urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
192.229.221.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.paypal.com/
Effective URL: https://www.paypal.com/uk/home
Submission: On November 20 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 58 HTTP transactions. The main IP is 192.229.221.25, located in United States and belongs to EDGECAST, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3003.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 13th 2024. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 50 192.229.221.25 15133 (EDGECAST)
3 2600:1901:0:c... 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
3 151.101.3.1 54113 (FASTLY)
1 1 151.101.67.1 54113 (FASTLY)
58 6
50    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
www.paypalobjects.com
3    2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
browser-intake-us5-datadoghq.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
3    151.101.3.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    151.101.67.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
paypalobjects.com
Apex Domain
Subdomains		 Transfer
42 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
paypalobjects.com — Cisco Umbrella Rank: 2786
944 KB
12 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3003
t.paypal.com — Cisco Umbrella Rank: 3701
61 KB
3 browser-intake-us5-datadoghq.com
browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6900
615 B
2 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1188
2 KB
1 gstatic.com
www.gstatic.com
215 KB
58 5
Domain Requested by
41 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
9 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
3 t.paypal.com
3 browser-intake-us5-datadoghq.com www.paypalobjects.com
2 www.recaptcha.net www.paypal.com
www.gstatic.com
1 paypalobjects.com 1 redirects
1 www.gstatic.com www.recaptcha.net
58 7
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-13 -
2025-06-12		 a year crt.sh
*.browser-intake-us5-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-28 -
2025-07-02		 a year crt.sh
misc.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/uk/home
Frame ID: B533E901A969FF0DBFD72C1AF02D1856
Requests: 55 HTTP requests in this frame

Frame: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: D2A76644A7AA8D6C88CF4DBF72349BAA
Requests: 3 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en-GB&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=ftetzmhacrm7
Frame ID: 910EC56F4DC7371D314CCBC0CD9F188E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPal Account | Mobile Wallet and More | PayPal UK

Page URL History Show full URLs

  1. http://www.paypal.com/ HTTP 307
    https://www.paypal.com/ HTTP 302
    https://www.paypal.com/uk/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

58
Requests

98 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1222 kB
Transfer

4571 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.paypal.com/ HTTP 307
    https://www.paypal.com/ HTTP 302
    https://www.paypal.com/uk/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg HTTP 301
  • https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
www.paypal.com/uk/
Redirect Chain
  • http://www.paypal.com/
  • https://www.paypal.com/
  • https://www.paypal.com/uk/home
155 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3594) /
Resource Hash
c3282b512f13002b5ac0ed6968af74a48db30263a9d9dcadcb04c187d73a747b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-+9/KsbnOUp9fAncLAI0EYdeXXyHHr6eQUR2fhkP4WbBE3HlO' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-+9/KsbnOUp9fAncLAI0EYdeXXyHHr6eQUR2fhkP4WbBE3HlO' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 20 Nov 2024 16:53:46 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"26cbd-T149llJRXVO+bq04lBjWQUvFJNM"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0468130351999
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (lhd/3594)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000468130351999-64b357982d9917a1-01
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Wed, 20 Nov 2024 16:53:45 GMT
location
https://www.paypal.com/uk/home
server
ECAcc (lhd/35F1)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3597) /
Resource Hash
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
12e4091c01e73
content-encoding
br
etag
W/"6697f682-5a55"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000012e4091c01e73-51d8654737e0dd92-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/javascript
last-modified
Wed, 17 Jul 2024 16:51:14 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
6477
server
ECAcc (lhd/3597)
helpers-a2443dbd.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		459 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/helpers-a2443dbd.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3588) /
Resource Hash
a2443dbda57da1a2a5d2d6e79092945749491414a7482ef08422e6272ff7c818
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
0ae3b5093e1cd
content-encoding
br
etag
W/"6733f500-72aae"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000000ae3b5093e1cd-7e419c61c9459852-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 00:38:24 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
43968
server
ECAcc (lhd/3588)
MerchantHero-ca497bc6.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/MerchantHero-ca497bc6.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35FC) /
Resource Hash
ca497bc6c3a16112b767574aab5687f1b013450a5ea4a46cbd6b4e47e75b3ba1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
84b51b9f8dbcd
content-encoding
br
etag
"6733f500-7a7f"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000084b51b9f8dbcd-cd7d59d3e851df24-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 00:38:24 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
3363
server
ECAcc (lhd/35FC)
core-64559002.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		2 MB
421 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DA) /
Resource Hash
41a15d72cb3c49750d6cdd87afc88e9302bfdc22b1a3700d495b36522bb3669d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
5e5bcf5760b42
content-encoding
br
etag
W/"673b8e35-181413"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000005e5bcf5760b42-cebe5ef346111925-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
430590
server
ECAcc (lhd/35DA)
datadog-b1cfe729.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		163 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/datadog-b1cfe729.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35F6) /
Resource Hash
47ee8c5b1970e91c96d87a5641d28cb8b555355c542b5653d6f3b080967978de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
2b5248afa3273
content-encoding
br
etag
"673b8e35-28a5a"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000002b5248afa3273-832ffe9c5a4b9bb3-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
53394
server
ECAcc (lhd/35F6)
SupremeLLTestSubWeb-Bold.woff2
www.paypalobjects.com/marketing/pp-com-components/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Bold.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A2) /
Resource Hash
9dd8529a0fd46899783e60563354cb0a7ed3bc23839dffc5f06d69c41eeeb34f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
7a8decd35be91
etag
"66a3cfaf-6d55"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000007a8decd35be91-c5340efc3486d3c1-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/font-woff2
last-modified
Fri, 26 Jul 2024 16:32:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
27989
server
ECAcc (lhd/35A2)
SupremeLLTestSubWeb-Book.woff2
www.paypalobjects.com/marketing/pp-com-components/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Book.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D6) /
Resource Hash
9fdb7945644347fea38ad5ca1caf8a3406615084fe4c8aba411b76e616c2dfcc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
12f7e3da63f51
etag
"66a3cfaf-6edb"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000012f7e3da63f51-9b6e2fe05ee292f3-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/font-woff2
last-modified
Fri, 26 Jul 2024 16:32:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
28379
server
ECAcc (lhd/35D6)
SupremeLLTestSubWeb-Black.woff2
www.paypalobjects.com/marketing/pp-com-components/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Black.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3591) /
Resource Hash
ec2dea9171a5b98be8693f5722aacb65aa1ffbc24416dc7446549d23f8dc4f40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
283f571116b3f
etag
"66a3cfaf-67bf"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000283f571116b3f-44fb2949678c270e-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/font-woff2
last-modified
Fri, 26 Jul 2024 16:32:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
26559
server
ECAcc (lhd/3591)
main-f4a6edf8.css
www.paypalobjects.com/globalnav/css/ 		329 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/globalnav/css/main-f4a6edf8.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DA) /
Resource Hash
f4a6edf8c5cdcfa5bcd56e8cdba5f39cb9795263168e05e7bb7bf58f169fd768
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
78c4f48d49ed4
content-encoding
br
etag
W/"673604f7-525fc"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000078c4f48d49ed4-c2582500dfb8cd2d-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 14:11:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
19835
server
ECAcc (lhd/35DA)
main-6bedacaf.js
www.paypalobjects.com/globalnav/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/globalnav/js/main-6bedacaf.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370D) /
Resource Hash
52076183ab4e47879c35639033f376d43abbf039c28d65ade0c28a465325c64a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
fe78dec74dff5
content-encoding
br
etag
W/"673604f7-15378"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000fe78dec74dff5-b887630a8d473331-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 14:11:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
30217
server
ECAcc (lhd/370D)
brand-moment-01_size-all.jpg
www.paypalobjects.com/marketing/web23/uk/en/ppe/homepage-consumer/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/marketing/web23/uk/en/ppe/homepage-consumer/brand-moment-01_size-all.jpg?quality=75&width=1800&format=webp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
3f45a55b28de61f678123111ff9a1acd10ae0160457437aa3d23d6fb6f8775e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
c09177b67b908
etag
"672c5165-51102"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000c09177b67b908-132e3e973ba287a1-01
x-edgeio-status
OK
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
image/webp
last-modified
Thu, 07 Nov 2024 05:34:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges
bytes
content-length
117576
server
ECAcc (lhd/35E6)
LayeredCardSection-2ad71ddd.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		3 KB
948 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/LayeredCardSection-2ad71ddd.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E9) /
Resource Hash
2ad71ddd5a48b8b9a21fb717a2576ebf3765db5ac8266d0cb5ccda0e27292b59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
d531f8dcddf4e
content-encoding
br
etag
"673d6ace-cc7"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000d531f8dcddf4e-8481344ea8415bc9-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 04:51:26 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
801
server
ECAcc (lhd/35E9)
StackSectionType-2ed311e8.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/StackSectionType-2ed311e8.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370D) /
Resource Hash
2ed311e874b9d0873c9c7d2c17181b2f06770583e4492181f192adf886902d4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
bd0f337e9c998
content-encoding
br
etag
W/"673d6acf-1e5d"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000bd0f337e9c998-15be4a293a9ec147-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 04:51:27 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
1194
server
ECAcc (lhd/370D)
ProductScrollSection-09bb7b12.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/ProductScrollSection-09bb7b12.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A1) /
Resource Hash
09bb7b12ac292f20244450f57a5a981e7dabe2f9b36e895c884475dcc7ae0550
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
19787e22784af
content-encoding
br
etag
"673d6acf-5255"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000019787e22784af-09f4f81dd5e0e1df-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 04:51:27 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
2898
server
ECAcc (lhd/35A1)
StickyQrBadge-b180b51f.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/StickyQrBadge-b180b51f.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370C) /
Resource Hash
b180b51f4ecc922777b7888d45e4968fa54e3d425b129b687a7096be03fbf463
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
47318eb2f34e1
content-encoding
br
etag
"673d6acf-3e6a"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-000000000000000000047318eb2f34e1-5d92cb2d13f1e678-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 04:51:27 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
2417
server
ECAcc (lhd/370C)
CtaSection-eeefabf6.css
www.paypalobjects.com/marketing/pp-com-components/component-chunks/ 		1 KB
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CtaSection-eeefabf6.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370E) /
Resource Hash
eeefabf6cbf7a6d48acb0b6a986486efd0902201fa22562790538ae500c012c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
bdf6090dd091b
content-encoding
br
etag
"673d6ace-549"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-0000000000000000000bdf6090dd091b-05bc1134bd0ae7e4-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 04:51:26 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
382
server
ECAcc (lhd/370E)
ncs.js
www.paypalobjects.com/ncs/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ncs/ncs.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D5) /
Resource Hash
69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
0a2837831492f
content-encoding
br
etag
"67378b7b-3b53"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000000a2837831492f-f92d689a8cb21e55-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 17:57:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
3620
server
ECAcc (lhd/35D5)
recaptchav3.js
www.paypal.com/auth/createchallenge/ae87df2f94a9f6ed/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/ae87df2f94a9f6ed/recaptchav3.js?_sessionID=PfcLZX88bi8TS3n6A3A7UyhnOkNSCVmJ
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35F0) /
Resource Hash
9bb61385c12f375a61f4e1152f1301df68ac76e789f9d36cceb1b5a37b086d14
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-p4LzeyaBtmuzbL0UVicRc5uZmDNpijh0jMk29eHyDDIrDaeo' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/uk/home

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
01545b6890991
content-encoding
gzip
etag
W/"2bd8-84AOkP0dA/bopqLceodcT8Ay0YY"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-000000000000000000001545b6890991-7c3fa41366b8509d-01
server-timing
traceparent;desc="00-000000000000000000001545b6890991-ab550946cdef832a-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-p4LzeyaBtmuzbL0UVicRc5uZmDNpijh0jMk29eHyDDIrDaeo' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-xss-protection
1; mode=block
server
ECAcc (lhd/35F0)
paypal-mark-color_new.svg
www.paypalobjects.com/marketing/web/logos/ 		709 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/marketing/web/logos/paypal-mark-color_new.svg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35FA) /
Resource Hash
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
7c04b45b2851c
content-encoding
br
etag
W/"66c45167-2c5"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:46 GMT
traceparent
00-00000000000000000007c04b45b2851c-333aac54c48883e5-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:46 GMT
content-type
image/svg+xml
last-modified
Tue, 20 Aug 2024 08:18:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
422
server
ECAcc (lhd/35FA)
truncated
/ 		485 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d457f0f8d9a3489b4540e82385096408e0f3da9106e13dee779460726ccdfb5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
grcenterprise_v3.html
www.paypal.com/auth/recaptcha/ Frame D2A7 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/ae87df2f94a9f6ed/recaptchav3.js?_sessionID=PfcLZX88bi8TS3n6A3A7UyhnOkNSCVmJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35B9) /
Resource Hash
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.paypal.com/uk/home
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 16:53:47 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"15c2-193241934e0"
last-modified
Wed, 13 Nov 2024 05:57:32 GMT
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
08b2149505211
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (lhd/35B9)
server-timing
traceparent;desc="00-000000000000000000008b2149505211-e407eb183ad3852f-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000008b2149505211-faabb969df340e2d-01
vary
Accept-Encoding Accept-Encoding
mapping.js
www.paypalobjects.com/ncs/paypal/ 		283 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ncs/paypal/mapping.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3597) /
Resource Hash
9c986b81d2fb17a9948c52596451d20d7b110dc1d05d26713b000400ac12c868
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
ca6bbed85dbae
content-encoding
br
etag
W/"63dd70ed-11b"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-0000000000000000000ca6bbed85dbae-73e19808181fdf8b-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Fri, 03 Feb 2023 20:39:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
content-length
124
server
ECAcc (lhd/3597)
getBanner
www.paypal.com/myaccount/privacy/cookieprefs/ 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=GB&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=paypal&tenantData={}
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35CC) /
Resource Hash
e18b918b22fa4b66032c511cd184fb725736603b4e42984c59aa2a5c1746cbb5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xMr6k3dQYdCG9xqAK9EvEbF0+2o1XeaRSNBczvvkvZp98cAW' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.paypal.com/uk/home
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
0451100655673
content-encoding
gzip
etag
W/"5710-VmzCuGNNrbCMIHT5pWdrCGBZMNk"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-00000000000000000000451100655673-1857256015cacad6-01
server-timing
traceparent;desc="00-00000000000000000000451100655673-ff18c6c5bd51f9f6-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xMr6k3dQYdCG9xqAK9EvEbF0+2o1XeaRSNBczvvkvZp98cAW' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin
https://www.paypal.com
x-xss-protection
1; mode=block
server
ECAcc (lhd/35CC)
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=9ce8baeb-e926-4fa1-8df4-8ca7427bd546&batch_time=1732121627626
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
38a2bc2ac93852a783ad22a0627ab657f7c18d906145059fe3a276703231fe48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/json
dd-request-id
9ce8baeb-e926-4fa1-8df4-8ca7427bd546
HomepageHeroRebrand-b7f1c195.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		176 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/HomepageHeroRebrand-b7f1c195.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35C2) /
Resource Hash
f66a5a93462bd6adb6ce57a640893a194ba89fc6801bd57945874f04af6973cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
76bdf5f8dbf40
content-encoding
br
etag
W/"673b8e35-b0"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-000000000000000000076bdf5f8dbf40-bf00fa6d602d899a-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
126
server
ECAcc (lhd/35C2)
MerchantHero-0a62eb9c-4cbea53e.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/MerchantHero-0a62eb9c-4cbea53e.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A2) /
Resource Hash
e37a9b936d1ac9e4eb720dcd7d2d78d1ca9e6c66cd47dc427394dad3eb44c31c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
c69c681ef4593
content-encoding
br
etag
W/"673b8e35-5dba"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-0000000000000000000c69c681ef4593-50daea8fdf88b747-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
6602
server
ECAcc (lhd/35A2)
BrandMomentSection-db1d4fb2.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/BrandMomentSection-db1d4fb2.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
52a1894472e7aae51446ed3ebd437fbbd23b22919d8756844716f5ecc0d730b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
04838da7cf126
content-encoding
br
etag
W/"673b8e35-1018"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-000000000000000000004838da7cf126-d235f6fcb0f93627-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
1571
server
ECAcc (lhd/35E6)
SplitSectionType-7e65ff86.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		91 B
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/SplitSectionType-7e65ff86.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D6) /
Resource Hash
1f7929ead3f4324d1fda7a49b981d20904354a9bf503922e7e1a142b9e7af32e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
05d87977878cf
content-encoding
br
etag
W/"673b8e35-5b"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-000000000000000000005d87977878cf-0fcd8816b3b1320a-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
79
server
ECAcc (lhd/35D6)
LayeredCardSection-f39bd012.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/LayeredCardSection-f39bd012.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3594) /
Resource Hash
b7688b9807580830b45b5487759a85816c0320aef5fa379e36df645e6d83eb80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
2d56892a03e79
content-encoding
br
etag
W/"673b8e35-e98"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000002d56892a03e79-b0deb2d1b0b484fa-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
1415
server
ECAcc (lhd/3594)
StackSectionType-9caa84a8.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/StackSectionType-9caa84a8.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A9) /
Resource Hash
5eab116fb97cb5a87b0ecc625821c72fa491328a8d47f3f79cd4ba456fa56f29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
1f60d24f12b11
content-encoding
br
etag
W/"673b8e35-27c2"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000001f60d24f12b11-8a5b04dc10b81625-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
3407
server
ECAcc (lhd/35A9)
TextSectionType-3d3a57bb.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		91 B
204 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/TextSectionType-3d3a57bb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/358B) /
Resource Hash
0ac5dd85e8249063a6716536f6e403badc8be48812ce9536385955b9ec087f5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
86fb25843d2ab
content-encoding
br
etag
W/"673b8e35-5b"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-000000000000000000086fb25843d2ab-05a0ff7d42dc950b-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
79
server
ECAcc (lhd/358B)
ProductScrollType-e58b1cca.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		143 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/ProductScrollType-e58b1cca.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3599) /
Resource Hash
d152f33a7425030be30babdcf13c3cb03f39eee9fee710eb659ab9db7fa07060
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
bafe7b35563d8
content-encoding
br
etag
W/"673b8e35-8f"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-0000000000000000000bafe7b35563d8-31856807863d9ddc-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
108
server
ECAcc (lhd/3599)
ProductScrollSection-26cecf0d-b4a61e44.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/ProductScrollSection-26cecf0d-b4a61e44.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35EE) /
Resource Hash
2dfcd53be17a390cfac0b76f24f3c163d88dc9124703abc636ec0848064ac4dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
5617fb88bb460
content-encoding
br
etag
W/"673b8e35-461a"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000005617fb88bb460-acfcc48f595fc080-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
5584
server
ECAcc (lhd/35EE)
enterprise.js
www.recaptcha.net/recaptcha/ Frame D2A7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en-GB
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1217e303928a5ecc75c9c4ee8967a642e3fe39cdedfbdd062fc9b83548df8602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 16:53:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 20 Nov 2024 16:53:47 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
StickyQRBadge-fea1f991.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/StickyQRBadge-fea1f991.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3595) /
Resource Hash
8273a7452ff72c474ceda47b54740f176bdb47c3df18b01d0eea9713f4144417
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
4aff9d2490528
content-encoding
br
etag
W/"673b8e35-395f"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000004aff9d2490528-168620b8f36a8834-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
4374
server
ECAcc (lhd/3595)
CtaClosingRebrand-a0b06056.js
www.paypalobjects.com/ppcmsnodeweb/core/ 		2 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ppcmsnodeweb/core/CtaClosingRebrand-a0b06056.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A1) /
Resource Hash
2f1a7debbea84c4749bfcc05487cf9670275b2b2a1473e34076f850b4643b6ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer

Response headers

paypal-debug-id
a8ce2ac2bdd89
content-encoding
br
etag
W/"673b8e35-932"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-0000000000000000000a8ce2ac2bdd89-5581a99d77388e05-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 18:57:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
773
server
ECAcc (lhd/35A1)
pp32.png
www.paypalobjects.com/webstatic/icon/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/icon/pp32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
5ae2365ab9abc
etag
"53611ccb-f84"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000005ae2365ab9abc-1077fffe2bf09aa0-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
image/png
last-modified
Wed, 30 Apr 2014 15:54:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges
bytes
access-control-allow-origin
*
content-length
3972
server
ECAcc (lhd/35E6)
pa.js
www.paypalobjects.com/pa/js/min/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DA) /
Resource Hash
c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
7249bbda7d1c9
content-encoding
br
etag
"6735ac2d-11212"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000007249bbda7d1c9-2a06b23858c6626f-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 07:52:13 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
24676
server
ECAcc (lhd/35DA)
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=294ffbf7-c7d3-4bb7-b130-8cdbe9f293a2&batch_time=1732121627908
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
5d2bd7e5eca5f9991d30d65bc844a0f6b7a981aa7b0b76495bac393c8ac1ff6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/json
dd-request-id
294ffbf7-c7d3-4bb7-b130-8cdbe9f293a2
PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35C7) /
Resource Hash
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
2858ca05c8169
etag
"6298f2c0-6b41"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-00000000000000000002858ca05c8169-b7413bd45baeefd3-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
application/font-woff2
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
27457
server
ECAcc (lhd/35C7)
favicon.ico
www.paypalobjects.com/webstatic/icon/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/icon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35F1) /
Resource Hash
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
a37fd956e7dae
content-encoding
br
etag
W/"5362bc15-1536"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:47 GMT
traceparent
00-0000000000000000000a37fd956e7dae-fbed33c55bb1da96-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:47 GMT
content-type
image/x-icon
last-modified
Thu, 01 May 2014 21:26:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
1471
server
ECAcc (lhd/35F1)
mktgtagmanager.js
www.paypalobjects.com/martech/tm/paypal/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D1) /
Resource Hash
efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
43977cf5beaba
content-encoding
br
etag
W/"67042d91-3eb4"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:48 GMT
traceparent
00-000000000000000000043977cf5beaba-bf7373f9bbb8911f-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/javascript
last-modified
Mon, 07 Oct 2024 18:50:57 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
6260
server
ECAcc (lhd/35D1)
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E2) /
Resource Hash
2383f109c70bb6a1ef525d5d33e5f9332b105d7c622cd93608677e96631dc17c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
6f18304bd1722
content-encoding
br
etag
"6735ac2d-3ac5"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:48 GMT
traceparent
00-00000000000000000006f18304bd1722-d3cb63dbc1462cca-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 07:52:13 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
4124
server
ECAcc (lhd/35E2)
open-chat.js
www.paypalobjects.com/helpcenter/smartchat/sales/v1/ 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/uk/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D0) /
Resource Hash
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
98a4489f27b6d
content-encoding
br
etag
W/"60271b1c-5bf"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:48 GMT
traceparent
00-000000000000000000098a4489f27b6d-12fc5e23716add0c-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/javascript
last-modified
Sat, 13 Feb 2021 00:19:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
712
server
ECAcc (lhd/35D0)
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ Frame D2A7 		546 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en_gb.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en-GB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cba5d985702b33373ed7eb3afd52f3f3dd0b3c0ef653b987bfc820e6c534a199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

content-encoding
gzip
age
167755
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 18:17:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 18:17:53 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220403
x-xss-protection
0
server
sffe
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:personal:homepage:home-uncookied-consumer:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/uk/home
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E2) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Y5lr/7WX2VyJf/7FOSqMH06DUt2h9oZtVHf7WywGKGVdlsdd' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/uk/home
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
01a37b09a2a08
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-000000000000000000001a37b09a2a08-9ec16b3a60dbb3e9-01
server-timing
traceparent;desc="00-000000000000000000001a37b09a2a08-ab244f1421f021d2-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Y5lr/7WX2VyJf/7FOSqMH06DUt2h9oZtVHf7WywGKGVdlsdd' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin
https://www.paypal.com
content-length
2
x-xss-protection
1; mode=block
server
ECAcc (lhd/35E2)
ts
t.paypal.com/ 		42 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.9.5&t=1732121628178&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&pgst=1732121625849&calc=0468130351999&nsid=Iyd1l4yUsfqGRbybbwyhF7hQIqVu1w6t&rsta=en_GB&pgtf=Nodejs&env=live&s=ci&ccpg=GB&csci=724227e8fc164ce39316341ecda9b4b6&comp=ppcmsnodeweb&tsrce=ppcmsnodeweb&cu=0&xe=105410%2C105409%2C109679%2C109059%2C104405%2C104407&xt=123956%2C123954%2C146708%2C143369%2C120151%2C119038&pp_ref_id=b81fc937-3ce3-473d-96ee-d3f253d133aa&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_homepage&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=ppcom&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&api_name=cookieBanner&displaypage=main%3Amktg%3Apersonal%3Ahomepage%3Ahome-uncookied-consumer&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=gdprv21_v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&event_name=cookie_banner_shown&product=cookieBanner&e=ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/uk/home

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
217b78e941d91
correlation-id
217b78e941d91
expires
Wed, 20 Nov 2024 16:53:48 GMT
traceparent
00-0000000000000000000217b78e941d91-45f733820b4717d8-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000217b78e941d91-98309dfe30380bbf-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
image/gif
x-served-by
cache-lhr-egll1980057-LHR
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732121628.422102,VS0,VE161
via
1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/ 		42 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.9.5&t=1732121628393&g=0&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome-uncookied-consumer&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome-uncookied-consumer%3A%3A%3A&calc=0468130351999&rsta=en_GB&ccpg=gb&csci=724227e8fc164ce39316341ecda9b4b6&comp=ppcmsnodeweb&xe=110574%2C110460%2C110461%2C107911%2C109112%2C109922&xt=151783%2C150921%2C150925%2C137196%2C143574%2C151032&lgin=out&lgcook=0&server=origin&pageurl=%2Fhome&fcp=1751.900&fcp_attr=%7B%22timeToFirstByte%22%3A%22801.900%22%2C%22firstByteToFCP%22%3A%22950.000%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%221751.900%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22good%22%7D&ttfb=801.900&ttfb_attr=%7B%22connectionTime%22%3A%221.500%22%2C%22dnsTime%22%3A0%2C%22requestTime%22%3A%22541.500%22%2C%22waitingTime%22%3A%22258.900%22%2C%22rating%22%3A%22needs-improvement%22%7D&e=cwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/uk/home

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
c6c4b620f07fe
correlation-id
c6c4b620f07fe
expires
Wed, 20 Nov 2024 16:53:48 GMT
traceparent
00-0000000000000000000c6c4b620f07fe-694bd6849121170c-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000c6c4b620f07fe-5686005a0d550ca3-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
image/gif
x-served-by
cache-lhr-egll1980057-LHR
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732121628.421887,VS0,VE137
via
1.1 varnish
accept-ranges
bytes
mktconf.js
www.paypalobjects.com/martech/tm/paypal/ 		569 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/martech/tm/paypal/mktconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3586) /
Resource Hash
d69e1263e3c76366da84f3e93739c8c222260b7e13be930c1d479c841cda5e13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paypal.com
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
5a5b15fcc5fdc
content-encoding
br
etag
W/"673b68e7-8e2a9"
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:48 GMT
traceparent
00-00000000000000000005a5b15fcc5fdc-4fc7c3425c896b48-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 16:18:47 GMT
vary
Accept-Encoding
access-control-allow-headers
x-csrf-token
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
32381
server
ECAcc (lhd/3586)
eligibility
www.paypal.com/smartchat/open/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/uk/home
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3587) /
Resource Hash
a87d1fcc90810a9f87936ebdb51d2993998d9fad7f24e4f41a294e2c6b68cb44
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-rXCDGD6k3VqVEUY2I9+qXHbG2Q2d3K2NOcEnchNBKBaowTUd' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/uk/home
X-Requested-With
XMLHttpRequest

Response headers

paypal-debug-id
064b2030b5850
content-encoding
gzip
etag
W/"521-gr7CssPwd+PeS/ferjn1lKDHip4"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000064b2030b5850-9e2d9243776791c4-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-rXCDGD6k3VqVEUY2I9+qXHbG2Q2d3K2NOcEnchNBKBaowTUd' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-xss-protection
1; mode=block
server
ECAcc (lhd/3587)
rum
browser-intake-us5-datadoghq.com/api/v2/ 		53 B
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=aaa6163f-73b5-48ca-bf78-36816f74e041&batch_time=1732121628491
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
c3b0da2e75f5f7833f82cc43018f0d945b53345dfc092718cb16a51672c74d55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paypal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
date
Wed, 20 Nov 2024 16:53:48 GMT
content-type
application/json
dd-request-id
aaa6163f-73b5-48ca-bf78-36816f74e041
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 910E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en-GB&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=ftetzmhacrm7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en_gb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FsZJEsnS1awXcaCs3BNQJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FsZJEsnS1awXcaCs3BNQJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 16:53:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
paypal-mark-black.svg
www.paypalobjects.com/marketing/web/us/test-demo/qr-stealth/ 		968 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/marketing/web/us/test-demo/qr-stealth/paypal-mark-black.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3591) /
Resource Hash
c508972d4e0cca1396bc6959a91a978c39069cbfc471ce75232bd4d31bb8846b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
e82bcf1416ca6
content-encoding
br
etag
W/"66d0b54c-3c8"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:49 GMT
traceparent
00-0000000000000000000e82bcf1416ca6-97f53de26032cc1e-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:49 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 17:52:12 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
502
server
ECAcc (lhd/3591)
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		709 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35A6) /
Resource Hash
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
94461365fb7cf
content-encoding
br
etag
"66d9ab63-2c5+gzip+br"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:49 GMT
traceparent
00-000000000000000000094461365fb7cf-1bf39fc9bc7ff5e6-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:49 GMT
content-type
image/svg+xml
last-modified
Thu, 05 Sep 2024 13:00:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin
*
content-length
422
server
ECAcc (lhd/35A6)
qrcode_sticky.svg
www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/
Redirect Chain
  • https://paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg
  • https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg
155 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/370E) /
Resource Hash
c421014a4295577da6e48e3b0d43af1394a62a2e1bb8146144eea14fe6038aa5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/

Response headers

paypal-debug-id
dfa2631d74cfb
content-encoding
br
etag
W/"65dda2f0-26ccb"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:53:49 GMT
traceparent
00-0000000000000000000dfa2631d74cfb-9beeccefbb472188-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Wed, 20 Nov 2024 16:53:49 GMT
content-type
image/svg+xml
last-modified
Tue, 27 Feb 2024 08:53:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
access-control-allow-origin
*
content-length
32450
server
ECAcc (lhd/370E)

Redirect headers

strict-transport-security
max-age=300
cache-control
max-age=86400
retry-after
0
location
https://www.paypalobjects.com/marketing/web/US/en/quantum-leap/home/qrcode_sticky.svg
x-timer
S1732121629.464083,VS0,VE7
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
0
date
Wed, 20 Nov 2024 16:53:49 GMT
x-served-by
cache-lcy-eglc8600029-LCY
server
Varnish
x-cache-hits
0
cookies
www.paypal.com/myaccount/privacy/cookieprefs/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:homepage:home-uncookied-consumer:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/uk/home
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35D9) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3aeqhwqZl3Lp6yEATl8WS0nd9xZqL5+T9ns9GZ0vTmHC/E1D' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/uk/home
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
020495a77742a
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000020495a77742a-15d7169108356efe-01
server-timing
traceparent;desc="00-0000000000000000000020495a77742a-d9ba1f098a84f0db-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:51 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3aeqhwqZl3Lp6yEATl8WS0nd9xZqL5+T9ns9GZ0vTmHC/E1D' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
access-control-allow-origin
https://www.paypal.com
content-length
2
x-xss-protection
1; mode=block
server
ECAcc (lhd/35D9)
verifygrcenterprise
www.paypal.com/auth/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3588) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-LTVcqO3htdjw8CLzTML8MkcHJDTbSWYWUU9YCBVI9zTroAKR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/uk/home
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
0005041894186
content-encoding
gzip
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-00000000000000000000005041894186-15c077ed872fa49d-01
server-timing
traceparent;desc="00-00000000000000000000005041894186-93f77fd8d5449ac3-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
date
Wed, 20 Nov 2024 16:53:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-LTVcqO3htdjw8CLzTML8MkcHJDTbSWYWUU9YCBVI9zTroAKR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
content-length
20
x-xss-protection
1; mode=block
server
ECAcc (lhd/3588)
ts
t.paypal.com/ 		42 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.9.5&t=1732121631430&g=0&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome-uncookied-consumer&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome-uncookied-consumer%3A%3A%3A&pgst=1732121625849&calc=0468130351999&nsid=Iyd1l4yUsfqGRbybbwyhF7hQIqVu1w6t&rsta=en_GB&pgtf=Nodejs&env=live&s=ci&ccpg=gb&csci=724227e8fc164ce39316341ecda9b4b6&comp=ppcmsnodeweb&tsrce=ppcmsnodeweb&cu=0&xe=110574%2C110460%2C110461%2C107911%2C109112%2C109922&xt=151783%2C150921%2C150925%2C137196%2C143574%2C151032&pp_ref_id=b81fc937-3ce3-473d-96ee-d3f253d133aa&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_homepage&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=ppcom&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&ef_policy=gdpr_v2.1&imsrc=setup&view=%7B%22t10%22%3A2%2C%22t11%22%3A5817%2C%22tcp%22%3A1752%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A3184%7D&pt=PayPal%20Account%20%7C%20Mobile%20Wallet%20and%20More%20%7C%20PayPal%20UK&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=2&t1c=0&t1d=0&t1s=0&t2=542&t3=6&t4d=0&t4=0&t4e=0&tt=2379&rdc=0&protocol=h2&cdn=edgecast&res=%7B%7D&rtt=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paypal.com/uk/home

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
a7187fcbd2d23
correlation-id
a7187fcbd2d23
expires
Wed, 20 Nov 2024 16:53:51 GMT
traceparent
00-0000000000000000000a7187fcbd2d23-e071ab313c10e62f-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000a7187fcbd2d23-eda9c2363dac5d5a-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Wed, 20 Nov 2024 16:53:51 GMT
content-type
image/gif
x-served-by
cache-lhr-egll1980057-LHR
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1732121631.441433,VS0,VE160
via
1.1 varnish
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| antiClickjack object| __GLOBAL_NAV_CONTEXT_HEADER__ object| __GLOBAL_NAV_CONTEXT_FOOTER__ boolean| paypalADSInterceptorInjected object| DD_RUM function| _0x20b2 function| _0x57d7 object| regeneratorRuntime object| __GLOBALNAV__ object| cookiePrefsValue function| triggerncs function| cookieFilter function| triggerCookieFilter function| manageCookiePreferences object| cookiemapping object| cssElement function| bindGdprEvents object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| hideGdprBanner function| showGdprBanner object| latmconf object| laDataLayer function| t function| openSalesChat object| mktconf

11 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09ANOXeZxS5FbRInOrmnwIzZ7YJx0EzCu4ke05V9UklMfQl_KvUOUIrRK4L6wtRwz3Mt3z3SiIm2VBQ5JDiSpP-c4
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: en_GB%3BGB
www.paypal.com/ Name: nsid
Value: s%3APfcLZX88bi8TS3n6A3A7UyhnOkNSCVmJ.G9fdh%2FcMl1CoDGjKfMi6CNyONTDOUh%2BlHG8mJ8%2F6R3g
.paypal.com/ Name: ts_c
Value: vr%3D4a7e84861930a5529879fd41fc905a1d%26vt%3D4a7e84861930a5529879fd41fc905a1c
.paypal.com/ Name: l7_az
Value: dcg04.phx
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: ts
Value: vreXpYrS%3D1763657631%26vteXpYrS%3D1732123431%26vr%3D4a7e84861930a5529879fd41fc905a1d%26vt%3D4a7e84861930a5529879fd41fc905a1c%26vtyp%3Dnew
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTczMjEyMTYzMTQ5OSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
www.paypal.com/ Name: _dd_s
Value:

1 Console Messages

Source Level URL
Text
security warning URL: https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-+9/KsbnOUp9fAncLAI0EYdeXXyHHr6eQUR2fhkP4WbBE3HlO' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-intake-us5-datadoghq.com
paypalobjects.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
142.250.186.67
151.101.3.1
151.101.67.1
192.229.221.25
2600:1901:0:c072::
2a00:1450:4001:829::2003
09bb7b12ac292f20244450f57a5a981e7dabe2f9b36e895c884475dcc7ae0550
0ac5dd85e8249063a6716536f6e403badc8be48812ce9536385955b9ec087f5f
1217e303928a5ecc75c9c4ee8967a642e3fe39cdedfbdd062fc9b83548df8602
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1f7929ead3f4324d1fda7a49b981d20904354a9bf503922e7e1a142b9e7af32e
2383f109c70bb6a1ef525d5d33e5f9332b105d7c622cd93608677e96631dc17c
2ad71ddd5a48b8b9a21fb717a2576ebf3765db5ac8266d0cb5ccda0e27292b59
2dfcd53be17a390cfac0b76f24f3c163d88dc9124703abc636ec0848064ac4dc
2ed311e874b9d0873c9c7d2c17181b2f06770583e4492181f192adf886902d4e
2f1a7debbea84c4749bfcc05487cf9670275b2b2a1473e34076f850b4643b6ae
38a2bc2ac93852a783ad22a0627ab657f7c18d906145059fe3a276703231fe48
3f45a55b28de61f678123111ff9a1acd10ae0160457437aa3d23d6fb6f8775e1
41a15d72cb3c49750d6cdd87afc88e9302bfdc22b1a3700d495b36522bb3669d
47ee8c5b1970e91c96d87a5641d28cb8b555355c542b5653d6f3b080967978de
52076183ab4e47879c35639033f376d43abbf039c28d65ade0c28a465325c64a
52a1894472e7aae51446ed3ebd437fbbd23b22919d8756844716f5ecc0d730b4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57bd2ef0ce4d833346ff5e10010792fc55c00bc317df06b6e0cddbab401c69bd
5d2bd7e5eca5f9991d30d65bc844a0f6b7a981aa7b0b76495bac393c8ac1ff6a
5eab116fb97cb5a87b0ecc625821c72fa491328a8d47f3f79cd4ba456fa56f29
69b92089af852f9c3722996d434f36badfea677d48eadd5fbad962ea552235a2
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8273a7452ff72c474ceda47b54740f176bdb47c3df18b01d0eea9713f4144417
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9bb61385c12f375a61f4e1152f1301df68ac76e789f9d36cceb1b5a37b086d14
9c986b81d2fb17a9948c52596451d20d7b110dc1d05d26713b000400ac12c868
9dd8529a0fd46899783e60563354cb0a7ed3bc23839dffc5f06d69c41eeeb34f
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
9fdb7945644347fea38ad5ca1caf8a3406615084fe4c8aba411b76e616c2dfcc
a2443dbda57da1a2a5d2d6e79092945749491414a7482ef08422e6272ff7c818
a87d1fcc90810a9f87936ebdb51d2993998d9fad7f24e4f41a294e2c6b68cb44
b180b51f4ecc922777b7888d45e4968fa54e3d425b129b687a7096be03fbf463
b7688b9807580830b45b5487759a85816c0320aef5fa379e36df645e6d83eb80
c3282b512f13002b5ac0ed6968af74a48db30263a9d9dcadcb04c187d73a747b
c3b0da2e75f5f7833f82cc43018f0d945b53345dfc092718cb16a51672c74d55
c3f1981e14042012337c6493597cd362261453611b727e91847a118b2b4cffb7
c421014a4295577da6e48e3b0d43af1394a62a2e1bb8146144eea14fe6038aa5
c508972d4e0cca1396bc6959a91a978c39069cbfc471ce75232bd4d31bb8846b
ca497bc6c3a16112b767574aab5687f1b013450a5ea4a46cbd6b4e47e75b3ba1
cba5d985702b33373ed7eb3afd52f3f3dd0b3c0ef653b987bfc820e6c534a199
d152f33a7425030be30babdcf13c3cb03f39eee9fee710eb659ab9db7fa07060
d457f0f8d9a3489b4540e82385096408e0f3da9106e13dee779460726ccdfb5b
d69e1263e3c76366da84f3e93739c8c222260b7e13be930c1d479c841cda5e13
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
e18b918b22fa4b66032c511cd184fb725736603b4e42984c59aa2a5c1746cbb5
e37a9b936d1ac9e4eb720dcd7d2d78d1ca9e6c66cd47dc427394dad3eb44c31c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2dea9171a5b98be8693f5722aacb65aa1ffbc24416dc7446549d23f8dc4f40
eeefabf6cbf7a6d48acb0b6a986486efd0902201fa22562790538ae500c012c1
efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267
f4a6edf8c5cdcfa5bcd56e8cdba5f39cb9795263168e05e7bb7bf58f169fd768
f66a5a93462bd6adb6ce57a640893a194ba89fc6801bd57945874f04af6973cd