urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.129.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://py.pl/2PLefMaiDlI
Effective URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Submission: On May 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 35 HTTP transactions. The main IP is 151.101.129.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 16th 2021. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.211.169.14 17012 (PAYPAL)
11 151.101.129.21 54113 (FASTLY)
21 151.101.14.133 54113 (FASTLY)
2 151.101.1.35 54113 (FASTLY)
1 2.18.232.75 16625 (AKAMAI-AS)
35 5
1    66.211.169.14 (United States)

ASN17012 (PAYPAL, US)
py.pl
11    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
21    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
1    2.18.232.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com
pics.paypal.com
Apex Domain
Subdomains		 Transfer
21 paypalobjects.com
www.paypalobjects.com
754 KB
14 paypal.com
www.paypal.com
t.paypal.com
pics.paypal.com
116 KB
1 py.pl
py.pl
2 KB
35 3
Domain Requested by
21 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
11 www.paypal.com www.paypal.com
www.paypalobjects.com
2 t.paypal.com www.paypal.com
1 pics.paypal.com
1 py.pl 1 redirects
35 5

This site contains links to these domains. Also see Links.

Domain
developer.paypal.com
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-16 -
2022-03-15		 a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-29 -
2021-12-13		 8 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-17 -
2021-11-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Frame ID: 9E43EF5665131D7F0C28F0F38BA77BFA
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://py.pl/2PLefMaiDlI HTTP 302
    https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

869 kB
Transfer

2644 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://py.pl/2PLefMaiDlI HTTP 302
    https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request W8NVEZBFNBPG8
www.paypal.com/instantcommerce/checkout/
Redirect Chain
  • https://py.pl/2PLefMaiDlI
  • https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
11 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e83908901d48f1a21b7c035ed41b3c08c5f35368f0bfb0eec5575f76d15532f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3Ujd2v9+xSoDOGvb/+ZQpg/p8xYghrV0j71lrtnYt0hHVB3N' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/instantcommerce/checkout/W8NVEZBFNBPG8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3Ujd2v9+xSoDOGvb/+ZQpg/p8xYghrV0j71lrtnYt0hHVB3N' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"2b04-drTAm8pib0xRc9qZm6MDUI5RdAE"
paypal-debug-id
bc97f23755c44
set-cookie
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 14 May 2022 12:43:04 GMT; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly; Secure; SameSite=None tsrce=instantcommercenodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:03 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDIxMyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-lhr7383-LHR, cache-cdg20749-CDG
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1620996184.065609,VS0,VE223
vary
Accept-Encoding
content-encoding
br

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Content-Length
166
Content-Security-Policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-HCmrAKHWs7kLKOgMjygoMXt8MbYvtcMeFpEnlSD3z3c1KQBL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src 'self' https:; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type
text/html; charset=utf-8
Date
Fri, 14 May 2021 12:43:03 GMT
Location
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Paypal-Debug-Id
124fd4b326c4b
Set-Cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:28:59 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 14 May 2022 12:43:03 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyMDk5NjE4MzkwMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=unpshorturlnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:03 GMT; HttpOnly; Secure nsid=s%3AgpDKjYja1_ZKr7Z4cKbOH0mUfjJGUWvF.xRNG5p2YN%2FMJZGVaCusw46Ozpw4LtvLnzQRrc4ahqTU; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:03 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690583%26vteXpYrS%3D1620997983%26vr%3D6ae6d72a1790a1d4882e3735ff6d7d50%26vt%3D6ae6d72a1790a1d4882e3735ff6d7d4f%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:03 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d72a1790a1d4882e3735ff6d7d50%26vt%3D6ae6d72a1790a1d4882e3735ff6d7d4f; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:03 GMT; Secure; SameSite=None
Vary
Accept
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
X-Xss-Protection
1; mode=block
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
20055502
x-cache
HIT, HIT
paypal-debug-id
4430072ed4be7
dc
slc-b-origin-www-2.paypal.com
content-length
18320
x-served-by
cache-sjc10045-SJC, cache-fra19176-FRA
last-modified
Tue, 23 Jan 2018 03:38:51 GMT
x-timer
S1620996184.369065,VS0,VE0
etag
"5a66ae4b-4790"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
247635, 40710
PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
15819231
x-cache
HIT, HIT
paypal-debug-id
ddf4de912160d
dc
slc-b-origin-www-1.paypal.com
content-length
18360
x-served-by
cache-sjc10048-SJC, cache-fra19176-FRA
last-modified
Tue, 23 Jan 2018 02:50:53 GMT
x-timer
S1620996184.369051,VS0,VE0
etag
"5a66a30d-47b8"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
24708, 18
fonts-and-normalize.min.css
www.paypalobjects.com/digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12/fonts-and-normalize.min.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
4c87841ac3886e0723b1ab2b4f9faa957baecb58e34b3b507ccf1233a2fbe350
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
36263372
x-cache
HIT, HIT
surrorage-key
/digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12/fonts-and-normalize.min.css /digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12/fonts-and-normalize.min.css /digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12/fonts-and-normalize.min.css /digitalassets/c/paypal-ui/web/fonts-and-normalize/0-0-12 /digitalassets/c/paypal-ui/web/fonts-and-normalize /digitalassets/c/paypal-ui/web /digitalassets/c/paypal-ui /digitalassets/c /digitalassets
content-encoding
gzip
vary
Accept-Encoding
content-length
1028
x-served-by
cache-sjc10058-SJC, cache-fra19139-FRA
last-modified
Mon, 23 Dec 2019 23:44:26 GMT
server
Apache
x-timer
S1620996184.367333,VS0,VE0
strict-transport-security
max-age=31557600
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1, 104
pa.js
www.paypalobjects.com/pa/js/min/ 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24957c25655d547623442ce46ebf6395e138abcf4bd4fe387ec1e61d23411331
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669473
x-cache
HIT, HIT
paypal-debug-id
939d8197c0f66
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
20545
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10052-SJC, cache-fra19139-FRA
last-modified
Thu, 06 May 2021 18:34:07 GMT
x-timer
S1620996184.367863,VS0,VE0
etag
W/"6094369f-d3ed"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
40363, 27
main.css
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		89 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe54cd464e0ae89731548c9f3cc20bdac1d7ea4f7acc98fe096ef2faee69b8a6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68875
x-cache
HIT, HIT
paypal-debug-id
5218e30dbee71
x-cache-hits
1, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16165
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10027-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:31 GMT
x-timer
S1620996184.367841,VS0,VE1
etag
W/"609c0757-164a3"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:00 GMT
bundle.js
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		430 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e85c47c8d38258e1a2f37241b143de80597c1f005dd3b866acd1cd76f8b1cbc5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68875
x-cache
MISS, HIT
paypal-debug-id
eba3cec27775d
x-cache-hits
0, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
115736
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10023-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:31 GMT
x-timer
S1620996184.367810,VS0,VE1
etag
W/"609c0757-6b6a4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:00 GMT
miconfig.js
www.paypalobjects.com/pa/mi/ 		111 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/miconfig.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7cff6bced347643ff09405c94c5297bd10fee07bdbd0323a5b35ab457876908d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669472
x-cache
HIT, HIT
paypal-debug-id
b0008e951be59
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
21243
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10074-SJC, cache-fra19176-FRA
last-modified
Thu, 06 May 2021 18:34:07 GMT
x-timer
S1620996184.414581,VS0,VE0
etag
W/"6094369f-1ba44"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
13059, 12
csp
www.paypal.com/csplog/api/log/ 		2 B
936 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-GjovuVQlgZFo51LyExhH8IxzBIj2ATQMDb9xWfT2xQwTLo/z' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
no-cors
origin
https://www.paypal.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
report
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=instantcommercenodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDIxMyIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG
content-length
1167
:path
/csplog/api/log/csp
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/csp-report
accept
*/*
cache-control
no-cache
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-GjovuVQlgZFo51LyExhH8IxzBIj2ATQMDb9xWfT2xQwTLo/z' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
3d14978a424ab
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-served-by
cache-lhr7358-LHR, cache-cdg20749-CDG
x-timer
S1620996184.441864,VS0,VE172
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 14 May 2022 12:43:04 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDUzOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=cspreportnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
none
x-cache-hits
0, 0
vendors~Dashboard~checkout.css
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		294 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/vendors~Dashboard~checkout.css
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c7dbce1a020af0139c154014a139b0b40f3a66ae30969ebf5ee3a91a14063ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68874
x-cache
MISS, HIT
paypal-debug-id
b982ade5685f8
x-cache-hits
0, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
32470
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10077-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:31 GMT
x-timer
S1620996184.475065,VS0,VE1
etag
W/"609c0757-497a5"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:00 GMT
0.bundle.js
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		159 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/0.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddc3ab4e1e8761e55be6a8f397bf6649118aabeda42029ccff7354728c41207d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68874
x-cache
MISS, HIT
paypal-debug-id
c8ae152f90325
x-cache-hits
0, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
39330
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10047-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:30 GMT
x-timer
S1620996184.475244,VS0,VE1
etag
W/"609c0756-27bb8"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:01 GMT
checkout.css
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/checkout.css
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90c257d85edb3b73a1169a1681abf4c8c28d5be5b4436cfb32d0f9b4cec3ce1d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68874
x-cache
MISS, HIT
paypal-debug-id
9338ebe81bc29
x-cache-hits
0, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
2994
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10042-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:31 GMT
x-timer
S1620996184.475224,VS0,VE1
etag
W/"609c0757-2677"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:00 GMT
5.bundle.js
www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/5.bundle.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4706167fee7b9828b1930ffa83f75aa3af23c66762a4b55f22d437bc369b03c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68874
x-cache
MISS, HIT
paypal-debug-id
42fac0c8bf9ae
x-cache-hits
0, 1
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
12541
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10083-SJC, cache-fra19139-FRA
last-modified
Wed, 12 May 2021 16:50:30 GMT
x-timer
S1620996184.475210,VS0,VE1
etag
W/"609c0756-bf29"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Fri, 13 May 2022 17:24:00 GMT
hf.js
www.paypalobjects.com/merchant-hf/stable/ 		112 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/merchant-hf/stable/hf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b85db014f874472c1ca57423a7257faa7c2cfb16ebb073864b4777d421be6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19928685
x-cache
HIT, HIT
paypal-debug-id
29510b36f579a
dc
phx-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
41947
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10054-SJC, cache-fra19139-FRA
last-modified
Fri, 25 Sep 2020 20:52:34 GMT
x-timer
S1620996184.478031,VS0,VE0
etag
W/"5f6e5892-1bf7c"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
401, 377
logo_paypal_106x29.png
www.paypalobjects.com/webstatic/i/sparta/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/i/sparta/logo/logo_paypal_106x29.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aec020d331c5d61be19537dc3224477aa0dee0caf55252071c70c8501602858e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
1297180
x-cache
HIT, HIT
fastly-io-info
ifsz=4699 idim=106x29 ifmt=png ofsz=1906 odim=106x29 ofmt=png
paypal-debug-id
9d82fb22f9e37
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1906
x-served-by
cache-sjc10045-SJC, cache-fra19139-FRA
x-timer
S1620996184.485435,VS0,VE1
etag
"fY94VoBYD7+pjoXm93ku5hQ0I0C9B0u+e/1CEnf5/dM"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
205, 1
view
www.paypal.com/bizcomponents/fragments/feedback-fragment/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/fragments/feedback-fragment/view
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f891714e3029286bfef9c3188f475580e674ec71d43c35026fabd5657fac8bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypalobjects.com; img-src 'self' http: https: data:; media-src 'self' blob: https://*.paypalobjects.com; object-src 'self' blob: https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/fragments/feedback-fragment/view
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=instantcommercenodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDIxMyIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypalobjects.com; img-src 'self' http: https: data:; media-src 'self' blob: https://*.paypalobjects.com; object-src 'self' blob: https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
5a0732e76d8f7
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1779
x-xss-protection
1; mode=block
x-served-by
cache-lhr7354-LHR, cache-cdg20749-CDG
x-timer
S1620996184.482343,VS0,VE195
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"1c0d-avMMi+U43HRJDo3sxJi1mxYBM5c"
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; Domain=.paypal.com; Path=/; HttpOnly; Secure LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly; Secure tsrce=bizcomponentsnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
client
www.paypal.com/bizcomponents/fragments/feedback-fragment/ 		274 KB
89 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/fragments/feedback-fragment/client
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34352061bbd3b57890ce9d1ed37ec397fe52b7a420c72ccd00d72905d6c16d89
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypalobjects.com; img-src 'self' http: https: data:; media-src 'self' blob: https://*.paypalobjects.com; object-src 'self' blob: https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/fragments/feedback-fragment/client
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=instantcommercenodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDIxMyIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypalobjects.com; img-src 'self' http: https: data:; media-src 'self' blob: https://*.paypalobjects.com; object-src 'self' blob: https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
c97cbface0bc5
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-lhr7332-LHR, cache-cdg20749-CDG
x-timer
S1620996184.483388,VS0,VE180
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"449e7-TuUfWbpZWPX3WeppQMBlhxS5h+U"
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=bizcomponentsnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.34&t=1620996184475&g=-120&page=main%3Amerchanthub%3Amyproduct%3Acheckout&pgrp=main%3Amerchanthub%3Amyproduct%3Acheckout&flow=PP_COMMERCE_PLATFORM&prod=instant_commerce&item=W8NVEZBFNBPG8&e=im&cdn=fastly&ef_policy=ccpa&pt=East%20Choir%20Senior%20Banquet%20%7C%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1620996185.516159,VS0,VE153
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires
Fri, 14 May 2021 12:43:04 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-lhr7375-LHR, cache-cdg20753-CDG
truncated
/ 		468 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d9fb797e44785b47774262d2b173fe0b8649e2882a632531a36948fcf16e8f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
PayPalSansSmall-Medium.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
19444959
x-cache
HIT, HIT
paypal-debug-id
9b2cc799a72d3
dc
ccg11-origin-www-1.paypal.com
content-length
38606
x-served-by
cache-sjc10028-SJC, cache-fra19176-FRA
last-modified
Wed, 26 Aug 2020 18:34:02 GMT
x-timer
S1620996184.494400,VS0,VE0
etag
"5f46ab1a-96ce"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
53685, 49916
index.js
www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/ 		477 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/index.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/merchant-hf/stable/hf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
42268c7599f595757b4cb35cf828d504d160ca3acf2d3b59da27d1da291b9ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1983338
x-cache
HIT, HIT
paypal-debug-id
f1db6d43477f4
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
144795
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10070-SJC, cache-fra19139-FRA
last-modified
Fri, 12 Feb 2021 23:56:10 GMT
x-timer
S1620996185.547169,VS0,VE1
etag
W/"6027159a-77349"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
4, 1
footer-fragment.json
www.paypalobjects.com/merchant-hf/footer-fragment/ 		359 KB
113 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/merchant-hf/footer-fragment/footer-fragment.json
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/merchant-hf/stable/hf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2417039c46aad8b09feb15179ad4b10f399a1be591fe287bd48eab566ecc8016
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5495380
x-cache
HIT, HIT
paypal-debug-id
b693407028dc0
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
115429
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10053-SJC, cache-fra19176-FRA
last-modified
Thu, 11 Mar 2021 22:03:06 GMT
x-timer
S1620996185.547564,VS0,VE0
etag
W/"604a939a-59b13"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
10660, 2
W8NVEZBFNBPG8
www.paypal.com/instantcommerce/api/v1/products/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/instantcommerce/api/v1/products/W8NVEZBFNBPG8
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/5.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f655df09dc967d2a83fd4771701ecae2fe27254dd8cfcc78bae0016e0baa8642
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-wSGs11bcLZCXYOC9RcXslQ7l3HMmFSJzNZfzJ/CRpdOwj5+6' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
x-csrf-token
JDVPZxQYRZ+c5iJSqqGiyfmPoKLMQnkC39wQo=
accept-language
en-US
sec-fetch-dest
empty
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; tsrce=instantcommercenodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDIxMyIsImwiOiIwIiwibSI6IjAifQ; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG
:path
/instantcommerce/api/v1/products/W8NVEZBFNBPG8
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-csrf-token
JDVPZxQYRZ+c5iJSqqGiyfmPoKLMQnkC39wQo=

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-wSGs11bcLZCXYOC9RcXslQ7l3HMmFSJzNZfzJ/CRpdOwj5+6' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
15472102b18ab
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-lhr7339-LHR, cache-cdg20749-CDG
x-timer
S1620996185.549651,VS0,VE237
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"c4d-OQLXA8BOjM31M0ETDgslSr7Agwo"
set-cookie
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 14 May 2022 12:43:04 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDcxMCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
none
x-cache-hits
0, 0
PayPalSansBig-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
20013417
x-cache
HIT, HIT
paypal-debug-id
7e9962728b92d
dc
slc-b-origin-www-3.paypal.com
content-length
39021
x-served-by
cache-sjc10070-SJC, cache-fra19176-FRA
last-modified
Wed, 26 Aug 2020 18:34:02 GMT
x-timer
S1620996185.557287,VS0,VE0
etag
"5f46ab1a-986d"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
24504, 13319
PayPalVXIcons-Regular.woff
www.paypalobjects.com/ui-web/vx-icons/2-0-1/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
87a3ea6f934b38d018e81a6c563c3ff7544e1ad5860f26933a17c08912bbd3fd
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
36263367
x-cache
HIT, HIT
surrorage-key
/ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1/PayPalVXIcons-Regular.woff /ui-web/vx-icons/2-0-1 /ui-web/vx-icons /ui-web
content-length
9488
x-served-by
cache-sjc10038-SJC, cache-fra19176-FRA
last-modified
Fri, 22 Jul 2016 04:14:36 GMT
server
Apache
x-timer
S1620996185.557359,VS0,VE0
strict-transport-security
max-age=31557600
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
15621, 926
supportedLanguages
www.paypal.com/bizcomponents/ 		0
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/supportedLanguages
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-KcJTs+5lmYEBrOV1i4yCwuAW4M3pwvBwRHBi8DwEAtnn+iEq' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/supportedLanguages
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDUzOSIsImwiOiIwIiwibSI6IjAifQ; tsrce=cspreportnodeweb
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-KcJTs+5lmYEBrOV1i4yCwuAW4M3pwvBwRHBi8DwEAtnn+iEq' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
8dcba2b4d0b88
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-lhr7372-LHR, cache-cdg20749-CDG
x-timer
S1620996185.655087,VS0,VE185
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=bizcomponentsnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
userInfo
www.paypal.com/bizcomponents/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/userInfo
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-yxwOkhjCmmKM7kVYXNtGbNT17AcJhAhfKivG0qsZp5is9daw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/userInfo
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDUzOSIsImwiOiIwIiwibSI6IjAifQ; tsrce=cspreportnodeweb
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-yxwOkhjCmmKM7kVYXNtGbNT17AcJhAhfKivG0qsZp5is9daw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
621638f2ed5f6
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-lhr7346-LHR, cache-cdg20749-CDG
x-timer
S1620996185.655394,VS0,VE178
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=bizcomponentsnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
footer.json
www.paypalobjects.com/merchant-hf/footer-fragment/locales/US/en/header-footer/ 		454 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/merchant-hf/footer-fragment/locales/US/en/header-footer/footer.json
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e59516d0c0be09a79ef4e2b9d64d819c42daef43316be25ceb3c94d4e757286
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20094219
x-cache
HIT, HIT
paypal-debug-id
e5c1277985169
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
293
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10053-SJC, cache-fra19176-FRA
last-modified
Wed, 23 Sep 2020 22:52:28 GMT
x-timer
S1620996185.659258,VS0,VE1
etag
W/"5f6bd1ac-1c6"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
38, 1
jacarandaUser
www.paypal.com/bizcomponents/unified/ 		0
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/unified/jacarandaUser
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Fx7xfCiSKmlGPvoNnBYARI3YaxOCCwpdoxCsaZUFgbgWpa8V' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/unified/jacarandaUser
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDUzOSIsImwiOiIwIiwibSI6IjAifQ; tsrce=cspreportnodeweb
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Fx7xfCiSKmlGPvoNnBYARI3YaxOCCwpdoxCsaZUFgbgWpa8V' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
c155b01bdcbc3
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-lhr7341-LHR, cache-cdg20749-CDG
x-timer
S1620996185.655605,VS0,VE184
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=bizcomponentsnodeweb; Domain=.paypal.com; Path=/; Expires=Mon, 17 May 2021 12:43:04 GMT; HttpOnly; Secure l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
getShowSurveyPreference
www.paypal.com/bizcomponents/csat/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/csat/getShowSurveyPreference
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-B0dVJz26eJfnCvMmKq35TJUB2cawnkP0/GiDctqNdhuVyccw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/csat/getShowSurveyPreference
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDUzOSIsImwiOiIwIiwibSI6IjAifQ; SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; tsrce=bizcomponentsnodeweb
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-B0dVJz26eJfnCvMmKq35TJUB2cawnkP0/GiDctqNdhuVyccw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
d71e068968c9d
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-lhr7382-LHR, cache-cdg20749-CDG
x-timer
S1620996185.705643,VS0,VE180
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:04 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:04 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
file.JPG
pics.paypal.com/00/s/YTkzYTEwZTQtMTgzMS00ZWY4LTg3YzAtMzczY2VmYTA3MjYz/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pics.paypal.com/00/s/YTkzYTEwZTQtMTgzMS00ZWY4LTg3YzAtMzczY2VmYTA3MjYz/file.JPG
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
62bf153edbd3133dc5fc15c2a56c1cf0e631d202208b3800b175ffb936bddb4c
Security Headers
Name Value
Content-Security-Policy default-src 'none', default-src 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none', default-src 'none'
CORRELATION-ID
c034bb55e6de3, c034bb55e6de3
Last-Modified
Mon, 10 May 2021 22:36:26 GMT
Date
Fri, 14 May 2021 12:43:05 GMT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=12960000
Paypal-Debug-Id
c034bb55e6de3
Connection
keep-alive
Accept-Ranges
none
DC
ccg11-origin-www-1.paypal.com
Content-Length
6983
X-Content-Type-Options
nosniff
Expires
Mon, 11 Oct 2021 12:43:05 GMT
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1034db0da2f6a43282932d0ce7a0d907ae7daa85c1e77bc45f6f33b9b2d422c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ts
t.paypal.com/ 		42 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.34&t=1620996184859&g=-120&page=main%3A%3Ainstantcommerce%3Acheckout%3AW8NVEZBFNBPG8%3Afeedback&pgrp=main%3A%3Ainstantcommerce%3Acheckout%3AW8NVEZBFNBPG8%3Amain&flow=PP_COMMERCE_PLATFORM&acnt=Business&e=im&flfr=Home&cdn=fastly&ef_policy=ccpa&pt=East%20Choir%20Senior%20Banquet%20%7C%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 May 2021 12:43:05 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1620996185.869814,VS0,VE151
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Fri, 14 May 2021 12:43:04 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-lhr7339-LHR, cache-cdg20753-CDG
PayPalSansBig-Light.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
20013417
x-cache
HIT, HIT
paypal-debug-id
7146d312f0a49
dc
phx-origin-www-2.paypal.com
content-length
38225
x-served-by
cache-sjc10072-SJC, cache-fra19176-FRA
last-modified
Wed, 26 Aug 2020 18:34:02 GMT
x-timer
S1620996185.877019,VS0,VE0
etag
"5f46ab1a-9551"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
42270, 9591
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Origin
https://www.paypal.com
Referer
https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:43:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
20013416
x-cache
HIT, HIT
paypal-debug-id
2acceda31e35c
dc
phx-origin-www-1.paypal.com
content-length
37186
x-served-by
cache-sjc10080-SJC, cache-fra19176-FRA
last-modified
Wed, 26 Aug 2020 18:34:02 GMT
x-timer
S1620996185.876987,VS0,VE0
etag
"5f46ab1a-9142"
strict-transport-security
max-age=31557600
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
51406, 53860
footerFragmentCookieBanner
www.paypal.com/bizcomponents/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/footerFragmentCookieBanner
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ObPStO6h8m3/439GxMooWqSxC9NHEJLdB7qZ3dOJjJ+pGBGw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bizcomponents/footerFragmentCookieBanner
pragma
no-cache
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; tsrce=bizcomponentsnodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDcxMCIsImwiOiIwIiwibSI6IjAifQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ObPStO6h8m3/439GxMooWqSxC9NHEJLdB7qZ3dOJjJ+pGBGw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
50368e5dd3ea3
dc
phx-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-lhr7361-LHR, cache-cdg20749-CDG
x-timer
S1620996185.972148,VS0,VE187
x-frame-options
SAMEORIGIN
date
Fri, 14 May 2021 12:43:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:01 GMT; HttpOnly l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:05 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690585%26vteXpYrS%3D1620997985%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:05 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:05 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
bytes
x-cache-hits
0, 0
log
www.paypal.com/bizcomponents/api/ 		2 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/bizcomponents/api/log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://www.paypal.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
enforce_policy=ccpa; LANG=en_US%3BUS; nsid=s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8; l7_az=dcg14.slc; ts=vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; x-cdn=fastly:CDG; SEGM=bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ; tsrce=bizcomponentsnodeweb; x-pp-s=eyJ0IjoiMTYyMDk5NjE4NDcxMCIsImwiOiIwIiwibSI6IjAifQ
content-length
2358
:path
/bizcomponents/api/log
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
www.paypal.com
referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
application/json
Referer
https://www.paypal.com/instantcommerce/checkout/W8NVEZBFNBPG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 14 May 2021 12:43:05 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
paypal-debug-id
ba91a92f62cc7
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr7366-LHR, cache-cdg20749-CDG
x-timer
S1620996185.012768,VS0,VE181
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
set-cookie
LANG=en_US%3BUS; Max-Age=31555; Domain=.paypal.com; Path=/; Expires=Fri, 14 May 2021 21:29:00 GMT; HttpOnly; Secure enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sat, 14 May 2022 12:43:05 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyMDk5NjE4NTExOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Fri, 14 May 2021 13:13:05 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715690585%26vteXpYrS%3D1620997985%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:05 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207; Path=/; Domain=paypal.com; Expires=Mon, 13 May 2024 12:43:05 GMT; Secure; SameSite=None x-cdn=fastly:CDG; Domain=paypal.com; Path=/; Secure
accept-ranges
none
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| PAYPAL object| fpti string| fptiserverurl string| webpackPublicPath object| webpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| core string| reqToken object| _ifpti object| miconfig object| merchantHfOptions object| b4cfccfed532a5439b0e74f8cf33d6e0 object| fragmentScripts object| __SECRET_EMOTION__ function| _ object| b2d61508c707a65b0d994292874deef9

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: tsrce
Value: bizcomponentsnodeweb
.paypal.com/ Name: x-cdn
Value: fastly:CDG
www.paypal.com/ Name: nsid
Value: s%3AKkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9.1704m%2FVaRjlSskvfOEomeVokjkkJjSA8gWIK5CbICr8
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYyMDk5NjE4NDcxMCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1715690584%26vteXpYrS%3D1620997984%26vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207%26vtyp%3Dnew
.paypal.com/ Name: SEGM
Value: bRdV1vB0ebq9RKdAb3xSHowCi6QnnlCiDOLNk8i1mAuLl1vTbzHQwWajSsMe8mvoWiJtY1GnpzN4Y-sixGy7BQ
.paypal.com/ Name: ts_c
Value: vr%3D6ae6d84c1790a7886a16d9b6ff1b3208%26vt%3D6ae6d84c1790a7886a16d9b6ff1b3207
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: enforce_policy
Value: ccpa

8 Console Messages

Source Level URL
Text
console-api info URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/bundle.js(Line 1247)
Message:
server-data loaded [object Object]
console-api debug URL: https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js/client/5.bundle.js(Line 165)
Message:
apiRequestHelper makeAPIRequest responseText {"id":"W8NVEZBFNBPG8","website_code":"<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\" target=\"_top\">\n<input type=\"hidden\" name=\"cmd\" value=\"_s-xclick\" />\n<input type=\"hidden\" name=\"hosted_button_id\" value=\"W8NVEZBFNBPG8\" />\n<input type=\"image\" src=\"https://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif\" border=\"0\" name=\"submit\" title=\"PayPal - The safer, easier way to pay online!\" alt=\"Buy Now\" />\n<img alt=\"\" border=\"0\" src=\"https://www.paypal.com/en_US/i/scr/pixel.gif\" width=\"1\" height=\"1\" />\n</form>\n","email_code":"https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=W8NVEZBFNBPG8","type":"BUYNOW","sub_type":"SERVICES","button_variables":[{"name":"item_name","value":"East Choir Senior Banquet"},{"name":"button_subtype","value":"services"},{"name":"bn","value":"Z9YLJLZT4F72L:PP-BuyNowBF_S"},{"name":"no_shipping","value":"2"},{"name":"pp_note","value":"End of year celebration for East Choir Seniors."},{"name":"image_url","value":["https://pics.paypal.com/00/s/YTkzYTEwZTQtMTgzMS00ZWY4LTg3YzAtMzczY2VmYTA3MjYz/file.JPG"]},{"name":"no_note","value":"0"},{"name":"currency_code","value":"USD"},{"name":"amount","value":"17.00"},{"name":"business","value":"Z9YLJLZT4F72L"}],"button_image":"REG","button_image_url":"https://www.paypal.com/en_US/i/btn/btn_buynow_LG.gif","country_code":"US","time_created":"2021-05-10T15:37:36Z","time_updated":"2021-05-10T15:37:36Z","language":"en","links":[{"href":"https://api.paypal.com/v1/payments-experience/buttons/W8NVEZBFNBPG8","rel":"self","method":"GET"},{"href":"https://api.paypal.com/v1/payments-experience/buttons/W8NVEZBFNBPG8","rel":"delete","method":"DELETE"}],"sys":{"links":{"jsBaseUrl":"https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/js","cssBaseUrl":"https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/css","templateBaseUrl":"https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/templates/US/en","resourceBaseUrl":"https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2","originalTemplateBaseUrl":"https://www.paypalobjects.com/web/res/125/8c76c17819992935211bbde8b71d2/templates"},"pageInfo":{"date":"May 14, 2021 05:43:04 -07:00","hostName":"rZJvnqaaQhLn/nmWT8cSUjOx898qoYZ0BAoix9KS7ULeN6DOp2hnLpMPibIaAIFRoFZLjEmCxGA","rlogId":"rZJvnqaaQhLn%2FnmWT8cSUk1EUCNmkZEFW0RP7Sgv3fQTEg14v9eGZzWjfHEXR8s3%2B%2BGbo84X1EhZR5MLg9o0R11%2BpKRmDVrURUer7PAG7NQ_1796ae6da49","script":"node","debug":null},"locality":{"timezone":{"determiner":"viaCowPrimary","value":"America/Los_Angeles"},"country":"US","locale":"en_US","language":"en","directionality":"ltr"},"tracking":{"fpti":{"name":"pta","jsURL":"https://www.paypalobjects.com","serverURL":"https://t.paypal.com/ts","dataString":"pgrp=instantcommercenodeweb%2Fpublic%2Ftemplates%2F.dust&page=instantcommercenodeweb%2Fpublic%2Ftemplates%2F.dust&pgst=1620996184649&calc=15472102b18ab&nsid=KkIuPLN8q2BOoXsGJ_5beR2Q4Bq8u4j9&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=61692198d4cc464b91c141e6efbd19a1&comp=instantcommercenodeweb&tsrce=instantcommercenodeweb&cu=0&ef_policy=ccpa"}}}}
console-api error URL: https://www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/index.js(Line 29)
Message:
Error getting survey preference due to {"config":{"transformRequest":{},"transformResponse":{},"timeout":0,"xsrfCookieName":"XSRF-TOKEN","xsrfHeaderName":"X-XSRF-TOKEN","maxContentLength":-1,"headers":{"Accept":"application/json, text/plain, */*"},"method":"get","url":"https://www.paypal.com/bizcomponents/csat/getShowSurveyPreference"},"response":{"data":"","status":401,"statusText":"","headers":{"accept-ranges":"bytes","cache-control":"max-age=0, no-cache, no-store, must-revalidate","content-length":"0","content-security-policy":"default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-B0dVJz26eJfnCvMmKq35TJUB2cawnkP0/GiDctqNdhuVyccw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;","date":"Fri, 14 May 2021 12:43:04 GMT","dc":"ccg11-origin-www-1.paypal.com","paypal-debug-id":"d71e068968c9d","strict-transport-security":"max-age=63072000; includeSubDomains; preload","via":"1.1 varnish, 1.1 varnish","x-cache":"MISS, MISS","x-cache-hits":"0, 0","x-content-type-options":"nosniff","x-frame-options":"SAMEORIGIN","x-served-by":"cache-lhr7382-LHR, cache-cdg20749-CDG","x-timer":"S1620996185.705643,VS0,VE180","x-xss-protection":"1; mode=block"},"config":{"transformRequest":{},"transformResponse":{},"timeout":0,"xsrfCookieName":"XSRF-TOKEN","xsrfHeaderName":"X-XSRF-TOKEN","maxContentLength":-1,"headers":{"Accept":"application/json, text/plain, */*"},"method":"get","url":"https://www.paypal.com/bizcomponents/csat/getShowSurveyPreference"},"request":{}}}
console-api error URL: https://www.paypalobjects.com/bizcomponents/customer-satisfaction-survey/stable/index.js(Line 29)
Message:
MEP::CSAT::SHOWSURVEYPREF:Error getting survey preference [object Object] {"config":{"transformRequest":{},"transformResponse":{},"timeout":0,"xsrfCookieName":"XSRF-TOKEN","xsrfHeaderName":"X-XSRF-TOKEN","maxContentLength":-1,"headers":{"Accept":"application/json, text/plain, */*"},"method":"get","url":"https://www.paypal.com/bizcomponents/csat/getShowSurveyPreference"},"response":{"data":"","status":401,"statusText":"","headers":{"accept-ranges":"bytes","cache-control":"max-age=0, no-cache, no-store, must-revalidate","content-length":"0","content-security-policy":"default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https: data:; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-B0dVJz26eJfnCvMmKq35TJUB2cawnkP0/GiDctqNdhuVyccw' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; form-action 'self' https://*.paypal.com; font-src 'self' data: https://*.paypal.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;","date":"Fri, 14 May 2021 12:43:04 GMT","dc":"ccg11-origin-www-1.paypal.com","paypal-debug-id":"d71e068968c9d","strict-transport-security":"max-age=63072000; includeSubDomains; preload","via":"1.1 varnish, 1.1 varnish","x-cache":"MISS, MISS","x-cache-hits":"0, 0","x-content-type-options":"nosniff","x-frame-options":"SAMEORIGIN","x-served-by":"cache-lhr7382-LHR, cache-cdg20749-CDG","x-timer":"S1620996185.705643,VS0,VE180","x-xss-protection":"1; mode=block"},"config":{"transformRequest":{},"transformResponse":{},"timeout":0,"xsrfCookieName":"XSRF-TOKEN","xsrfHeaderName":"X-XSRF-TOKEN","maxContentLength":-1,"headers":{"Accept":"application/json, text/plain, */*"},"method":"get","url":"https://www.paypal.com/bizcomponents/csat/getShowSurveyPreference"},"request":{}}}
console-api log (Line 85)
Message:
FOOTER ERROR::USER_DATA_FETCH:: SyntaxError: Unexpected end of JSON input
console-api log (Line 85)
Message:
FOOTER ERROR::SUPPORTED_LANGUAGES_FETCH:: SyntaxError: Unexpected end of JSON input
console-api log (Line 85)
Message:
FOOTER ERROR::JACARANDA_USER_DATA_FETCH:: SyntaxError: Unexpected end of JSON input
console-api log (Line 27)
Message:
GDPR::SERVICE::FAILURE Error: Request failed with status code 401

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3Ujd2v9+xSoDOGvb/+ZQpg/p8xYghrV0j71lrtnYt0hHVB3N' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pics.paypal.com
py.pl
t.paypal.com
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.129.21
151.101.14.133
2.18.232.75
66.211.169.14
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
1034db0da2f6a43282932d0ce7a0d907ae7daa85c1e77bc45f6f33b9b2d422c3
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
2417039c46aad8b09feb15179ad4b10f399a1be591fe287bd48eab566ecc8016
24957c25655d547623442ce46ebf6395e138abcf4bd4fe387ec1e61d23411331
34352061bbd3b57890ce9d1ed37ec397fe52b7a420c72ccd00d72905d6c16d89
3d9fb797e44785b47774262d2b173fe0b8649e2882a632531a36948fcf16e8f3
42268c7599f595757b4cb35cf828d504d160ca3acf2d3b59da27d1da291b9ce8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
4c87841ac3886e0723b1ab2b4f9faa957baecb58e34b3b507ccf1233a2fbe350
4f891714e3029286bfef9c3188f475580e674ec71d43c35026fabd5657fac8bf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b85db014f874472c1ca57423a7257faa7c2cfb16ebb073864b4777d421be6a1
5e59516d0c0be09a79ef4e2b9d64d819c42daef43316be25ceb3c94d4e757286
62bf153edbd3133dc5fc15c2a56c1cf0e631d202208b3800b175ffb936bddb4c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7cff6bced347643ff09405c94c5297bd10fee07bdbd0323a5b35ab457876908d
87a3ea6f934b38d018e81a6c563c3ff7544e1ad5860f26933a17c08912bbd3fd
90c257d85edb3b73a1169a1681abf4c8c28d5be5b4436cfb32d0f9b4cec3ce1d
aec020d331c5d61be19537dc3224477aa0dee0caf55252071c70c8501602858e
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
b4706167fee7b9828b1930ffa83f75aa3af23c66762a4b55f22d437bc369b03c
c7dbce1a020af0139c154014a139b0b40f3a66ae30969ebf5ee3a91a14063ec4
ddc3ab4e1e8761e55be6a8f397bf6649118aabeda42029ccff7354728c41207d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83908901d48f1a21b7c035ed41b3c08c5f35368f0bfb0eec5575f76d15532f3
e85c47c8d38258e1a2f37241b143de80597c1f005dd3b866acd1cd76f8b1cbc5
f655df09dc967d2a83fd4771701ecae2fe27254dd8cfcc78bae0016e0baa8642
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
fe54cd464e0ae89731548c9f3cc20bdac1d7ea4f7acc98fe096ef2faee69b8a6