urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
192.229.221.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.paypal.sabro.net/
Effective URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Submission: On August 23 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 27 HTTP transactions. The main IP is 192.229.221.25, located in United States and belongs to EDGECAST, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 2799.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 9th 2022. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 107.161.189.250 33182 (DIMENOC)
1 24 192.229.221.25 15133 (EDGECAST)
2 151.101.1.35 54113 (FASTLY)
27 4
Apex Domain
Subdomains		 Transfer
15 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2541
896 KB
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2799
t.paypal.com — Cisco Umbrella Rank: 3559
36 KB
3 sabro.net
www.paypal.sabro.net
www.sabro.net
1 KB
27 3
Domain Requested by
15 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
9 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
2 t.paypal.com
2 www.sabro.net 1 redirects
1 www.paypal.sabro.net 1 redirects
27 5

This site contains no links.

Subject Issuer Validity Valid
sabro.net
cPanel, Inc. Certification Authority		 2023-08-09 -
2023-11-07		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Frame ID: B5A2E8CFEF37DC5A1CC842305EEEBFBD
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPal Checkout

Page URL History Show full URLs

  1. http://www.paypal.sabro.net/ HTTP 301
    http://www.sabro.net/paypal.htm HTTP 301
    https://www.sabro.net/paypal.htm Page URL
  2. https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=alexander%40sabro%2enet&no_shipping=0&no... HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

930 kB
Transfer

4583 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.paypal.sabro.net/ HTTP 301
    http://www.sabro.net/paypal.htm HTTP 301
    https://www.sabro.net/paypal.htm Page URL
  2. https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=alexander%40sabro%2enet&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8 HTTP 302
    https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.paypal.sabro.net/ HTTP 301
  • http://www.sabro.net/paypal.htm HTTP 301
  • https://www.sabro.net/paypal.htm

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
paypal.htm
www.sabro.net/
Redirect Chain
  • http://www.paypal.sabro.net/
  • http://www.sabro.net/paypal.htm
  • https://www.sabro.net/paypal.htm
395 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sabro.net/paypal.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.161.189.250 , United States, ASN33182 (DIMENOC, US),
Reverse DNS
ftp.grupobrooks.com
Software
Apache /
Resource Hash
dd024e601a758ac73fc699317e55314007f2c4ba099c68b36ee2b3368c455408

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
395
Content-Type
text/html
Date
Wed, 23 Aug 2023 02:51:04 GMT
ETag
"9222c7-18b-4cc2b33596800"
Last-Modified
Tue, 16 Oct 2012 11:10:24 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
240
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 23 Aug 2023 02:51:04 GMT
Location
https://www.sabro.net/paypal.htm
Server
Apache
Primary Request shoppingcart
www.paypal.com/webapps/
Redirect Chain
  • https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=alexander%40sabro%2enet&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8
  • https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC9) /
Resource Hash
2687aa5d579bd916b340031f4a2d00ab3428017dc07ebb97bd970249cb9e009a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-thkUMaSbg3Srg1rFlLBEO8d653wsySfxFcX+FyodaFqXqiOc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sabro.net/paypal.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-thkUMaSbg3Srg1rFlLBEO8d653wsySfxFcX+FyodaFqXqiOc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 23 Aug 2023 02:51:06 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
075857172b7a0
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CC9)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000075857172b7a0-bc9fb0366f8c3caa-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-cookies
{"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"RIZgMM-cAhYFYdz-gS7os148n3C7twePkldgeh976ujD6fCmxmaJtYDI0JOl5r4y0Yg457uS2-uhLHiH","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"oSV2jksPqPIGrqQSGCTouYjj3XTFzAyABcGcQHr9rFgU2IM60o3nXXeUwWNs43I6ENr8var3jowP1pNUzcqEh2LZ0XXnHt0XX1I_QnCH17krKTx0-Ou_NV8CmtLSkskP1x8cbNrSXt7nbzW0WcPTcMEb2zLSHr_jsDNpDvgttNIDmHq_eucfR9icihrE26tYUbuJpbbubK7bF3nHosgK9ny30haJnrKc1YJlVSLksSbMVyKIVrCb8DdxxiXEdPkuVfv65kEG0VbezPforoJSTXY6mlxqAQKCWpb8YLWvAfBWiNdapPZgGQCwrAgNEQdz4UFwpWYVnHcEJOvsTs7kmb9dV_EafO1AuOyNiC-fPL6L4MuniJO6krlev_zltXCWjmGsWbksJcvseg3Fc-Y8AiCdGObS7zO692Vi8W_nEZvwPyXnPmIiWstNhJT5f7S0eFkQxfMRC-slWW22hBSOQ20ChQTTiFSYFhN9nKnxMZx5DHz_h21KrcYncHMQhNTCRaV9D7ABgjQyJGRL83oYhsxNajhWiyVuPjLFIBvxsGzxg9YdYP8egDuNPCNKZxvX_tXv4pN0zC4xjoan","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"8Le_Q6B4F-SpCb4aDJRMjZlQZED09szhxng9pTdA82BsCRWVdcSetyjGOyNCS8OUHWcFahBO2vYLzkVxT4timjrfCO4"}
x-cookies-hash
68955b56b64e18de5471ccc725cfaea3b2f6dd650d20dc451c616830f23fa835
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlJ4T0FaVk1sNU1kaDY3NVhmTENfcWc0UkZ0cEw0ek96YjVPNnpiVjRPV2NOLV9Vb2lnNC02bWlYVl9yakFndzZST1ZsVElrdHpnNk5FemdsZDVIQnU3T0I2N3FIby1TXzJMeW1VWHZYek9scGEwZUZvWHpWVXNLcGdqemN5TGU0X0tBYmp5dnoyWkgyclJRekRsQVl3U0Y2WFRVN1RNTFQxYmVSd2lLeUNzWUVPLXhGWTBoM1pReUJGZkMiLCJpYXQiOjE2OTI3NTkwNjYsImV4cCI6MTY5Mjc2MjY2Nn0.s9hHCfOjmIe74gH0FjIj84tq-ociu4aKBFYVBZfSARM
x-csrf-jwt-hash
4ab76cca06ef8229d3ece36e640adb05051320af0db207390de8b827ee69a8d5
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
262
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-aSPm4NY3YmMcoAFNuJ4RkWpnqCYipHweacBL8Klh0i9trCB/' 'self' https://*.paypal.com 'unsafe-inline'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' https://*.qualtrics.com;
content-type
text/html; charset=utf-8
date
Wed, 23 Aug 2023 02:51:06 GMT
dc
ccg11-origin-www-1.paypal.com
location
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0411960640613
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CA5)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000411960640613-c60b79d5238b2d41-01
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.css
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/css/styles.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers
framework.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/ 		408 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/framework.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB7) /
Resource Hash
0d6da1d24d97a42e413dc3598e8b34760bb0fa02fe697092199a391383f6ac3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
abdda4d7d11a3
dc
ccg11-origin-www-1.paypal.com
content-length
139799
last-modified
Fri, 18 Aug 2023 17:16:03 GMT
server
ECAcc (frc/4CB7)
traceparent
00-0000000000000000000abdda4d7d11a3-903d949179ee5503-01
etag
W/"64dfa753-6600e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:06 GMT
config.js
www.paypal.com/webapps/shoppingcart/static/js/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/static/js/config.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCE) /
Resource Hash
958cd6dc2fcba0f0e813254143d5391219d8f04992e6bceca6eb196611dca704
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
00842049229b0
x-cookies-hash
5178cca94b478e6d44abf875e76c94549d24946ddc14cc205ee8d26da705dcf4
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-cookies
{}
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CCE)
traceparent
00-000000000000000000000842049229b0-dca44b986e7e72ea-01
etag
W/"8a12-R6Ev0b3mHmkooXMKwYjBQzUvtlo"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
main.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/ 		2 MB
350 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/main.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAB) /
Resource Hash
0f1078b0741bba913b21d04810fc6f83fe831cad0169b1098e3bf9e69bdc4093
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
98311c704caeb
dc
ccg11-origin-www-1.paypal.com
content-length
357680
last-modified
Fri, 18 Aug 2023 17:16:03 GMT
server
ECAcc (frc/4CAB)
traceparent
00-000000000000000000098311c704caeb-03e34baeb51267c6-01
etag
W/"64dfa753-1d3352"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:06 GMT
pa.js
www.paypalobjects.com/pa/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF8) /
Resource Hash
43eeb207ed701b4a0f2351cba6a4de5b29af5b00c7753c8207c8cbb170664dd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
037a60143ef62
dc
ccg11-origin-www-1.paypal.com
content-length
21211
last-modified
Mon, 14 Aug 2023 22:08:36 GMT
server
ECAcc (frc/4CF8)
traceparent
00-0000000000000000000037a60143ef62-13168d6e2e97ca07-01
etag
"64daa5e4-dac7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 23 Aug 2023 03:51:06 GMT
de.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/locales/DE/ 		307 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/locales/DE/de.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE4) /
Resource Hash
842b52c87b85e54d4475a11f7a65ab57b38768f141188a542f8bcb499627b7c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
a8466c027bfcd
dc
ccg11-origin-www-1.paypal.com
content-length
71583
last-modified
Fri, 18 Aug 2023 17:16:05 GMT
server
ECAcc (frc/4CE4)
traceparent
00-0000000000000000000a8466c027bfcd-192ca23075b736c6-01
etag
W/"64dfa755-4caf4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:06 GMT
metadata.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/metadata/DE/de/ 		286 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/metadata/DE/de/metadata.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAE) /
Resource Hash
018e1745b1c42a02f1bcf921b8e06a8d770c7a01df8e46dd37b25430b7d2826f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
eb55649bd801e
dc
ccg11-origin-www-1.paypal.com
content-length
36362
last-modified
Fri, 18 Aug 2023 17:16:18 GMT
server
ECAcc (frc/4CAE)
traceparent
00-0000000000000000000eb55649bd801e-0ce854a9f863323b-01
etag
W/"64dfa762-47779"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:06 GMT
csp
www.paypal.com/csplog/api/log/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFE) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-KO3ULdRNYuFgo65P/xa6zQY4wMt5qRwvDyH5Cgq+kcpED6CG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-KO3ULdRNYuFgo65P/xa6zQY4wMt5qRwvDyH5Cgq+kcpED6CG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Wed, 23 Aug 2023 02:51:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0a09a20212638
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
2
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CFE)
traceparent
00-00000000000000000000a09a20212638-ae4b6184590c9790-01
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
icon_ot_spin_lock_skinny.png
www.paypalobjects.com/images/checkout/hermes/ 		395 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/icon_ot_spin_lock_skinny.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C98) /
Resource Hash
60668cd1ce79ddd5a0615433bc913eca1f17da711f00cc0e40e14744f6cc3cb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:20:21 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4C98)
etag
"60271b45-18b"
x-cache
HIT
content-type
image/png
paypal-debug-id
32f8c9343f879
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
395
expires
Wed, 23 Aug 2023 03:51:07 GMT
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		318 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
1ab27a25e6f052a0967a32ad9da3ecf30cff47c9ed10c5dc5438383d7425161f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
3f86abceed8b7
dc
ccg11-origin-www-1.paypal.com
content-length
36063
last-modified
Sat, 19 Aug 2023 05:52:39 GMT
server
ECAcc (frc/4CDC)
traceparent
00-00000000000000000003f86abceed8b7-a64b3626f2471e7f-01
etag
W/"64e058a7-4f8aa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 23 Aug 2023 03:51:07 GMT
locale
www.paypal.com/webapps/shoppingcart/api/ 		475 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/locale?ipCountry=DE&checkoutSessionLocale=US&localeParam=US&meta=%7B%22flowlogging_id%22%3A%220411960640613%22%2C%22calc%22%3A%22e85f43c0835a0%22%2C%22csci%22%3A%223c8c04ffdf3f4143a8b244f5f55a3d87%22%2C%22locale%22%3A%7B%7D%2C%22state%22%3A%22ui_checkout_init%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9E) /
Resource Hash
06e32cf7e5aacab83f6a1cc53f62fb51202ba5fae44a58e254a8ea9496a358e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NSQ8E8i2Zmnj8E4Lhk82PMOX+pN2VI8QL01Xd1It6+bmIvbm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlJ4T0FaVk1sNU1kaDY3NVhmTENfcWc0UkZ0cEw0ek96YjVPNnpiVjRPV2NOLV9Vb2lnNC02bWlYVl9yakFndzZST1ZsVElrdHpnNk5FemdsZDVIQnU3T0I2N3FIby1TXzJMeW1VWHZYek9scGEwZUZvWHpWVXNLcGdqemN5TGU0X0tBYmp5dnoyWkgyclJRekRsQVl3U0Y2WFRVN1RNTFQxYmVSd2lLeUNzWUVPLXhGWTBoM1pReUJGZkMiLCJpYXQiOjE2OTI3NTkwNjYsImV4cCI6MTY5Mjc2MjY2Nn0.s9hHCfOjmIe74gH0FjIj84tq-ociu4aKBFYVBZfSARM
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NSQ8E8i2Zmnj8E4Lhk82PMOX+pN2VI8QL01Xd1It6+bmIvbm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0a72708173818
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-csrf-jwt-hash
b61d0acd34682f3c292a8292b0f870378b923803a7f28b0874453892b44e45c9
x-xss-protection
1; mode=block
content-length
411
pragma
no-cache
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4C9E)
traceparent
00-00000000000000000000a72708173818-e3b2ed22369b5491-01
etag
W/"1db-qaZ9K50wY0U8Or5d14nzXbP1Gug"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im1hakVhWXI0Sl9iQURnM3pHa3pjcTRPNEdEX0NTTVJ6OEYzc3A2YlFheHlHWkl0R3BIdnZpU3NxOE9oMWpVQ2p6cmlCUjhGMWpYc3k4b3hUbDJGQmxTZTJPRW52c3Rpek1BUzB2RHVDX1Bhc2xVejZDaVJJQ3dBdmtqengtTXBpVVdEUTRoLUxhZUxHb251elUyajEtRHpBUTdkMkxWc1FodzhESmJHdzBBTml5OFowYmZvNEViMmxlZ0siLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.DlEMU53WnhPlura3wD8nFjxH3AzaM2ngL9ZHhpgifuw
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/locales/US/ 		331 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/locales/US/en.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
9a7090f607454f78a3d4324d0dbaae5db39b2b872bf97e0f8ff5fdd1d081aea5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
36a1843222470
dc
ccg11-origin-www-1.paypal.com
content-length
75492
last-modified
Fri, 18 Aug 2023 17:16:16 GMT
server
ECAcc (frc/4D07)
traceparent
00-000000000000000000036a1843222470-c4c36d862f79d7c3-01
etag
"64dfa760-52c42+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:07 GMT
metadata.js
www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/metadata/US/en/ 		291 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/metadata/US/en/metadata.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD3) /
Resource Hash
d18ba3be711e3691e202ff33da1371c5c6bd47cea39da87e3234bedfe92b76c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
721a0509e9170
dc
ccg11-origin-www-1.paypal.com
content-length
36243
last-modified
Fri, 18 Aug 2023 17:16:23 GMT
server
ECAcc (frc/4CD3)
traceparent
00-0000000000000000000721a0509e9170-48a951907e9b87c7-01
etag
W/"64dfa767-48c89"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Thu, 22 Aug 2024 02:51:07 GMT
button.js
www.paypalobjects.com/api/ 		582 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/button.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
60d564068c8f17ec2e2680d846e0e7acad1debcc63ac3972fc234892fed56bf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
ec31da0efe3f6
dc
ccg11-origin-www-1.paypal.com
content-length
70089
last-modified
Fri, 12 Feb 2021 23:55:13 GMT
server
ECAcc (frc/4CD4)
traceparent
00-0000000000000000000ec31da0efe3f6-2cfa24d83921a176-01
etag
W/"60271561-91830"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Thu, 24 Aug 2023 02:51:07 GMT
getData
www.paypal.com/webapps/shoppingcart/api/openbutton/ 		625 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/openbutton/getData
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDE) /
Resource Hash
6357e38f3a6cdf2a58f46eba17cbcce28ebe00685db7ce8d9f909daf1edc84b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NmDk+yvpuh1qcS7T+x7Y207rnJNiB5gZnafJnH/o4eeoa8vX' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im1hakVhWXI0Sl9iQURnM3pHa3pjcTRPNEdEX0NTTVJ6OEYzc3A2YlFheHlHWkl0R3BIdnZpU3NxOE9oMWpVQ2p6cmlCUjhGMWpYc3k4b3hUbDJGQmxTZTJPRW52c3Rpek1BUzB2RHVDX1Bhc2xVejZDaVJJQ3dBdmtqengtTXBpVVdEUTRoLUxhZUxHb251elUyajEtRHpBUTdkMkxWc1FodzhESmJHdzBBTml5OFowYmZvNEViMmxlZ0siLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.DlEMU53WnhPlura3wD8nFjxH3AzaM2ngL9ZHhpgifuw
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NmDk+yvpuh1qcS7T+x7Y207rnJNiB5gZnafJnH/o4eeoa8vX' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
06a582a757303
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
485
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CDE)
traceparent
00-000000000000000000006a582a757303-7f64c30e7c2d08d3-01
etag
W/"271-Vxbn7eqEWWl/giVFJP+K84MP2m8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
REDIRECT_OPEN_BUTTON_TO_XO_LITE
www.paypal.com/webapps/shoppingcart/api/pxp/ 		684 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/pxp/REDIRECT_OPEN_BUTTON_TO_XO_LITE?isElmoExperiment=true&meta=%7B%22flowlogging_id%22%3A%220411960640613%22%2C%22calc%22%3A%22e89c25b09f8da%22%2C%22csci%22%3A%22819ad4b3e71d4a7d9c882e9175dd9869%22%2C%22locale%22%3A%7B%22country%22%3A%22US%22%2C%22language%22%3A%22en%22%7D%2C%22state%22%3A%22ui_checkout_openButton%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
93d432f80608386db26815a673bd80b90c60a04385596e3b620b3835059f79e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Uw8o0yU1Y8Nxwaw1s7PYJXbOHPoTFZsoK1JimLd94128beNf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im1hakVhWXI0Sl9iQURnM3pHa3pjcTRPNEdEX0NTTVJ6OEYzc3A2YlFheHlHWkl0R3BIdnZpU3NxOE9oMWpVQ2p6cmlCUjhGMWpYc3k4b3hUbDJGQmxTZTJPRW52c3Rpek1BUzB2RHVDX1Bhc2xVejZDaVJJQ3dBdmtqengtTXBpVVdEUTRoLUxhZUxHb251elUyajEtRHpBUTdkMkxWc1FodzhESmJHdzBBTml5OFowYmZvNEViMmxlZ0siLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.DlEMU53WnhPlura3wD8nFjxH3AzaM2ngL9ZHhpgifuw
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Uw8o0yU1Y8Nxwaw1s7PYJXbOHPoTFZsoK1JimLd94128beNf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
00b78093791b2
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-csrf-jwt-hash
fc256ce5232c1426ea7aedc48a0a9a96f8c81672d3f28ec7970515c216a10b0a
x-xss-protection
1; mode=block
content-length
529
pragma
no-cache
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4D05)
traceparent
00-000000000000000000000b78093791b2-70e64a727803c036-01
etag
W/"2ac-qd5ZpdFEuK+pe6okGRT/M343LZM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Ik83Z2xLbXBkZHBDTTU0TWVLajJOZm4zb1NqYmdBUU9mTGhZYWluODc5WUxqbDg1Nm9BUVRwRWl4U0N1Ynd6QXQwX0NfX2hXbFEyWDdPbUhYOTdmUVctQk45el9IWWxyY1NxcGt1UjRIMDJBWXl0dWItZ2dvTFl2ODdHNXZTMS1ISElLSnJWMkV5cmZsQ3BkVG1OSkc1SnNWQkR5NEtZTHcxbEVrTVVvYXE1NzVUQjlyb2l2R2FGN2M3bGUiLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.0uO-00PgrtJWhiZ5JR8fIlh01yCRByHhpFjYbgmwFkE
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C98) /
Resource Hash
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
4c142da7436ce
dc
ccg11-origin-www-1.paypal.com
content-length
23268
last-modified
Sat, 13 Feb 2021 00:20:21 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4C98)
traceparent
00-00000000000000000004c142da7436ce-9dc497f029ed789c-01
etag
"60271b45-5ae4"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 23 Aug 2023 03:51:07 GMT
cookieBanner
www.paypal.com/webapps/shoppingcart/api/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/cookieBanner?meta=%7B%22flowlogging_id%22%3A%220411960640613%22%2C%22calc%22%3A%22e89c25b09f8da%22%2C%22csci%22%3A%22819ad4b3e71d4a7d9c882e9175dd9869%22%2C%22locale%22%3A%7B%22country%22%3A%22US%22%2C%22language%22%3A%22en%22%7D%2C%22state%22%3A%22ui_checkout_openButton%22%2C%22app_name%22%3A%22shoppingcartnodeweb%22%7D
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/framework.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C99) /
Resource Hash
64abcb63e71c96fc2fee29d2ac7e51649f86bc386fc6b92d32451b087feb4d37
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-a+RLzTaO0Gw1GpH7ZRom1lHDhI84FtmQWwdz07EO9PM6muES' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Im1hakVhWXI0Sl9iQURnM3pHa3pjcTRPNEdEX0NTTVJ6OEYzc3A2YlFheHlHWkl0R3BIdnZpU3NxOE9oMWpVQ2p6cmlCUjhGMWpYc3k4b3hUbDJGQmxTZTJPRW52c3Rpek1BUzB2RHVDX1Bhc2xVejZDaVJJQ3dBdmtqengtTXBpVVdEUTRoLUxhZUxHb251elUyajEtRHpBUTdkMkxWc1FodzhESmJHdzBBTml5OFowYmZvNEViMmxlZ0siLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.DlEMU53WnhPlura3wD8nFjxH3AzaM2ngL9ZHhpgifuw
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-a+RLzTaO0Gw1GpH7ZRom1lHDhI84FtmQWwdz07EO9PM6muES' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0ba3132475b88
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-csrf-jwt-hash
80f4ea9477d134682adad531867c8c19be30555d6cebc0219e3be9a57680a529
x-xss-protection
1; mode=block
pragma
no-cache
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4C99)
traceparent
00-00000000000000000000ba3132475b88-bcb2bf524f743c1a-01
etag
W/"4b4e-kxf2vaUeAmOnIzfixvgdRgyh6eQ"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IkxVZy04VE96VE52OXNvVzdHSDYyMTlQWWFqa2V6YXh5cWt1T01adTNtd3l1Rjl4Rk9qcGNZd2lfb3B3YWFIQ0hDaDVXcHMzMWdKTkFPRzZVUk9ReGVEU0o0dkVVT0E0NngwbXIyR0NIa3p5WGEtZEtxdXFRR1NMOGRSUEZ3NWxWbXZoS0N5dEY2NlhIRmpVWkFFaTY3U0tFdVFzM2hEMlpnUndsNmJ4aEx4RHZtTWt0ZGM1d1hqZXl6WVciLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.r5UB9HzIo4Bg9LzHsjXVLxQdOma2rW3p5CgYLTygMBM
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hermes_window_sprite_v15.png
www.paypalobjects.com/images/checkout/hermes/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v15.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA5) /
Resource Hash
df2248b4e1c6ccdc4f54fb5a6c86160ef09ea287374fa475a52eeb628a18c48c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
7a4662dacc57
dc
ccg11-origin-www-1.paypal.com
content-length
27173
last-modified
Sat, 13 Feb 2021 00:20:21 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (frc/4CA5)
traceparent
00-000000000000000000007a4662dacc57-bb3948e82be132f3-01
etag
"60271b45-6a25"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 23 Aug 2023 03:51:07 GMT
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C86) /
Resource Hash
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (frc/4C86)
etag
"60271cda-4790"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
d84c8a03887f1
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
18320
expires
Wed, 23 Aug 2023 03:51:07 GMT
btn_tracking_pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/btn_tracking_pixel.gif?teal=null&Id=null&ru=null&fltk=undefined&calc=06a582a757303&page=main:ec:hermes::fullpage-openButton:wps:openbutton:&xe=106820&xt=131524&fpti=204d852018a0a7a0643c202fffaa92ce&WWW_AKA_MVT_BUTTONS=null&WWW_AKA_MVT_ID=null&ip=84.19.175.183&mrid=null&calf=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D0C) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 02:51:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
ECAcc (frc/4D0C)
etag
"5d5637be-2b"
x-cache
HIT
content-type
image/gif
paypal-debug-id
2cce9f8edc245
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
content-length
43
expires
Wed, 23 Aug 2023 03:51:07 GMT
log
www.paypal.com/webapps/shoppingcart/api/ 		210 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/shoppingcart/api/log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
5c3da2e983dd48267844490940f89595158420907cbfade102586c8e4d00c5d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+2Y6TvwOzG/swT/BBzYwqAP4foR9fDiPbDSqi/6CggRuErcS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36
Content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+2Y6TvwOzG/swT/BBzYwqAP4foR9fDiPbDSqi/6CggRuErcS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Aug 2023 02:51:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
07bb1058638a7
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
200
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CB9)
traceparent
00-000000000000000000007bb1058638a7-4b755def2e020fd4-01
etag
W/"d2-+wbbklAir5GUL1HvEFvJe43kkrc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-ec-security-audit
403
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.14&t=1692759068014&g=-120&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&vers=member%3Ahermes%3A&qual=fullpage&tmpl=openButton.dust%3Afullpage&goal=openButton%20page&fltk=undefined&calc=06a582a757303&csci=819ad4b3e71d4a7d9c882e9175dd9869&pgst=1692759067960&xe=105410%2C105409%2C104759%2C104406%2C104407&xt=123956%2C123954%2C120840%2C119037%2C119038&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&displaypage=main%3Aec%3Ahermes%3A%3Afullpage-openButton&ppage=privacy_banner&bannertype=cookiebanner&ccpg=US&flag=ccpa&bannerversion=v3a&bannersource=ConsentNodeServ&eligibility_reason=false&is_native=false&cookie_disabled=false&e=ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 23 Aug 2023 02:51:08 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
192078ed36cd0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220029-FRA
pragma
no-cache
correlation-id
192078ed36cd0
traceparent
00-0000000000000000000192078ed36cd0-3a33608e3153094f-01
x-timer
S1692759068.098928,VS0,VE146
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 02:51:08 GMT
ts
t.paypal.com/ 		42 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.14&t=1692759068242&g=-120&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aec%3Ahermes%3A%3Afullpage-openButton&page=main%3Aec%3Ahermes%3A%3Afullpage-openButton%3Awps%3Aopenbutton%3A&vers=member%3Ahermes%3A&qual=fullpage&tmpl=openButton.dust%3Afullpage&goal=openButton%20page&fltk=undefined&calc=06a582a757303&csci=819ad4b3e71d4a7d9c882e9175dd9869&pgst=1692759067960&xe=106820&xt=131524&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&ef_policy=ccpa&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2287%2C%22tcp%22%3A1449%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=PayPal%20Checkout&ru=https%3A%2F%2Fwww.sabro.net%2F&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=309&t3=11&t4d=0&t4=0&t4e=0&tt=1552&rdc=1&protocol=h2&cdn=edgecast&res=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 23 Aug 2023 02:51:08 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
ca69456d56c21
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220029-FRA
pragma
no-cache
correlation-id
ca69456d56c21
traceparent
00-0000000000000000000ca69456d56c21-d06fd84483f021d9-01
x-timer
S1692759068.253391,VS0,VE148
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 02:51:08 GMT
ts
t.paypal.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.paypal.com
URL
https://t.paypal.com/ts?v=1.7.14&t=1692759069243&g=-120&s=ci&pgtf=NodeJS&flnm=ec%3Ahermes%3A&shir=main_ec_hermes_&lgin=inout&pgrp=main%3Aec%3Ahermes%3A%3Afullpage-openButton&page=main%3Aec%3Ahermes%3A%3Afullpage-openButton%3Awps%3Aopenbutton%3A&vers=member%3Ahermes%3A&qual=fullpage&tmpl=%2F%2Ft.paypal.&goal=openButton%20page&fltk=undefined&calc=06a582a757303&csci=819ad4b3e71d4a7d9c882e9175dd9869&pgst=1692759067960&xe=106820&xt=131524&transition_time=undefined&dc=qa&az=stage2s0007&comp=appNameNotDefined&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=169&t3=1&tt=170&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A1%2C%22t11%22%3A170%2C%22nt%22%3A%22res%22%7D&e=pf

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| meta object| cookies object| beaconQueue function| beacon function| scripterror function| webpackJsonp object| angular object| config object| __core-js_shared__ object| core boolean| main object| jQuery112405870838435233305 function| $Class function| $Error function| $Contingency function| $Forbidden function| $ApiError function| $FallbackError function| $ShortCircuit object| pre function| preload function| preloadComplete function| $Api function| $Model function| $pxp function| $elmo function| addContent function| addMetadata function| $ContentModel function| $MetadataModel function| $LocaleModel function| $Component function| $ComponentRoute function| $TeslaFlowIdModel function| $PXPModel function| $LocaleConfigModel function| $AppDataModel function| $MessengerIntegrationDataModel function| $TokenizedWalletEligibilityModel function| $TokenizedWalletInfoModel function| $TokenizedFundingCapabilitiesModel function| $TokenizedWalletPinModel function| $TokenizedWalletMsbOfferModel function| $AuthApi function| $AuthModel function| $ULoginModel function| $VenmoOnboardModel function| $VenmoUserModel function| $VenmoSupplementaryInfo function| $VenmoTransactionEligibility function| $CheckoutCartModel function| $CheckoutAppDataModel function| $FundingSourceModel function| $FundingOptionsModel function| $InstallmentOptionsModel function| $FlowEligibilityModel function| $CheckoutShippingAddressModel function| $ShippingAddressModel function| $CheckoutPayeeModel function| $CheckoutShippingAddressesModel function| $CheckoutPlanModel function| $CardBackupModel function| $CheckoutSessionModel function| $FptiDataModel function| $FptiBuilder function| $ShoppingCartModel function| $LandingRoute function| $xoInvalidAddressComponent function| $InvalidAddressRoute function| $CheckoutClientDataModel function| $CheckoutInputDataModel function| $UserInfoModel function| $ValidatePhoneModel function| $AddKYCModel function| $PatchPhoneModel function| $WaxUserModel function| $EConsentModel function| $UserPhotoModel function| $AuthConsentModel function| $UserProductSubscriptionModel function| $UserEligibleToHoldBalanceModel function| $xoBanner function| $xoGenericErrorComponent function| $xoGenericErrorPageComponent function| $GenericErrorRoute function| $xoErrorDirective function| $ErrorRoute function| $xoGenericMessagePageComponent function| $GenericMessageRoute function| $OpenButtonModel function| $xoOpenButton function| $xoOpenButtonRoute function| $ShippingMethodModel function| $ShippingRuleSummaryModel function| $xoShoppingCart function| $ShoppingCartRoute function| $xoEmptyCartPageComponent function| $EmptyCartRoute function| $xoSoldoutPageDirective function| $xoSoldOutPageRoute function| $GDPRCookieBannerModel function| $xoMerchantHeaderDirective function| $CreateBAModel function| $SubscriptionModel function| $SubscriptionsV1Model function| $subscription function| _ function| $installmentplan function| $SubscriptionsV1 function| $autobilling function| $xoShoppingCartFooter function| $gdprCookieBanner function| $xoCheckoutComponent function| $xoCheckoutRoute boolean| bootstrap object| root object| injector object| PAYPAL object| fpti string| fptiserverurl object| latmconf object| paypal function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| _ifpti object| laDataLayer

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: LANG
Value: de_DE%3BDE
www.paypal.com/ Name: nsid
Value: s%3AZVUG6kwdE5hs4HaoVVdSLUr45tWa-OAb.n3WT7tR8NEqM1MwriHjcF8SNejGiquMaosQ01wRJSKg
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: ts_c
Value: vr%3D204d852018a0a7a0643c202fffaa92ce%26vt%3D204d852018a0a7a0643c202fffaa92cd
.paypal.com/ Name: tsrce
Value: shoppingcartnodeweb
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: x-csrf-jwt
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Ik1iOG9vY3BQemhYbVMwaWVoUFdSS2FyQkRtQnhsenAtU1BfdHdiWHZodzhuNUlOSHBTcjZNLWZHUTJmYXhJbi1qeU82YXBrX2pURUU5U1owbk5HYlJYUHZTY3h1U3BBU2JZNFZ6M045NWcxTnFfenVCalRYVFJWM2hRRWQyMjBoWnAyMm4wSjExbmhBQU5LcEowZlphakFvUmcxY3JjX2kwbHJ2UURjYmtWNUJYRkFMZGpOZUtZZWRqR1MiLCJpYXQiOjE2OTI3NTkwNjcsImV4cCI6MTY5Mjc2MjY2N30.Wsf2-jejG4WqWBF4bfHRa-E7kuUUr8sLvn5OOUhOy1w
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY5Mjc1OTA2ODE5NyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1787367068%26vteXpYrS%3D1692760868%26vr%3D204d852018a0a7a0643c202fffaa92ce%26vt%3D204d852018a0a7a0643c202fffaa92cd%26vtyp%3Dnew

2 Console Messages

Source Level URL
Text
security error URL: https://www.paypal.com/webapps/shoppingcart?flowlogging_id=0411960640613&mfid=1692759066143_0411960640613(Line 10)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-thkUMaSbg3Srg1rFlLBEO8d653wsySfxFcX+FyodaFqXqiOc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network error URL: https://www.paypalobjects.com/web/res/a1b/1ecab6ee04606510472ef1676f7c7/css/styles.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.paypal.com
www.paypal.sabro.net
www.paypalobjects.com
www.sabro.net
t.paypal.com
107.161.189.250
151.101.1.35
192.229.221.25
018e1745b1c42a02f1bcf921b8e06a8d770c7a01df8e46dd37b25430b7d2826f
06e32cf7e5aacab83f6a1cc53f62fb51202ba5fae44a58e254a8ea9496a358e2
0d6da1d24d97a42e413dc3598e8b34760bb0fa02fe697092199a391383f6ac3c
0f1078b0741bba913b21d04810fc6f83fe831cad0169b1098e3bf9e69bdc4093
1ab27a25e6f052a0967a32ad9da3ecf30cff47c9ed10c5dc5438383d7425161f
2687aa5d579bd916b340031f4a2d00ab3428017dc07ebb97bd970249cb9e009a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
43eeb207ed701b4a0f2351cba6a4de5b29af5b00c7753c8207c8cbb170664dd9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c3da2e983dd48267844490940f89595158420907cbfade102586c8e4d00c5d7
60668cd1ce79ddd5a0615433bc913eca1f17da711f00cc0e40e14744f6cc3cb4
60d564068c8f17ec2e2680d846e0e7acad1debcc63ac3972fc234892fed56bf1
6357e38f3a6cdf2a58f46eba17cbcce28ebe00685db7ce8d9f909daf1edc84b7
64abcb63e71c96fc2fee29d2ac7e51649f86bc386fc6b92d32451b087feb4d37
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
842b52c87b85e54d4475a11f7a65ab57b38768f141188a542f8bcb499627b7c7
93d432f80608386db26815a673bd80b90c60a04385596e3b620b3835059f79e7
958cd6dc2fcba0f0e813254143d5391219d8f04992e6bceca6eb196611dca704
9a7090f607454f78a3d4324d0dbaae5db39b2b872bf97e0f8ff5fdd1d081aea5
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
d18ba3be711e3691e202ff33da1371c5c6bd47cea39da87e3234bedfe92b76c2
dd024e601a758ac73fc699317e55314007f2c4ba099c68b36ee2b3368c455408
df2248b4e1c6ccdc4f54fb5a6c86160ef09ea287374fa475a52eeb628a18c48c
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc