc9a96a0ca039c0c491&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104406%2C103659%2C104407&xt=119036%2C114639%2C119038&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=paypal-credit-signin.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&displaypage=main%3Amktg%3Apersonal%3A%3Apaypal-credit-signin&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v3a&bannersource=ConsentNodeServ&eligibility_reason=false&is_native=false&cookie_disabled=false&e=ac

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 96bdc72ae2f5b
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4026-HHN
pragma: no-cache
x-timer: S1648162664.399538,VS0,VE175
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 22:57:44 GMT

GET
H2 200 grcenterprise_v3.html Show response
www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/ Frame 34B4 4 KB
2 KB 9ms
9ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/c3229c325a95f88d/recaptchav3.js?_sessionID=Nf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F66) /

Resource Hash

e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=31536000, s-maxage=31536000
content-type: text/html
date: Thu, 24 Mar 2022 22:57:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"62298aca-fb6"
expires: Fri, 24 Mar 2023 22:57:44 GMT
last-modified: Thu, 10 Mar 2022 05:21:14 GMT
paypal-debug-id: 6d266f1cbd602
server: ECAcc (frc/8F66)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1555

GET
H2 200 enterprise.js Show response
www.recaptcha.net/recaptcha/ Frame 34B4 977 B
1 KB 144ms
47ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/f76/023a2c9c1a9fec19eafcf501c4478/recaptcha/grcenterprise_v3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

812ea4db1f05aef7471a5ffd123fe8fbee2d064d6233709a49da0aecfba50aa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 22:57:44 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 34B4 357 KB
141 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a65d5276c8d1b2c5f16f1a833a45e0a4882516f806938c340b6a93fb7a25bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 18:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143864
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 18:46:26 GMT

GET
H2 200 CoreModule.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 100 KB
30 KB 10ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/CoreModule.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/12.2e4d3453d92fa382c1f6.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F63) /

Resource Hash

ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a8a7d73a1a1d0
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 30223
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F63)
etag: "61dccd14-190b6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 4.bee7caf079144a7b9980.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 2 KB
1 KB 11ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/4.bee7caf079144a7b9980.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC5) /

Resource Hash

ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 8f9a8f48bcd49
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 1231
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8FC5)
etag: "61dccd14-9ed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 1.1303dc17a61da0f506d3.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 29 KB
7 KB 11ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/1.1303dc17a61da0f506d3.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FCB) /

Resource Hash

e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 8531a207b0ede
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 6602
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8FCB)
etag: "61dccd14-7257"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 17.0e47ac923c1fa85e46cf.chunk.js Show response
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ 19 KB
8 KB 12ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/17.0e47ac923c1fa85e46cf.chunk.js?Q_CLIENTVERSION=1.64.1&Q_CLIENTTYPE=hostedjs&Q_BRANDID=paypalxm

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/OrchestratorMain.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F5B) /

Resource Hash

b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 3acb0352ca8b4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 7762
last-modified: Tue, 11 Jan 2022 00:19:32 GMT
server: ECAcc (frc/8F5B)
etag: "61dccd14-4a99"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 8ab682c68c220b34867fd782ec960cc49de7ab.js Show response
www.paypalobjects.com/marketing-resources/js/84/ 518 KB
135 KB 7ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/84/8ab682c68c220b34867fd782ec960cc49de7ab.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FD5) /

Resource Hash

fef302fc57b5c467555125f18dd619642e90158f2d526b459a05a247be04ba46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: dc53f148dafd9
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 138035
last-modified: Fri, 11 Feb 2022 12:34:45 GMT
server: ECAcc (frc/8FD5)
etag: "620657e5-8178c+gzip"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 EBay_logo_step1_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 32 KB
32 KB 13ms
12ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/EBay_logo_step1_2x.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA7) /

Resource Hash

ea8eb9461cbd14a2eefc5a656dd694d4ee972853a924bf16699bd552750c92db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:25 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c75-7fdb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 6eb6c9aef9f1a
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 32731
server: ECAcc (frc/8FA7)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 target-corporation_step2_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 11 KB
11 KB 10ms
9ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/target-corporation_step2_2x.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE8) /

Resource Hash

bd0e4c1ac98eaf902508404b08004557241c5252a0a02c33d89dac8879931d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-2d24"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 5d70dcd7574aa
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 11556
server: ECAcc (frc/8FE8)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Best_Buy_logo-step3-2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 18 KB
18 KB 10ms
10ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Best_Buy_logo-step3-2x.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4E) /

Resource Hash

9f9d352239444109612f7aa33d72204c6f005d744043c2d3d571d658f0c4df6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:25 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c75-496c"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 33157e2629f74
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 18796
server: ECAcc (frc/8F4E)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Wayfair-logo-step4_2x.png
www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/ 22 KB
22 KB 11ms
11ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/marketing/web/us/en/paypal-credit-signin/new/Wayfair-logo-step4_2x.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FF8) /

Resource Hash

116eddadb32407d7860966e655025bc5a2ee29a4feb3231050a1e021e61f5e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:25:26 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "60271c76-57f1"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 2d6cc8468e30c
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 22513
server: ECAcc (frc/8FF8)
expires: Thu, 24 Mar 2022 23:57:44 GMT

GET
H2 200 Fpz-zKyF7F4 Show response
www.youtube-nocookie.com/embed/ Frame 7875 59 KB
26 KB 196ms
94ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/vendors/react-17_0_1-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67578f4b5cfb599322e7f3a22119782222cb96915f3bc7745ba6b0e9e0bcc575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 22:57:45 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/enterprise/ Frame E4EC 42 KB
22 KB 59ms
59ms Document
text/html 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=o2a97omhwe0a

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15b849fd2b562a8585765fb0ca2ccad7394607fca13499b5c6ca81e05a5d4232

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uNuJNyN/+BI4120uf/WGjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 22:57:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-uNuJNyN/+BI4120uf/WGjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22017
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame E4EC 51 KB
24 KB 87ms
40ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=o2a97omhwe0a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 17:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 17:31:16 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame E4EC 357 KB
141 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a65d5276c8d1b2c5f16f1a833a45e0a4882516f806938c340b6a93fb7a25bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 18:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143864
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 18:46:26 GMT

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/68423b67/ Frame 7875 338 KB
46 KB 88ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ce9c6c3658195d25d240ae1a5b1ef458631a11225aff8c6172ad3fe75e3d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:51:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47197
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Mar 2023 19:51:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7875 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 214780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/68423b67/www-embed-player.vflset/ Frame 7875 279 KB
86 KB 100ms
80ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1453f4ceda170aa829f048c29a1a136992686d1b725143ce85e12080c9077993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88059
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Mar 2023 19:34:08 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/ Frame 7875 2 MB
525 KB 101ms
81ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6897856b6726e9bff94d828c84587dcacfab7b93825519dc2ca83f3eb66f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537227
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 15:52:34 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/68423b67/fetch-polyfill.vflset/ Frame 7875 9 KB
3 KB 115ms
96ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 15:52:34 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
474 B 171ms
171ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.1&t=1648162665096&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Apaypal-credit-signin&page=main%3Amktg%3Apersonal%3A%3Apaypal-credit-signin%3A%3A%3A&pgst=Unknown&calc=f3742842f2ca7&nsid=Nf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=ece5cb4c44464fc9a96a0ca039c0c491&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=paypal-credit-signin.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&imsrc=setup&view=%7B%22t10%22%3A28%2C%22t11%22%3A2737%2C%22tcp%22%3A2093%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A118%7D&pt=PayPal%20Credit%20%7C%20Sign%20In%20%7C%20PayPal%20US&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=28&t1c=28&t1d=12&t1s=10&t2=469&t3=133&t4d=0&t4=0&t4e=2&tt=2619&rdc=0&protocol=h2&cdn=fastly&res=%7B%7D&rtt=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 34697743b388e
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4026-HHN
pragma: no-cache
x-timer: S1648162665.099932,VS0,VE164
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 22:57:45 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame E4EC 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d727470c639fcb9429b62b8d6c401928835a6a12e1f38970e2ee755167895c21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=o2a97omhwe0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 22:57:45 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/enterprise/ Frame E4EC 32 KB
18 KB 76ms
75ms XHR
application/json 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7b44bb28412711b5378a02d166ae091fd95846a2977e0c2dd5acabdb350d12d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=o2a97omhwe0a
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18825
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 22:57:45 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 138ms
47ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 24 Mar 2022 22:57:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7875 45 KB
22 KB 102ms
54ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b588cc457771a1cf37ffc96b941a9c5d8d9fb5766543b19fd65daf645d8d4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 22321
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/ Frame 7875 119 KB
37 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16252b946b34dc90d449ef5d03bc17b952d414cda9d2bfd7802964d6f8dfac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37765
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 15:52:34 GMT

GET
H2 200 6DaYdOXAdwmgg6FJcBqdwZb70lAeczGVRj9CVm3u42k.js Show response
www.google.com/js/th/ Frame 7875 35 KB
14 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/6DaYdOXAdwmgg6FJcBqdwZb70lAeczGVRj9CVm3u42k.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8369874e5c07709a083a149701a9dc196fbd2501e733195463f42566deee369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 05:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13772
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 05:07:24 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/ Frame 7875 27 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a32cfb200ea2ef856859db28bd0ce03e6f14460a7fc1bc3bff8a92972a4e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8145
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 00:17:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 15:52:34 GMT

GET
DATA 200
OK truncated
/ Frame 7875 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7ZDhNjDoNEsFLEVNncnMfXdK_IdmMCWNcmkaPdBMZqfNV-sSmcaEeBQy1ZjFMNpFDU40et7N=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7875 2 KB
2 KB 127ms
39ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/7ZDhNjDoNEsFLEVNncnMfXdK_IdmMCWNcmkaPdBMZqfNV-sSmcaEeBQy1ZjFMNpFDU40et7N=s68-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e7ad99217c206bfa9b0935ced8265f85889e34e75d64d148fa08e275bb6fd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:53:01 GMT
x-content-type-options: nosniff
age: 284
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1716
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:18:56 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Fpz-zKyF7F4/ Frame 7875 6 KB
7 KB 136ms
50ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Fpz-zKyF7F4/sddefault.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a6309045a0049fe0cc8147c3981fcb6507aaa2ffb8f58b4653d5b816c65ceeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6626
x-xss-protection: 0
server: sffe
etag: "1536174737"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Mar 2022 00:57:45 GMT

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 247ms
247ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-fH1pQuD81Wu9FzA37fRL+F+thGd7yMmMZY14vaEZZemI7IcP' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
x-requested-with: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-fH1pQuD81Wu9FzA37fRL+F+thGd7yMmMZY14vaEZZemI7IcP' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f921059f85e86
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4046-HHN
x-timer: S1648162666.531905,VS0,VE240
date: Thu, 24 Mar 2022 22:57:45 GMT
vary: accept-encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7875 4 KB
2 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 22:57:45 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 7875 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?RBiWCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame 7875 53 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 13:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 25 Mar 2022 13:49:16 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7875 98 B
141 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

762842a96e80a5a586c6b26b605311ea5cd328efe5424dc0ce17cb40a82d50e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 24 Mar 2022 22:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 51ms
51ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 24 Mar 2022 22:57:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ts
t.paypal.com/ 42 B
473 B 169ms
169ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.6.1&t=1648162666096&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Apaypal-credit-signin&page=main%3Amktg%3Apersonal%3A%3Apaypal-credit-signin%3A%3A%3A&pgst=Unknown&calc=f3742842f2ca7&nsid=Nf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=ece5cb4c44464fc9a96a0ca039c0c491&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=104449&xt=119299&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=171&t3=1&tt=172&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A0%2C%22t11%22%3A172%2C%22nt%22%3A%22res%22%7D&e=pf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/us/webapps/mpp/paypal-credit-signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 22:57:46 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f4ee28c2949e4
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4026-HHN
pragma: no-cache
x-timer: S1648162666.100547,VS0,VE163
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 22:57:46 GMT

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 7875 28 B
54 B 52ms
52ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/68423b67/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/Fpz-zKyF7F4?autoplay=0&rel=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1&mute=1
X-YouTube-Client-Version: 1.20220322.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtYTkdPaXZRM2N0ayjo7vORBg%3D%3D
X-YouTube-Ad-Signals: dt=1648162665289&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C516%2C290&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 24 Mar 2022 22:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 24 Mar 2022 22:57:47 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 06:08:34	Name: _GRECAPTCHA Value: 09AFskoQ2koQ9ycOoMLYDSfGESlwfsNrhwYqhSjTfYDDgLLrexZOkrvq9OBp2UHc5MoDvJXI_EsAPHLmWfJctLyPs
.paypal.com/	1970-01-20 10:34:58	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-23 17:29:41	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 01:49:54	Name: LANG Value: en_US%3BUS
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3ANf1RZaj5VM_PZDkJuNWqEwFOWuTGPJsh.RGKIbG4%2FARn3hlVxRITQ5GSOPaB77lsGx310%2BYwk7yg
.paypal.com/	1970-01-21 04:07:37	Name: ts_c Value: vr%3Dbe266ccf17f0ad048a9bf1a6ffd9a690%26vt%3Dbe266ccf17f0ad048a9bf1a6ffd9a68f
.paypal.com/	1970-01-20 01:49:24	Name: l7_az Value: dcg02.phx
.paypal.com/	1970-01-20 10:34:58	Name: cookie_prefs Value: P%3D1%2CF%3D1%2Ctype%3Dimplicit
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0ODE2MjY2NTY4NiIsImwiOiIxIiwibSI6IjAifQ
.paypal.com/	1970-01-20 01:53:41	Name: tsrce Value: authchallengenodeweb
.paypal.com/	1970-01-21 04:07:37	Name: ts Value: vreXpYrS%3D1742857066%26vteXpYrS%3D1648164466%26vr%3Dbe266ccf17f0ad048a9bf1a6ffd9a690%26vt%3Dbe266ccf17f0ad048a9bf1a6ffd9a68f%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://.qualtrics.com https://.paypal-mktg.com; script-src 'nonce-VpmuSo2mF3KS1qd3V8F9DCZTVHyMMGvM3iw/ZQ2fCkCqcX1A' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.qualtrics.com https://paypal.us-4.evergage.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://secure.opinionlab.com https://.paypal-mktg.com https://.paypal-corp.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
i.ytimg.com
jnn-pa.googleapis.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalcredit.com
www.paypalobjects.com
www.recaptcha.net
www.youtube-nocookie.com
yt3.ggpht.com
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.17.208.240
151.101.1.35
151.101.65.21
192.229.221.25
208.76.140.155
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2016
0a6309045a0049fe0cc8147c3981fcb6507aaa2ffb8f58b4653d5b816c65ceeb
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
116eddadb32407d7860966e655025bc5a2ee29a4feb3231050a1e021e61f5e96
13ce9c6c3658195d25d240ae1a5b1ef458631a11225aff8c6172ad3fe75e3d09
1453f4ceda170aa829f048c29a1a136992686d1b725143ce85e12080c9077993
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
15b849fd2b562a8585765fb0ca2ccad7394607fca13499b5c6ca81e05a5d4232
1dfa365404f02cbb0052c3e2bff986030d0190473dac781d0c1f678b02363756
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
28a32cfb200ea2ef856859db28bd0ce03e6f14460a7fc1bc3bff8a92972a4e9f
324258a2d3543c3226021c57b713ead7ce0bcef890dc973974154c8dc576f08d
337b34f91b622a538904b8647f810ea42e5f0a7b76af261229774bcddc16df2e
35919af9203324e616c645bc8d0694e505556660b1d35d35c10db8180f44edc9
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a65d5276c8d1b2c5f16f1a833a45e0a4882516f806938c340b6a93fb7a25bf
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
65b26938eee9d08c28014e806f8f5c401c4249dcfd2c64cd4eec873e92b93100
67578f4b5cfb599322e7f3a22119782222cb96915f3bc7745ba6b0e9e0bcc575
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
762842a96e80a5a586c6b26b605311ea5cd328efe5424dc0ce17cb40a82d50e0
812ea4db1f05aef7471a5ffd123fe8fbee2d064d6233709a49da0aecfba50aa4
899f393525ca9f1cf5b0bdfe64aace116a74a23868ebbd9237390673f8037235
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
8d0efcbe295fe47b7bec8ed85ffe1fbadff6d878691f7e5cb5c753f35136a995
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9b588cc457771a1cf37ffc96b941a9c5d8d9fb5766543b19fd65daf645d8d4e3
9d6897856b6726e9bff94d828c84587dcacfab7b93825519dc2ca83f3eb66f70
9e7ad99217c206bfa9b0935ced8265f85889e34e75d64d148fa08e275bb6fd39
9f9d352239444109612f7aa33d72204c6f005d744043c2d3d571d658f0c4df6e
9ff1beb59b35f78865af9c15dfca83306870e05aafad47accf74f2c750aef8a2
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
afcf87dd397928dd8615c513df903c0df3945167d61b31104cc308e1efe5a176
b04b7ec3ac99dd6e2290cae470fb622c4def4cfe565d58d405f7ea43274d5dd2
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b6a099854aaa744abfd9fcf83d4a0aa6607d0c7c15ce487b66098be03d4b3046
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
bd0e4c1ac98eaf902508404b08004557241c5252a0a02c33d89dac8879931d0a
c856574dfeaa824fad939e38f7d06a76160e2d204721948303d8455efd37c3bb
ca6b197d5a18dc0edfadd3cbd8157d3fdf056925e19edaa419c152059c32ed1b
ca8dc0fc0284b104249a48278888280106296684dcbac174c592af7f4a20348b
d18518059b08d468faf44fd9f9fbaedc1280066ef66b5f575eb96c470c19f33a
d571e48dd85ed1670b5a326d862a103273657ce5fe2a4b1d1bb921fcbddc51ee
d727470c639fcb9429b62b8d6c401928835a6a12e1f38970e2ee755167895c21
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d48ec4b24c289ae0f1ca94c5fb62720f5529a1cedb6279b9623e5b4ea2dd0c
e543ced70662ba813ff315aec5fb6df17637977970abdb73f58b6dfe5b74a0af
e761a178fd6dd117371dd9b09aacbf802985c65304c8c30ed69d3dc279941384
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
e8369874e5c07709a083a149701a9dc196fbd2501e733195463f42566deee369
e9cb41ae47c707079889a1916a6f1534f484432e4d709088dcb34f8f8b71eca3
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622
ea8eb9461cbd14a2eefc5a656dd694d4ee972853a924bf16699bd552750c92db
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eee85ae6d25355ddf8e726bb0e6a08c9a08a926ad19d3ba9f053202b1ef3437c
f16252b946b34dc90d449ef5d03bc17b952d414cda9d2bfd7802964d6f8dfac9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7b44bb28412711b5378a02d166ae091fd95846a2977e0c2dd5acabdb350d12d
fef302fc57b5c467555125f18dd619642e90158f2d526b459a05a247be04ba46

www.paypal.com Open in urlscan Pro 151.101.65.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

58 %IPv6

11 Domains

13 Subdomains

12 IPs

3 Countries

2210 kBTransfer

5954 kBSize

11 Cookies

10 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.65.21 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

2210 kB
Transfer

5954 kB
Size

11
Cookies

70 HTTP transactions
1 data transactions