www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.paypal.com/myaccount/security/passkeyLogin/createPasskey?tsrce=email&utm_source=sfmc&utm_medium=email&utm_c...
Effective URL:
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePass...
Submission: On October 24 via api (October 24th 2024, 5:34:15 pm UTC) from US — Scanned from CA

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 3 domains to perform 58 HTTP transactions. The main IP is 151.101.1.21, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3226.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 8th 2024. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
3	13.32.151.3 13.32.151.3	16509 (AMAZON-02) (AMAZON-02)
23	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1 5	151.101.67.1 151.101.67.1	54113 (FASTLY) (FASTLY)
2	2600:1901:0:c... 2600:1901:0:c072::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 2	34.106.92.18 34.106.92.18	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.149.66.134 34.149.66.134	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
58	9

21 151.101.1.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.151.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-3.iad66.r.cloudfront.net

ddbm2.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.67.1 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:c072:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.106.92.18 (Salt Lake City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.92.106.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
slc.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.66.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.66.149.34.bc.googleusercontent.com

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 3226 ddbm2.paypal.com — Cisco Umbrella Rank: 22363 t.paypal.com — Cisco Umbrella Rank: 3852 c.paypal.com — Cisco Umbrella Rank: 8333 b.stats.paypal.com — Cisco Umbrella Rank: 6677 slc.stats.paypal.com — Cisco Umbrella Rank: 11246 c6.paypal.com — Cisco Umbrella Rank: 9992	146 KB
23	paypalobjects.com 1 redirects www.paypalobjects.com — Cisco Umbrella Rank: 2817 paypalobjects.com — Cisco Umbrella Rank: 2807	505 KB
4	browser-intake-us5-datadoghq.com browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 6905	620 B
58	3

	Domain	Requested by
22	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
18	www.paypal.com	1 redirects www.paypalobjects.com
5	c.paypal.com	www.paypalobjects.com
4	browser-intake-us5-datadoghq.com	www.paypalobjects.com
4	t.paypal.com	www.paypal.com
3	ddbm2.paypal.com	www.paypal.com www.paypalobjects.com
1	c6.paypal.com
1	slc.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	paypalobjects.com	1 redirects
58	10

This site contains no links.

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
ddbm.paypal.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-02`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2025-06-20`	a year	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-28` - `2025-07-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
Frame ID: 33B6464DABE101060CC17D293BD88A2D
Requests: 52 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: 5FA893CFE970BE38D1BFBC0751C461BE
Requests: 1 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v1/counter2.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo
Frame ID: EED6D978768DCCC4DBF031B8917E8F36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to your PayPal account

Page URL History Show full URLs

https://www.paypal.com/myaccount/security/passkeyLogin/createPasskey?tsrce=email&utm_source=sfmc&ut... HTTP 302
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2Fpassk... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

58
Requests

95 %
HTTPS

13 %
IPv6

3
Domains

10
Subdomains

9
IPs

1
Countries

647 kB
Transfer

2278 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paypal.com/myaccount/security/passkeyLogin/createPasskey?tsrce=email&utm_source=sfmc&utm_medium=email&utm_campaign=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&sfmc_id=U495VQP9BYPCL&utm_content=Add_Passkey_CTA HTTP 302
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js HTTP 301
https://www.paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js

Request Chain 44

https://b.stats.paypal.com/v1/counter.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo HTTP 302
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
www.paypal.com/
Redirect Chain

https://www.paypal.com/myaccount/security/passkeyLogin/createPasskey?tsrce=email&utm_source=sfmc&utm_medium=email&utm_campaign=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&sfmc_id=U495VQP9...
https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3D...

32 KB
12 KB

293ms
290ms

Document
text/html

151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7e9710315f5797eea1e6e4fffe8e2c9da2ab636d13065f23e7bfb2a2408375e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xXZ8opxWR7N4quz3xfyAehO11JuqIbJZGb0GzzsxYtltjgae' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xXZ8opxWR7N4quz3xfyAehO11JuqIbJZGb0GzzsxYtltjgae' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 17:34:07 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"7be2-jMTnAKGa16y2JOiZ4p/U/CiB8ro"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f105934f3d09a
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f105934f3d09a-3812ada336ce3abe-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-bur-kbur8200041-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-timer: S1729791248.630203,VS0,VE237
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 660
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-5wlxGMA51+jp4DxF7RX7vE5eieScxt7EQ5fZ1M2tVPyRdMif' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https: data: https://b.stats.paypal.com https://*.paypal.com; frame-src https://*.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 17:34:07 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f133284091988
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f133284091988-3e481564b86d818c-01
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1729791278
x-served-by: cache-bur-kbur8200168-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-timer: S1729791247.383717,VS0,VE127
x-xss-protection: 1; mode=block

GET
H2 200 tags.js Show response
ddbm2.paypal.com/ 168 KB
31 KB 481ms
21ms Script
text/javascript 13.32.151.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/tags.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.151.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-151-3.iad66.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

content-encoding: br
x-amz-version-id: 3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
etag: W/"86b848e45746db7159d1fbb589ce0f3f"
age: 2183
x-cache: Hit from cloudfront
x-amz-cf-id: l697T561G2h-MJtPYBX8YthYtd6WGUn6UiPIfrzyoBcgyMf8RFWfDA==
date: Thu, 24 Oct 2024 16:57:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Thu, 17 Oct 2024 12:43:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=3600, public
via: 1.1 2af881fc3dba7aadc69b3ca00dd6e9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 23 KB
6 KB 482ms
31ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D10D) /

Resource Hash

d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 71280eff5b5ae
content-encoding: br
etag: W/"6697f682-5a55"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-000000000000000000071280eff5b5ae-9f9c1f2f8210c085-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
content-length: 6477
server: ECAcc (nyd/D10D)

GET
H2 200 contextualLoginElementalUIv5.css
www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/ 199 KB
31 KB 480ms
32ms Stylesheet
text/css 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D1A3) /

Resource Hash

457293b5870c72a08794e0d8186159de2a4366d91bfd3e39c790ba80235078df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: c6ce5418423e2
content-encoding: br
etag: W/"67130858-31d37"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:34:08 GMT
traceparent: 00-0000000000000000000c6ce5418423e2-d79f7221718a121b-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: text/css
last-modified: Sat, 19 Oct 2024 01:16:08 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 31593
server: ECAcc (nyd/D1A3)

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/ 4 KB
2 KB 480ms
33ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/modernizr-2.6.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D11D) /

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: be635ffc6f8e2
content-encoding: br
etag: W/"67130867-edf"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:34:08 GMT
traceparent: 00-0000000000000000000be635ffc6f8e2-c18e2a8b32e5bbf4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Sat, 19 Oct 2024 01:16:23 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 1747
server: ECAcc (nyd/D11D)

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 470ms
33ms Image
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D142) /

Resource Hash

4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: b30183cafa1e5
etag: "60271b47-8bc"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-0000000000000000000b30183cafa1e5-59eeae2e4b9ec5a1-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: image/png
last-modified: Sat, 13 Feb 2021 00:20:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 2236
server: ECAcc (nyd/D142)

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 6 KB
6 KB 469ms
30ms Image
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D1A2) /

Resource Hash

13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: ee96c6367f612
etag: "54130c54-16c4"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-0000000000000000000ee96c6367f612-abf803167a788aa0-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: image/png
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 5828
server: ECAcc (nyd/D1A2)

GET
H2

200

index.js Show response
www.paypalobjects.com/ae/0.15.0/atomic-events-dom/
Redirect Chain

https://paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js
https://www.paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js

26 KB
8 KB

91ms
56ms

Script
application/javascript

192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js

Requested by

Protocol

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D11D) /

Resource Hash

87f812dd43323a088722696d460d76bc65c1b02bf158c19a83f1ae2c35715d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 2508446192619
content-encoding: br
etag: W/"66db31c5-687a"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-00000000000000000002508446192619-d1a42e524c9f0ab6-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Fri, 06 Sep 2024 16:45:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 8207
server: ECAcc (nyd/D11D)

Redirect headers

strict-transport-security: max-age=300
cache-control: max-age=86400
retry-after: 0
location: https://www.paypalobjects.com/ae/0.15.0/atomic-events-dom/index.js
x-timer: S1729791249.656770,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 0
date: Thu, 24 Oct 2024 17:34:08 GMT
x-served-by: cache-yul1970057-YUL
server: Varnish
x-cache-hits: 0

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/ 5 KB
2 KB 85ms
28ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/fn-sync-telemetry-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D1A3) /

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 2b3e674062602
content-encoding: br
etag: W/"67130867-159e"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:34:08 GMT
traceparent: 00-00000000000000000002b3e674062602-2056ef0974992cf8-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Sat, 19 Oct 2024 01:16:23 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 2321
server: ECAcc (nyd/D1A3)

GET
H2 200 signin-split.js Show response
www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/ 489 KB
100 KB 73ms
22ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/signin-split.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D156) /

Resource Hash

f26759c91d3faf51aa1ba2f48f267e458f6a4a697c5aa392621e56030cc27165

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 528db1e594f54
content-encoding: br
etag: W/"67130864-7a4cb"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:34:08 GMT
traceparent: 00-0000000000000000000528db1e594f54-17defe6d16e5c5a6-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Sat, 19 Oct 2024 01:16:20 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 102460
server: ECAcc (nyd/D156)

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 69 KB
26 KB 73ms
23ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D137) /

Resource Hash

2c6bd1749d24699d1800314c498bfff3eaf5ded67fe354f96fd00d274ca9513c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 80bdd24634538
content-encoding: br
etag: W/"670429cc-112e1"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-000000000000000000080bdd24634538-6a3beb6910f50725-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:34:52 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 26290
server: ECAcc (nyd/D137)

GET
H2 200 datadog-rum.js Show response
www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/ 159 KB
53 KB 60ms
31ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/lib/datadog-rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D179) /

Resource Hash

ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: b9fe422e8001a
content-encoding: br
etag: W/"67130867-27b83"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:34:08 GMT
traceparent: 00-0000000000000000000b9fe422e8001a-6c88877dc9da0fd4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Sat, 19 Oct 2024 01:16:23 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 54318
server: ECAcc (nyd/D179)

GET
H2 200 grcenterprise_v3_static.js Show response
www.paypalobjects.com/webcaptcha/ 6 KB
2 KB 59ms
30ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D178) /

Resource Hash

75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: b3ccb366af5af
content-encoding: br
etag: W/"65f1e42c-180e"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-0000000000000000000b3ccb366af5af-57e51581fae364c4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 17:36:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 1820
server: ECAcc (nyd/D178)

GET
H2 200 paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 709 B
587 B 66ms
42ms Image
image/svg+xml 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D14E) /

Resource Hash

8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: b75dbc1a5cc15
content-encoding: br
etag: "66d9ab63-2c5+gzip+br"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:08 GMT
traceparent: 00-0000000000000000000b75dbc1a5cc15-1b23e5d8e53dfd26-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:08 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Sep 2024 13:00:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 422
server: ECAcc (nyd/D14E)

GET
H2 200 PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 131ms
28ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D11A) /

Resource Hash

9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: 45c2e2f727feb
etag: "6298f2c0-6b41"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-000000000000000000045c2e2f727feb-6dbc7a9859a787e4-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/font-woff2
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=31536000
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27457
server: ECAcc (nyd/D11A)

GET
H2 200 PayPalOpen-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 27 KB
27 KB 128ms
27ms Font
application/font-woff2 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Medium.woff2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D158) /

Resource Hash

8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/css/contextualLoginElementalUIv5.css

Response headers

paypal-debug-id: 40e2b0cf0d25e
etag: "65a04ab6-6bf1"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-000000000000000000040e2b0cf0d25e-174a4173bf696ca7-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/font-woff2
last-modified: Thu, 11 Jan 2024 20:08:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27633
server: ECAcc (nyd/D158)

GET
H2 200 mktgtagmanager.js Show response
www.paypalobjects.com/martech/tm/paypal/ 16 KB
7 KB 29ms
28ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D188) /

Resource Hash

efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: af5e1cdd9c7f4
content-encoding: br
etag: "67042d91-3eb4+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-0000000000000000000af5e1cdd9c7f4-9a81930e99282a63-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:50:57 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 6604
server: ECAcc (nyd/D188)

GET
H2 200 latmconf.js Show response
www.paypalobjects.com/pa/mi/paypal/ 15 KB
4 KB 45ms
45ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D14C) /

Resource Hash

0311e7cd1ff9b287c7099126ae78265a48fc8adb1a6e060731a503b2e41313f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: f6f5f7b0833c1
content-encoding: br
etag: "670429ca-3a4c+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-0000000000000000000f6f5f7b0833c1-ab1296c60fbb5366-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:34:50 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 4381
server: ECAcc (nyd/D14C)

GET
H2 200 ts
t.paypal.com/ 42 B
942 B 299ms
138ms Image
image/gif 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.2&t=1729791249352&g=420&e=ac&tsrce=sfmc&ppid=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&space_key=SKCPAD&utm_source=sfmc&utm_medium=email&utm_campaign=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&sfmc_id=U495VQP9BYPCL&utm_content=Add_Passkey_CTA&event_name=external_deep_link_processed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 0c3f0c1ec379e
correlation-id: 0c3f0c1ec379e
expires: Thu, 24 Oct 2024 17:34:09 GMT
traceparent: 00-00000000000000000000c3f0c1ec379e-d13ea94b6f6fa4ac-01
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-00000000000000000000c3f0c1ec379e-cc63e87050fb3be0-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: image/gif
x-served-by: cache-bur-kbur8200035-BUR, cache-yul1970055-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1729791250.526301,VS0,VE112
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes

GET
H2 200 grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame 5FA8 0
0 114ms
30ms Document
text/html 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D18D) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 2084
content-type: text/html
date: Thu, 24 Oct 2024 17:34:09 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6633898b-19bd+gzip+br"
expires: Thu, 24 Oct 2024 18:34:09 GMT
last-modified: Thu, 02 May 2024 12:39:39 GMT
paypal-debug-id: 3e337e25f1733
server: ECAcc (nyd/D18D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000003e337e25f1733-5972509d51136c7e-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET 2bee4be3-1e7b-473f-b21a-2c7e45e9ca86
https://www.paypal.com/ Frame 0
0

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
340 B 313ms
120ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=bb5fe414-62bc-4356-a0d5-832f7a734222&batch_time=1729791249488

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

8225539f20b6327c04b816dca545bc230c2011c42f9ac1fa81b0b7dfbc600859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json
dd-request-id: bb5fe414-62bc-4356-a0d5-832f7a734222

POST
H2 200 / Show response
ddbm2.paypal.com/js/ 230 B
615 B 43ms
39ms XHR
application/json 13.32.151.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.151.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-151-3.iad66.r.cloudfront.net

Software

DataDome /

Resource Hash

ff3e326f8f267bdd9c545095788a4cf80634adf17e6a60647de5dd7bc902b5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 ede1802516dab8225770d22f89eefe52.cloudfront.net (CloudFront)
expires: 0
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 230
x-amz-cf-id: 8GLDeYkqLBOdeDGU5Me6Z4UOdnHFsAqvD5qdfzwUlg8gnPo6J7jSDQ==
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json;charset=utf-8
x-amz-cf-pop: IAD66-C2
server: DataDome

OPTIONS
H2 200 /
ddbm2.paypal.com/js/ Frame 0
0 148ms
33ms Preflight 13.32.151.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ddbm2.paypal.com/js/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.151.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-151-3.iad66.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 600
content-length: 0
date: Thu, 24 Oct 2024 17:34:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 ede1802516dab8225770d22f89eefe52.cloudfront.net (CloudFront)
x-amz-cf-id: p6GKb1OWEyjHXlH0V3J8Yr4VrHeVqc6xp5snH_uEsGVQ_Bw05LuHrw==
x-amz-cf-pop: IAD66-C2
x-cache: Miss from cloudfront

GET
H2 200 ts
t.paypal.com/ 42 B
298 B 134ms
131ms Image
image/gif 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.2&t=1729791249549&g=420&e=ac&tsrce=sfmc&ppid=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&space_key=SKCPAD&utm_source=sfmc&utm_medium=email&utm_campaign=OW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey&sfmc_id=U495VQP9BYPCL&utm_content=Add_Passkey_CTA&event_name=external_deep_link_processed&t=1729791249352&v=1.9.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: baa7fd78f7dc3
correlation-id: baa7fd78f7dc3
expires: Thu, 24 Oct 2024 17:34:09 GMT
traceparent: 00-0000000000000000000baa7fd78f7dc3-402984e4dd51e8b6-01
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-0000000000000000000baa7fd78f7dc3-261290f3c01b9ac8-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: image/gif
x-served-by: cache-bur-kbur8200117-BUR, cache-yul1970055-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1729791250.563492,VS0,VE111
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes

GET
H2 200 mktconf.js Show response
www.paypalobjects.com/martech/tm/paypal/ 563 KB
36 KB 30ms
28ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/martech/tm/paypal/mktconf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D11E) /

Resource Hash

49e8d721e0cc0242208a27afeca5ef43d413f9c76964e177951e2ea473dadc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 4c613bf35d4d8
content-encoding: br
etag: "6711371f-8cab9+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-00000000000000000004c613bf35d4d8-f92c0ce4abb37542-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 16:11:11 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 36205
server: ECAcc (nyd/D11E)

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.65/ 154 KB
51 KB 33ms
32ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D16A) /

Resource Hash

5a0ea7e0ead74c66f762b54be56abacf5a9e284935c07d67e4801bc833ab12cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: be2843f7f34e2
content-encoding: br
etag: "670429cc-267db+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-0000000000000000000be2843f7f34e2-d755ab666db9b39a-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:34:52 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 51673
server: ECAcc (nyd/D16A)

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/6.4.65/ 7 KB
3 KB 34ms
29ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/6.4.65/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D13B) /

Resource Hash

35d668cee3a6eeca54d65caa8ac157829e37a4a885ebfadd47256108d93f8ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.paypal.com
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 8dc567fa5bae1
content-encoding: br
etag: "670429cc-1acd+gzip+br"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-00000000000000000008dc567fa5bae1-9b18515cd1465388-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 18:34:52 GMT
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-origin: *
content-length: 2879
server: ECAcc (nyd/D13B)

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 204ms
181ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

691a9f374be98f0630efc11b1bbf0ecd4b0f74cccc240f2c3dc7b8f06b84af53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-T/PaM+s86VGqmEl0lXlAgSzvF6x+RLtGKTzpf0MrgtHlkO4s' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f132583f9c9a5
content-encoding: gzip
etag: W/"840-YiOYMZLAUz4Cj7d7etvD+WtZxEI"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583f9c9a5-6fe9771b8fe103be-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200121-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-T/PaM+s86VGqmEl0lXlAgSzvF6x+RLtGKTzpf0MrgtHlkO4s' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.764271,VS0,VE149
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 210ms
188ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4cc9018a34d9b7d402f0cb17c49942deac06de33085a0285236264bc8b4eb9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-I5An2ZANTWpuiAiA0el1mKQyQ5iFvoqrA66nfJqV+A4MKG3D' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f1325832f78ba
content-encoding: gzip
etag: W/"86d-2MsdUJk/qDlFdPNgILSbh0LktVk"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f1325832f78ba-ccab1cb07f320998-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200124-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-I5An2ZANTWpuiAiA0el1mKQyQ5iFvoqrA66nfJqV+A4MKG3D' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.764198,VS0,VE162
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 fb_fp.js Show response
c.paypal.com/da/r/ 63 KB
22 KB 75ms
48ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb_fp.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/61b/73d460a4d27b620036e5ca235a5fe/js/signin-split.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (nyd/D121) /

Resource Hash

b6c8e6c9ef42a1509be875834572e7289a2e5d5dbcda1f7ec0d5cad73dab67b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

access-control-max-age: 86400
paypal-debug-id: cf772de487428
content-encoding: gzip
etag: W/"66bc0232-fc83"
age: 192992
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-0000000000000000000cf772de487428-2e7bf41239a74c4e-01
expires: Fri, 25 Oct 2024 17:34:09 GMT
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/javascript
x-served-by: cache-yul1970052-YUL
x-cache-hits: 3467
last-modified: Wed, 14 Aug 2024 01:02:42 GMT
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: s-maxage=31536000, public,max-age=86400
timing-allow-origin: *
x-timer: S1729791250.783927,VS0,VE2
access-control-allow-credentials: false
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22036
server: ECAcc (nyd/D121)

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 221ms
199ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75dfe19aab5fceefd9471fcc26ea3c2b8d1f193d16f47c8d76b1c471619643eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-2Lt15aAqW8LxD3N4mpLR6M6oDiDoqQIbP/mlVapwrBiKUe2B' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f132583f9bd97
content-encoding: gzip
etag: W/"7bd-W3y6f7YZcEc4jotRJBmbOt7LhMM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583f9bd97-ee95f1637fd8ee00-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200127-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-2Lt15aAqW8LxD3N4mpLR6M6oDiDoqQIbP/mlVapwrBiKUe2B' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.782389,VS0,VE160
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 391ms
370ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd1f9f466c9b26e139872cb3d8417bcb0885b9a6d11ddbff741018a2bb34955d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-gcOJmSHkv6TwVFDAPyIP+9ff/KypKu1QSKLVf4Zm/h6Q5P1C' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f13258322f053
content-encoding: gzip
etag: W/"7e0-TPEU0oOzAvPdJGkSGHuqasib1V8"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f13258322f053-d0f8b7dcdac4a7a2-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200121-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-gcOJmSHkv6TwVFDAPyIP+9ff/KypKu1QSKLVf4Zm/h6Q5P1C' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783968,VS0,VE335
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 238ms
218ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

979d207de2c1f22aeb7ad639f0f98844aa59630caeae741e5853bc4c89752e91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Gk4wOJBSSxRha3PXQZSlElRuZ8SGb5XWuHIMZ/OTWXW0x31X' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f13258396b6fc
content-encoding: gzip
etag: W/"829-eEM8jfiYccVYS+5M6/q0YaApRDk"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f13258396b6fc-d414948e3327949a-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200134-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Gk4wOJBSSxRha3PXQZSlElRuZ8SGb5XWuHIMZ/OTWXW0x31X' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783078,VS0,VE183
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 213ms
196ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

289386996698c32e9221d00a97df66f71bb8b7e6e0d3650263ee75a6fccc76a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-POOO3REitoHJ/QueUoVPoPXYUeq4MzyiQMJN9eDqw75JFQL+' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f132583e141c4
content-encoding: gzip
etag: W/"870-hrCWMnBSELT+NvuPGiuI4mKV8bE"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583e141c4-839972e2f73828d4-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200096-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-POOO3REitoHJ/QueUoVPoPXYUeq4MzyiQMJN9eDqw75JFQL+' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783225,VS0,VE156
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 220ms
202ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

677cf1d490fb71cb5f1c3d7685f04ca02a37681c405ef5e353e0219e27697944

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-fWfDdH0vlsPPOBhdJ9bsff5MgHJxGcpMjQJP4/DXnvNF/nI0' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f132583487d9b
content-encoding: gzip
etag: W/"83e-3//3C75cmz2JQUr8++qhL4HaLXk"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583487d9b-f45fca393be89e49-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200053-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-fWfDdH0vlsPPOBhdJ9bsff5MgHJxGcpMjQJP4/DXnvNF/nI0' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783235,VS0,VE158
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 279ms
263ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

554d9f985c452c236e7e37b8bb16faa893c05f86b48358a6c6046f3fe811dc14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-JBwKz/k/YMFXC0BmKroTUp1iQ8m/w7Zg285R76IqSVts/iXS' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f132583ee78dd
content-encoding: gzip
etag: W/"7fe-cq+S7LcZ02v69e9giuwl0t1+v7w"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583ee78dd-6ae9e40674b38e2d-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200170-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-JBwKz/k/YMFXC0BmKroTUp1iQ8m/w7Zg285R76IqSVts/iXS' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.784228,VS0,VE217
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 cookie-banner Show response
www.paypal.com/signin/ 20 KB
8 KB 248ms
238ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/cookie-banner?cookieBannerVariant=hidden&

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6029ac5bbc3f76015bfb853ac26f9ab8c286c2b2542b5d7574882cf3df6b82d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-rzJT5i/+obE3T3lWX526KMnmFKlyGAsCzaNYqsIWjQ4Ou3qb' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json

Response headers

paypal-debug-id: f132583cf8e7f
content-encoding: gzip
etag: W/"4eb5-Uoth8G+8vl4DOxexg3O3bQ0S+q4"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f132583cf8e7f-e2b19803175816e7-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200140-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-rzJT5i/+obE3T3lWX526KMnmFKlyGAsCzaNYqsIWjQ4Ou3qb' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.782426,VS0,VE199
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 65 KB
14 KB 1126ms
1110ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33382986e4d3c99fd03bdd5db3671f7759ff14744999550c33251219d5a9340a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-C89DNtEL7t17xmehBysNtKjUd09PygRwGdPQLu5bbih7x9Sc' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f1325831b01b8
content-encoding: gzip
etag: W/"104ec-bgtWEA7531vad67IJKoemmiNGCU"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f1325831b01b8-fb48af565a203757-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200091-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-C89DNtEL7t17xmehBysNtKjUd09PygRwGdPQLu5bbih7x9Sc' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783927,VS0,VE1073
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 217ms
201ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b3b209adf25070d46f31efd0590cbe963ebabad532b1588b909d720bbf17b95

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dHC764UrngXb5hpc4sOQ7S4YXHbx0POw3gZ2TtzqONPxPE+E' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f1325830a7696
content-encoding: gzip
etag: W/"7bd-Qrpu74e3Qed0IxopokkxoKIUzmE"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f1325830a7696-50d378bc48afa21a-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200055-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-dHC764UrngXb5hpc4sOQ7S4YXHbx0POw3gZ2TtzqONPxPE+E' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.783832,VS0,VE148
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 200 client-log Show response
www.paypal.com/signin/ 2 KB
4 KB 204ms
192ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f3640c0a188bf0e4cde9424af6cfcce26a7f5a18255e298fc95f230c67bea0ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-HWiMQR1FLPpWPSov40ws6VskfyXxp7uD59FQq48NOnixODh3' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-type: application/x-www-form-urlencoded

Response headers

paypal-debug-id: f1325831592fb
content-encoding: gzip
etag: W/"7e8-6V6KPy+qhcykymKy/KT46F1YaDg"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f1325831592fb-8e211e8ed750f3e6-01
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200057-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-HWiMQR1FLPpWPSov40ws6VskfyXxp7uD59FQq48NOnixODh3' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.840387,VS0,VE167
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 pp_favicon_x.ico
www.paypalobjects.com/en_US/i/icon/ 5 KB
2 KB 34ms
29ms Other
image/x-icon 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D15E) /

Resource Hash

1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 17748390dc4cf
content-encoding: br
etag: W/"5d5637bd-1536"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:09 GMT
traceparent: 00-000000000000000000017748390dc4cf-d10b3e60678d6ae0-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: image/x-icon
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 1471
server: ECAcc (nyd/D15E)

OPTIONS
H2 200 p1
c.paypal.com/v1/r/d/b/ Frame 0
0 226ms
137ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: 7afa938044387
date: Thu, 24 Oct 2024 17:34:10 GMT
paypal-debug-id: 7afa938044387
server-timing: "traceparent;desc="00-00000000000000000007afa938044387-2df997eec924d94e-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000007afa938044387-33d85f5e494e95c0-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-bur-kbur8200040-BUR, cache-yul1970022-YUL

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ 213 B
1 KB 174ms
173ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0ebf9805649df48c0e32cdffc7f24dd33360ba6c38b75bd28943a6569f1d9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 2417ac0eedca0
correlation-id: 2417ac0eedca0
traceparent: 00-00000000000000000002417ac0eedca0-b6d0749991261580-01
server-timing: "traceparent;desc="00-00000000000000000002417ac0eedca0-0bd9a976be50b350-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json
x-served-by: cache-bur-kbur8200089-BUR, cache-yul1970052-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 213

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ 125 B
986 B 173ms
171ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2514a294e211809d9a7454bf8874e3fead9d4c3efbe0111dd6fa9f064354aebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.paypal.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 4610a9ab61c5f
correlation-id: 4610a9ab61c5f
traceparent: 00-00000000000000000004610a9ab61c5f-fafc11206ac570ee-01
server-timing: "traceparent;desc="00-00000000000000000004610a9ab61c5f-153ef577b42d8c9d-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json
x-served-by: cache-bur-kbur8200133-BUR, cache-yul1970052-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://www.paypal.com
content-length: 125

GET
H/1.1

200
OK

counter2.cgi
slc.stats.paypal.com/v1/ Frame EED6
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo
https://slc.stats.paypal.com/v1/counter2.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo

42 B
299 B

331ms
96ms

Image
image/jpeg

34.106.92.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slc.stats.paypal.com/v1/counter2.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo
Protocol: HTTP/1.1
Server: 34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 18.92.106.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

Content-Length: 42
Date: Thu, 24 Oct 2024 17:34:10 GMT
Content-Type: image/jpeg
Connection: close
Server: PayPal-B.Stats/1.0

Redirect headers

Location: https://slc.stats.paypal.com/v1/counter2.cgi?r=cD02NGQ3M2M3MDE2MzY0MjBmYjViMTdhYjg0ZmEwMGM1NyZpPTE2Ny4xMTQuMjA5LjEwMyZ0PTE3Mjk3OTEyNDcuNzk4JmE9MjEmcz1VTklGSUVEX0xPR0lO_0x-TovIjYhnhDsDadcw0oicEWo
Content-Length: 0
Date: Thu, 24 Oct 2024 17:34:10 GMT
Content-Type: application/octet-stream
Connection: close
Server: PayPal-B.Stats/1.0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
342 B 271ms
157ms Image
text/plain 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=64d73c701636420fb5b17ab84fa00c57&s=UNIFIED_LOGIN_INPUT_EMAIL_TRMT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D43) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
paypal-debug-id: 87040f53a4d2d
timing-allow-origin: *
correlation-id: 87040f53a4d2d
traceparent: 00-000000000000000000087040f53a4d2d-8691ec53d105f75b-01
server-timing: traceparent;desc="00-000000000000000000087040f53a4d2d-8bbb4e1850581d85-01", content-encoding;desc="", x-cdn;desc="edgecast"
content-length: 20
date: Thu, 24 Oct 2024 17:34:10 GMT
vary: Accept-Encoding
server: ECAcc (dcd/7D43)

OPTIONS
H2 200 p2
c.paypal.com/v1/r/d/b/ Frame 0
0 139ms
125ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.paypal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
correlation-id: cd561c42f2212
date: Thu, 24 Oct 2024 17:34:10 GMT
paypal-debug-id: cd561c42f2212
server-timing: "traceparent;desc="00-0000000000000000000cd561c42f2212-642b5ece255d9e4f-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000cd561c42f2212-bec9cb09004c6c65-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-bur-kbur8200105-BUR, cache-yul1970022-YUL

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 194ms
194ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0fMo4vZT8Sf8wyGd43BPoujbOxMR+Z2v/gusd/xUTSt0A4xb' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f1325832336b2
content-encoding: gzip
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f1325832336b2-9387bc7970a81fea-01
server-timing: "traceparent;desc="00-0000000000000000000f1325832336b2-6f5dd59605396579-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-bur-kbur8200128-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0fMo4vZT8Sf8wyGd43BPoujbOxMR+Z2v/gusd/xUTSt0A4xb' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.076572,VS0,VE173
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
641 B 140ms
140ms Image
image/gif 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.2&t=1729791250070&g=420&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&qual=input_email&pgst=1729791247727&calc=f105934f3d09a&nsid=YiMKS12UgOlgTcgatBjmoB9q3ZySyHuL&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CA&csci=64d73c701636420fb5b17ab84fa00c57&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=105410%2C105409%2C104759%2C109059%2C104407&xt=123956%2C123954%2C136601%2C143369%2C119038&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&product=cookieBanner&e=ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 760c14aaca1ac
correlation-id: 760c14aaca1ac
expires: Thu, 24 Oct 2024 17:34:10 GMT
traceparent: 00-0000000000000000000760c14aaca1ac-ddead8c7abeab5e0-01
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-0000000000000000000760c14aaca1ac-8e5d98906f76a6f4-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: image/gif
x-served-by: cache-bur-kbur8200147-BUR, cache-yul1970055-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1729791250.082040,VS0,VE117
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
138 B 101ms
92ms Fetch
application/json 2600:1901:0:c072::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=6a5d5a44-a5d1-4767-990d-d12ece17c655&batch_time=1729791250077

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

9eac6e474afb08c65b3640c597b22a9e2a60ab8e2da74a4107722777f6301751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 24 Oct 2024 17:34:09 GMT
content-type: application/json
dd-request-id: 6a5d5a44-a5d1-4767-990d-d12ece17c655

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 40 B
2 KB 165ms
160ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f65c6c25cb1947412532a42a124f84773e56a743e12ee641ec76718d8f44ed3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://.paypalobjects.com https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TeaLeaf-Page-Url: /signin
X-PageId: P.Q973E4FHWUBS6RZCNM3WAXFTUQK7
X-TealeafType: GUI
Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/6.4.65
X-Tealeaf-SaaS-AppKey: 76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTDID: 23435053591345648795059479315534
X-Tealeaf-SyncXHR: false
X-Tealeaf-SaaS-TLTSID: 41904297726198441461295752605477
X-Requested-With: fetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Tealeaf-MessageTypes: 1,2,5,7,12,14
Content-Type: application/json

Response headers

paypal-debug-id: f13258371bc18
content-encoding: br
etag: W/"28-F60RjggoD1bgVUVUt79SlvHyBLo"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f13258371bc18-4e4e94df382a4189-01
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bur-kbur8200128-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791250.327479,VS0,VE124
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-xss-protection: 1; mode=block

POST
H3 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
71 B 90ms
81ms Fetch
application/json 34.149.66.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=87de64ce-3f6e-431f-aa59-e68afddf4fa1&batch_time=1729791250395

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.66.149.34.bc.googleusercontent.com

Software

Resource Hash

4e6e76a028dc949890221e65736cc3b984388d3962e014ccf82a914f51a1bec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json
dd-request-id: 87de64ce-3f6e-431f-aa59-e68afddf4fa1

POST
H3 202 replay Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
71 B 125ms
113ms Fetch
application/json 34.149.66.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.23.3%2Capi%3Afetch%2Cservice%3Aunifiedloginnodeweb&dd-api-key=pubfa2a063cbe1e1dd735fe2d7af81a244e&dd-evp-origin-version=5.23.3&dd-evp-origin=browser&dd-request-id=3111866f-1cea-4d5b-87b3-a7ed16a847f6

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.66.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.66.149.34.bc.googleusercontent.com

Software

Resource Hash

40b09c7cb3ba547f887bc4e57a1f4755a14ff474f5f321b2d7796d3cf36eb35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHdruYbUfHX1oOQji
Referer: https://www.paypal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: application/json
dd-request-id: 3111866f-1cea-4d5b-87b3-a7ed16a847f6

GET
H2 200 ts
t.paypal.com/ 42 B
546 B 126ms
124ms Image
image/gif 151.101.67.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?v=1.9.2&t=1729791250720&g=420&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1729791247727&calc=f105934f3d09a&nsid=YiMKS12UgOlgTcgatBjmoB9q3ZySyHuL&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=CA&csci=64d73c701636420fb5b17ab84fa00c57&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=100353%2C105604%2C105604%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C109195%2C105999%2C100885%2C109334%2C109334%2C101270%2C102557%2C102557%2C101408%2C101408%2C104227%2C104227%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C106031%2C106031%2C107054%2C107054%2C106033%2C106033%2C106032%2C106032%2C105392%2C105392%2C106035%2C106035%2C106034%2C106034%2C106036%2C106036%2C105271%2C110648%2C101688%2C101821%2C101820%2C102208%2C105543%2C105544%2C105416%2C105416%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C105553%2C105553%2C105552%2C105552%2C100307%2C105554%2C105554%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C104038%2C104038%2C101736%2C110442%2C108653%2C108652%2C100846%2C109040%2C105843%2C105843%2C101875%2C105845%2C105845%2C105844%2C105844%2C109047%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101216%2C103648%2C104200%2C109195%2C108076%2C109047&xt=100886%2C124899%2C124899%2C123678%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123693%2C144027%2C127242%2C102543%2C144768%2C144768%2C106407%2C109630%2C109630%2C104576%2C104576%2C117972%2C117972%2C101702%2C123244%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C127405%2C127405%2C132781%2C132781%2C127413%2C127413%2C127409%2C127409%2C123875%2C123875%2C127420%2C127420%2C127416%2C127416%2C127424%2C127424%2C123252%2C152289%2C105645%2C106327%2C106324%2C108106%2C124626%2C124629%2C125100%2C125100%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C125521%2C125521%2C125529%2C125529%2C100737%2C125515%2C125515%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C120736%2C120736%2C105858%2C150775%2C141151%2C141149%2C102359%2C143321%2C126378%2C126378%2C106610%2C126409%2C126409%2C126393%2C126393%2C143343%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103864%2C114559%2C127485%2C144027%2C138090%2C143343&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey&e=im&imsrc=setup&view=%7B%22t10%22%3A3%2C%22t11%22%3A3135%2C%22tcp%22%3A1860%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A541%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=3&t1c=0&t1d=0&t1s=0&t2=258&t3=172&t4d=0&t4=0&t4e=13&tt=2601&rdc=1&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=142&t12=2252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.1 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: 3739352c6fd34
correlation-id: 3739352c6fd34
expires: Thu, 24 Oct 2024 17:34:10 GMT
traceparent: 00-00000000000000000003739352c6fd34-7d2ba936a54c2d3c-01
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
server-timing: "traceparent;desc="00-00000000000000000003739352c6fd34-b8285074c47220b3-01"";content-encoding;desc="",x-cdn;desc="fastly"
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: image/gif
x-served-by: cache-bur-kbur8200044-BUR, cache-yul1970055-YUL
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
x-timer: S1729791251.729905,VS0,VE105
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 31ms
30ms Image
image/png 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyd/D142) /

Resource Hash

21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.paypal.com/

Response headers

paypal-debug-id: 8d3b3b77a25ed
etag: "60271d86-1ae61"
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 18:34:10 GMT
traceparent: 00-00000000000000000008d3b3b77a25ed-d7f784da7958ecc2-01
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 24 Oct 2024 17:34:10 GMT
content-type: image/png
last-modified: Sat, 13 Feb 2021 00:29:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: s-maxage=31536000, public,max-age=3600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
content-length: 110177
server: ECAcc (nyd/D142)

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
3 KB 251ms
249ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-Dks2dJWIX3sWZuW8qvTXpWUWLH9jHjZZ4hWnmHyVLzrmLCxK' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; img-src https://.paypalobjects.com https://objects.paypal.cn https://.paypal.com https://.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com; form-action 'self' https://.paypal.com https://.paypal.cn https://.zettle.com https://.xoom.com; base-uri 'self' https://.paypal.com https://.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://.hcaptcha.com https://.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f390765640424
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f390765640424-a65c0401c7fbdf13-01
server-timing: "traceparent;desc="00-0000000000000000000f390765640424-9aef51d2eb4d4169-01"";content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:11 GMT
x-served-by: cache-bur-kbur8200043-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-Dks2dJWIX3sWZuW8qvTXpWUWLH9jHjZZ4hWnmHyVLzrmLCxK' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791251.470272,VS0,VE228
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 cookies Show response
www.paypal.com/myaccount/privacy/cookieprefs/ 2 B
3 KB 253ms
252ms XHR
text/plain 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:unifiedlogin:splitlogin::email:::&component=unifiedloginnodeweb&eventSourceUrl=https://www.paypal.com/signin

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vWZFjKZ0UMOmoLKtIK+jURKdFt7mbqkLRY2U01uQmYE/V9p0' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://recaptcha.net/ https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-expose-headers: Server-Timing
paypal-debug-id: f31743235c5b8
content-encoding: gzip
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options: nosniff
traceparent: 00-0000000000000000000f31743235c5b8-4144a0c633eb900d-01
server-timing: "traceparent;desc="00-0000000000000000000f31743235c5b8-2b8a6bd0f8cd3b47-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: MISS, MISS, MISS
date: Thu, 24 Oct 2024 17:34:13 GMT
content-type: text/plain; charset=utf-8
x-served-by: cache-bur-kbur8200095-BUR, cache-yul1970052-YUL, cache-yul1970052-YUL
x-cache-hits: 0, 0, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vWZFjKZ0UMOmoLKtIK+jURKdFt7mbqkLRY2U01uQmYE/V9p0' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer: S1729791253.076428,VS0,VE232
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
access-control-allow-origin: https://www.paypal.com
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: blob:https://www.paypal.com/2bee4be3-1e7b-473f-b21a-2c7e45e9ca86

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-21 04:49:03	Name: _GRECAPTCHA Value: 09ANOXeZxPlAlTOUPLSjS8MhoKJRcxuemEru4EkR_VdRqko40-MlUd4KikiFIwIZepX9aNtkOusG-5IvQJCU9H8D8
.paypal.com/	1970-01-21 00:30:22	Name: LANG Value: en_US%3BCA
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AYiMKS12UgOlgTcgatBjmoB9q3ZySyHuL.qwARn3%2BB1FSxfHINM3z7CtqRj6CPPybSbecglolPMmY
.paypal.com/	1970-01-21 00:29:53	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 10:05:51	Name: ts_c Value: vr%3Dbf97c44d1920ad10e903d9a1ff67c848%26vt%3Dbf97c44d1920ad10e903d9a1ff67c847
.paypal.com/	1970-01-21 09:15:27	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-21 10:05:51	Name: cookie_check Value: yes
.paypal.com/	1970-01-21 10:05:51	Name: d_id Value: 64d73c701636420fb5b17ab84fa00c571729791247747
.paypal.com/	1969-12-31 23:59:59	Name: TLTSID Value: 41904297726198441461295752605477
.paypal.com/	1970-01-21 09:15:27	Name: TLTDID Value: 23435053591345648795059479315534
.paypal.com/	1970-01-21 01:13:03	Name: datadome Value: 6El9v52A6XeyMj5syUo3nvnY2n6oYSZRHK10plB3Ibfk5XbXrUnYFTc9~mt4PGA3L8fzPOnRIQLxYTsagkU5Phbp34ztnLjo31379rz1VVm0ppHfSXblAWwBZgMaspss
.paypal.com/	1970-01-21 00:29:52	Name: rssk Value: d%7DC9%408%3C%3C%3E53%3D%3F%40%407%3Exqx%3Er%7Foxnf9%7F%3F13
.paypal.com/	1970-01-21 09:15:27	Name: cookie_prefs Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/	1970-01-21 10:05:51	Name: sc_f Value: 6ZZM4sqcht-f5De1-gtOOF0E0_AwL1SXPCj6EsdJkC2Qay-NChFEg_zQJ_dkB8bJlUXYuYFZK9anjGwA55FeYxkXP5l82j1wfxD_Qm
.paypal.com/	1970-01-21 10:05:51	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 4GupXNp2OOUMQmWft2MXsRDqgMb3QwriNN87kvg3XbBi-j8lLXrfKk9_vViGiSQKt0Ozz-vK8GImN1UX
.stats.paypal.com/	1970-01-21 10:05:51	Name: c Value: 9591a1c67959a6293c6c
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTcyOTc5MTI1MzI0OSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 00:34:10	Name: tsrce Value: privacynodeweb
.paypal.com/	1970-01-21 10:05:51	Name: ts Value: vreXpYrS%3D1824399253%26vteXpYrS%3D1729793053%26vr%3Dbf97c44d1920ad10e903d9a1ff67c848%26vt%3Dbf97c44d1920ad10e903d9a1ff67c847%26vtyp%3Dnew
www.paypal.com/	1970-01-21 00:29:52	Name: _dd_s Value:

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://www.paypal.com/signin?returnUri=https%3A%2F%2Fwww.paypal.com%2Fmyaccount%2Fsecurity%2FpasskeyLogin%2FcreatePasskey%3Ftsrce%3Demail%26utm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DOW_EM_AH_MC_NI_NI_202409_462508_Service_Email_Passkey%26sfmc_id%3DU495VQP9BYPCL%26utm_content%3DAdd_Passkey_CTA Message: [GroupMarkerNotSet(crbug.com/242999)!:A030A707E41D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-xXZ8opxWR7N4quz3xfyAehO11JuqIbJZGb0GzzsxYtltjgae' 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://.googleusercontent.com/ https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://browser-intake-us5-datadoghq.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://.qualtrics.com; base-uri 'self' https://.paypal.com https://.paypal.cn; worker-src 'self' blob: https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
browser-intake-us5-datadoghq.com
c.paypal.com
c6.paypal.com
ddbm2.paypal.com
paypalobjects.com
slc.stats.paypal.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
13.32.151.3
151.101.1.21
151.101.129.21
151.101.67.1
192.229.210.155
2600:1901:0:c072::
34.106.92.18
34.149.66.134
0311e7cd1ff9b287c7099126ae78265a48fc8adb1a6e060731a503b2e41313f0
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1690c4e20869c3763b7fc111e2f94035b0a7ee830311dd680ac91421daad3667
1b3b209adf25070d46f31efd0590cbe963ebabad532b1588b909d720bbf17b95
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
2514a294e211809d9a7454bf8874e3fead9d4c3efbe0111dd6fa9f064354aebb
289386996698c32e9221d00a97df66f71bb8b7e6e0d3650263ee75a6fccc76a6
2c6bd1749d24699d1800314c498bfff3eaf5ded67fe354f96fd00d274ca9513c
33382986e4d3c99fd03bdd5db3671f7759ff14744999550c33251219d5a9340a
35d668cee3a6eeca54d65caa8ac157829e37a4a885ebfadd47256108d93f8ae5
40b09c7cb3ba547f887bc4e57a1f4755a14ff474f5f321b2d7796d3cf36eb35c
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
457293b5870c72a08794e0d8186159de2a4366d91bfd3e39c790ba80235078df
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49e8d721e0cc0242208a27afeca5ef43d413f9c76964e177951e2ea473dadc35
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
4e6e76a028dc949890221e65736cc3b984388d3962e014ccf82a914f51a1bec2
4f65c6c25cb1947412532a42a124f84773e56a743e12ee641ec76718d8f44ed3
554d9f985c452c236e7e37b8bb16faa893c05f86b48358a6c6046f3fe811dc14
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a0ea7e0ead74c66f762b54be56abacf5a9e284935c07d67e4801bc833ab12cf
677cf1d490fb71cb5f1c3d7685f04ca02a37681c405ef5e353e0219e27697944
691a9f374be98f0630efc11b1bbf0ecd4b0f74cccc240f2c3dc7b8f06b84af53
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75c159c9974a7207171cf1f4ed302f91f90ae95233fdd64e994fd66ada89ab20
75dfe19aab5fceefd9471fcc26ea3c2b8d1f193d16f47c8d76b1c471619643eb
8225539f20b6327c04b816dca545bc230c2011c42f9ac1fa81b0b7dfbc600859
8766a4211434d2c318fbfa412ea9633b385ecf1cab6119f8894019d91ed7e027
87f812dd43323a088722696d460d76bc65c1b02bf158c19a83f1ae2c35715d96
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8d0e74dfe39c809f2dde1119f404841405d107fa40165669ea74fca51722311b
979d207de2c1f22aeb7ad639f0f98844aa59630caeae741e5853bc4c89752e91
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9eac6e474afb08c65b3640c597b22a9e2a60ab8e2da74a4107722777f6301751
a4cc9018a34d9b7d402f0cb17c49942deac06de33085a0285236264bc8b4eb9d
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b6c8e6c9ef42a1509be875834572e7289a2e5d5dbcda1f7ec0d5cad73dab67b7
c0ebf9805649df48c0e32cdffc7f24dd33360ba6c38b75bd28943a6569f1d9bf
cd1f9f466c9b26e139872cb3d8417bcb0885b9a6d11ddbff741018a2bb34955d
d81bfefd8585b694222d3e94e9dee5d7935049c65355f9fd096800301d51545b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6029ac5bbc3f76015bfb853ac26f9ab8c286c2b2542b5d7574882cf3df6b82d
e7e9710315f5797eea1e6e4fffe8e2c9da2ab636d13065f23e7bfb2a2408375e
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
efc3ad603dca3c78e67493adb079676731fd72c4204dbf7264d22e897a271267
f26759c91d3faf51aa1ba2f48f267e458f6a4a697c5aa392621e56030cc27165
f3640c0a188bf0e4cde9424af6cfcce26a7f5a18255e298fc95f230c67bea0ef
ff3e326f8f267bdd9c545095788a4cf80634adf17e6a60647de5dd7bc902b5e9

www.paypal.com Open in urlscan Pro 151.101.1.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

13 %IPv6

3 Domains

10 Subdomains

9 IPs

1 Countries

647 kBTransfer

2278 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.paypal.com Open in urlscan Pro
151.101.1.21 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

13 %
IPv6

3
Domains

10
Subdomains

9
IPs

1
Countries

647 kB
Transfer

2278 kB
Size

20
Cookies

58 HTTP transactions
0 data transactions