urlscan.io logo urlscan.io
SecurityTrails logo

www.paypal.com Open in urlscan Pro
151.101.193.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reconexion.deltastreamplus.com/
Effective URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Submission Tags: @ecarlesi possiblethreat phishing paypal Search All
Submission: On January 07 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 54 HTTP transactions. The main IP is 151.101.193.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com. The Cisco Umbrella rank of the primary domain is 3050.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 13th 2023. Valid for: 10 months.
This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 144.76.111.91 24940 (HETZNER-AS)
1 22 151.101.193.21 54113 (FASTLY)
22 192.229.221.25 15133 (EDGECAST)
4 172.217.16.195 15169 (GOOGLE)
3 142.250.184.195 15169 (GOOGLE)
1 2 64.4.245.84 17012 (PAYPAL)
1 151.101.129.35 54113 (FASTLY)
1 142.250.186.68 15169 (GOOGLE)
54 8
2    144.76.111.91 (Dottingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: host31.latinoamericahosting.com
reconexion.deltastreamplus.com
22    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
c.paypal.com
22    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
t.paypal.com
4    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
www.recaptcha.net
3    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
29 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
c.paypal.com — Cisco Umbrella Rank: 7591
b.stats.paypal.com — Cisco Umbrella Rank: 5992
dub.stats.paypal.com — Cisco Umbrella Rank: 21965
c6.paypal.com — Cisco Umbrella Rank: 9914
t.paypal.com — Cisco Umbrella Rank: 3583
138 KB
18 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
417 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1771
37 KB
3 gstatic.com
www.gstatic.com
1 MB
2 deltastreamplus.com
reconexion.deltastreamplus.com
513 B
1 google.com
www.google.com — Cisco Umbrella Rank: 6
7 KB
54 6
Domain Requested by
18 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
17 www.paypal.com 1 redirects www.paypal.com
www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
4 t.paypal.com
4 www.recaptcha.net www.paypalobjects.com
www.gstatic.com
www.recaptcha.net
3 www.gstatic.com www.recaptcha.net
2 reconexion.deltastreamplus.com 2 redirects
1 www.google.com www.gstatic.com
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
54 11

This site contains no links.

Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
misc.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Frame ID: F6E2CD44BFEFFEBB9862E93096A8F6F7
Requests: 38 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Frame ID: A3C4E72DEBE2F1D4EF1EE2308673064D
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/csplog/api/log/csp
Frame ID: 2037BDB372A3A095D277D1F120645CBD
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 72BBA4D5C1C5ACAC8856BB5111E641CB
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
Frame ID: E2F091F493E4C950C59BA6447D11FF00
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Accedi al tuo conto PayPal

Page URL History Show full URLs

  1. http://reconexion.deltastreamplus.com/ HTTP 301
    https://reconexion.deltastreamplus.com/ HTTP 301
    https://www.paypal.com/webapps/billing/plans/subscribe?plan_id=P-6DU675980A1380413MTIPXTQ HTTP 302
    https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

54
Requests

96 %
HTTPS

0 %
IPv6

6
Domains

11
Subdomains

8
IPs

2
Countries

1625 kB
Transfer

2816 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reconexion.deltastreamplus.com/ HTTP 301
    https://reconexion.deltastreamplus.com/ HTTP 301
    https://www.paypal.com/webapps/billing/plans/subscribe?plan_id=P-6DU675980A1380413MTIPXTQ HTTP 302
    https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hermes
www.paypal.com/webapps/
Redirect Chain
  • http://reconexion.deltastreamplus.com/
  • https://reconexion.deltastreamplus.com/
  • https://www.paypal.com/webapps/billing/plans/subscribe?plan_id=P-6DU675980A1380413MTIPXTQ
  • https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8e183d92c4e080b78ab222eeae83c370e2915355d0f268e100e044008e70c34
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ew/RLmnhNbq/6Bl59rWBWMs44mv13oXGNoatpMEgsgemy3oY' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ew/RLmnhNbq/6Bl59rWBWMs44mv13oXGNoatpMEgsgemy3oY' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 16:34:07 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"8188-TsaEuasapsrlj9eJFeRFL6IQzhI"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f601475142ce0
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f601475142ce0-c030dcda98bc5e53-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f601475142ce0-7e1300972e811afb-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220020-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
x-timer
S1704645247.656464,VS0,VE819
x-xss-protection
1; mode=block

Redirect headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
166
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PmUJmXBQ1RAQWqtALajCjG7iW/vzUdKwG56e2sXZyXRi0QPM' 'self' https://*.paypal.cn https://*.paypal.com https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src 'self' https: data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 16:34:06 GMT
dc
ccg11-origin-www-1.paypal.com
location
/webapps/hermes?token=3FT3353711720351R&useraction=commit
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f7498194f3fdd
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f7498194f3fdd-7ecda0ccfe141be1-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-cookies
{"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"W52t20BJqyzYVa_-7D0bMpikEAfV18Nj8g4nTtbocSSJAgh85iukfVUTBMZtasAU7vNhBSXJ0a-AMi6R","t8lU2Wr3fEoUltSkauz8Ie23ST8GcwRoGkA_X2s-CryBcJQgLz4pzwM1OfW":"0wDDfYvMPUr8M9N8H02-ZcQJ9L07UP5zJHrGzqc6wgAtSr0EeiakY8ARJnvNupd_y3S1RiIB4UoPI66L","vQZwlRa3LMuFB-WVI7Fw2H5S2B6wr0pnFl8EsTILysjF-dbZ":"7yc12nzcnZ6LFi3cYW6hIgUncIMEIaEO7UPvRXXoM9FRsPpK-3s59lx3E4jgHeKblEtCvMkDdOZgX6lahfuu4LAuDD9CobwteUmXXr1kv7ziwFKBrCZ06WjUNpiHyg3R7WqKj0","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"XBYXYWUgKYYDm7pl_d6J_tVBBqzosnEpVQXI3BNMZaOO-Y_Rgw7is7mRkwIAnJO6yhzybP-FH3L93yZPmeuzQqYzOtvbClaLrfYQsg-zZz_0QpQwzEUNhDAyAzObMly8qtm1mIAFCrLQfi6PrNrKPe_AcLAeB3YZFQd96wFBQxJGB9EVnuWJJkc0DU0vDgvSxoiBI3f63fGolPCfi_6UaZiGQ7Dujj25oTGzSFjWI5O4dvVOnasNndHtmbuRfSfCTJZrDBzwQhyUISvmzwuPPta48fU8AKvhSCVFrfvXGaImGZLhemLKL5V6y0ALpsSorD1-busidYZxkA_w_JSFhLmEOWY4I2pDUTarhDR0uZufBWhJF1SmJdVPkWeScCwXo8o86BGNu2SnpG6TS_9UOOckJa6xwWujXy4LQPqGRll28ll6y4BCTYEjlzKBAiVe9qsTqLybfL9ooi4c9jyDCM-cgTgkz9bHN3bQipV3eeG-DOm5Rmg7d3LDbjR78zVaNopmS4d03Y0cdeAmMOsqQXMDz79K7Fer4omgDSD59pBz5YhvCgR-lpWOv8ypHCSG2vYzK6rjBP9aPxOw","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"_bnhtUt_3a77WvjROKF_q0oVn_15bAy0UCexIhrvF-KlZDwkqqGc9roLwD_9QSLH3YIt-PqDHvwyiy_Vm1OsuGHroMS","1lqGsXW4eqX_7BylYaffZSBrM_FVp-T5d4SAddgQWEt6_lR1":"EONnTzl57xk6Ly5XTmmO9ZCamisSgx333p0DctI-npr1U1aOkRsl7gOARCa8Jj4pip7q0GDAhUvCA06lxyHX0UV0lMzxKKOB7Sq3jzaL_RSQ2cAaDh-fOTsWvcb4JrC0XL6h0DKJ8yb8PBf55T_tmTe4S-xrrcGoKXfHoDUTDVBa0Jw2"}
x-cookies-hash
2c7bb76b662ca1234167438cddee0de2b06efc3521c5dd5b5ed250cfdcdd4c68
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6ImVOdUpIejU5OFBpNFd4d2oxcmN1bHVhTmE5MW9CdnVMOEo3cnFDODRCdlBHazhoQXppR25zSFpZNWFoN2x2bWdvZnFNOHlRaFY3M1pSRTU4TEVPSE1ib2Vkd0kzUF9pdFRoWWs2SElmc1VBMjNjbU5rcEZmd3NEbXJ3V0xLR2NJZVpEa0llYjhaZ2pWb2swMk9iSTZsUHl0M1ZBMnEzdTBsVUpHYnNjV3ZLaG0wR1ZkZ1k0MDhBZGZYVksiLCJpYXQiOjE3MDQ2NDUyNDYsImV4cCI6MTcwNDY0ODg0Nn0.MmTN0FInFQxDV0BOxfTXBSQcF7ouqOdq7spjidP5-i0
x-csrf-jwt-hash
5918978a286c67affb471c764d48a94624392e459f0fc28b9d28139ec80c77e4
x-served-by
cache-fra-eddf8230092-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
x-timer
S1704645246.724760,VS0,VE905
x-xss-protection
1; mode=block
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C09) /
Resource Hash
4027a3588c459615aa41fc2fbcda9acbdd6832efe16c65a8e875716e182005fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5b58199f6fc87
dc
ccg11-origin-www-1.paypal.com
content-length
6752
last-modified
Mon, 28 Aug 2023 16:06:37 GMT
server
ECAcc (mil/6C09)
traceparent
00-00000000000000000005b58199f6fc87-3298ce5896a049e5-01
etag
W/"64ecc60d-5a30"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
contextualLoginElementalUIv2.css
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/ 		151 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7D) /
Resource Hash
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
8f72e44d869d2
dc
ccg11-origin-www-1.paypal.com
content-length
23917
last-modified
Fri, 15 Dec 2023 05:02:53 GMT
server
ECAcc (mil/6C7D)
traceparent
00-00000000000000000008f72e44d869d2-f032d8e6c8627f9a-01
etag
W/"657bddfd-25c40"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 06 Jan 2025 16:34:07 GMT
modernizr-2.6.1.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/modernizr-2.6.1.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB2) /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
a63ff31ad414a
dc
ccg11-origin-www-1.paypal.com
content-length
1788
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (mil/6BB2)
traceparent
00-0000000000000000000a63ff31ad414a-27f3774498137c30-01
etag
W/"657bddfe-edf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 06 Jan 2025 16:34:07 GMT
close.svg
www.paypalobjects.com/paypal-ui/icons/v3/svg/ 		289 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/icons/v3/svg/close.svg
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C39) /
Resource Hash
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
868d79c23aa11
dc
ccg11-origin-www-1.paypal.com
content-length
181
last-modified
Thu, 12 May 2022 21:24:27 GMT
server
ECAcc (mil/6C39)
traceparent
00-0000000000000000000868d79c23aa11-415a66c4493d068a-01
etag
W/"627d7b0b-121"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
csp
www.paypal.com/csplog/api/log/ 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Hl6f8RpQPSQMYy/pkOlsxLFBah0pGhRgcOaqjiDbShlaoasU' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Hl6f8RpQPSQMYy/pkOlsxLFBah0pGhRgcOaqjiDbShlaoasU' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS, MISS
paypal-debug-id
f9793092237eb
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9793092237eb-dfbfb72ef709ee22-01
x-timer
S1704645248.509307,VS0,VE225
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0, 0
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD9) /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
89d27e36e5acb
dc
ccg11-origin-www-1.paypal.com
content-length
2236
last-modified
Sat, 13 Feb 2021 00:20:23 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (mil/6CD9)
traceparent
00-000000000000000000089d27e36e5acb-636a533b4fde7647-01
etag
"60271b47-8bc"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C4A) /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
6b89ec0134ddf
dc
ccg11-origin-www-1.paypal.com
content-length
5828
last-modified
Fri, 12 Sep 2014 15:08:04 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (mil/6C4A)
traceparent
00-00000000000000000006b89ec0134ddf-c57c6b841a3cbc91-01
etag
"54130c54-16c4"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/lib/fn-sync-telemetry-min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB2) /
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
3a2412d0e9de7
dc
ccg11-origin-www-1.paypal.com
content-length
2303
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (mil/6CB2)
traceparent
00-00000000000000000003a2412d0e9de7-411e57279b3bb179-01
etag
W/"657bddfe-159e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 06 Jan 2025 16:34:07 GMT
checkout-split.js
www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/ 		474 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/checkout-split.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5F) /
Resource Hash
6fc228cefa26f2917c7ef238654afd0d278c43c821ca4d537aa112b2d2c8993f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
4c925b80869de
dc
ccg11-origin-www-1.paypal.com
content-length
101412
last-modified
Fri, 15 Dec 2023 05:02:54 GMT
server
ECAcc (mil/6C5F)
traceparent
00-00000000000000000004c925b80869de-dd1ee95d52b42717-01
etag
W/"657bddfe-76922"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Mon, 06 Jan 2025 16:34:07 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C89) /
Resource Hash
6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
79b5db1ebbeb1
dc
ccg11-origin-www-1.paypal.com
content-length
26045
last-modified
Thu, 04 Jan 2024 18:26:33 GMT
server
ECAcc (mil/6C89)
traceparent
00-000000000000000000079b5db1ebbeb1-3cdeaa235f02e1f6-01
etag
W/"6596f859-1148a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Jan 2024 17:34:07 GMT
grcenterprise_v3_static.js
www.paypalobjects.com/webcaptcha/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCD) /
Resource Hash
27e23955d2e8a8b15dd900996040b9895ebaad02ddcff68b43a64b90511f7904
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
cb57bac6a31c5
dc
ccg11-origin-www-1.paypal.com
content-length
4401
last-modified
Mon, 18 Dec 2023 10:19:32 GMT
server
ECAcc (mil/6CCD)
traceparent
00-0000000000000000000cb57bac6a31c5-332d8c2422bc261c-01
etag
W/"65801cb4-31b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ 		1 KB
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C76) /
Resource Hash
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
36532606ce5df
dc
ccg11-origin-www-1.paypal.com
content-length
548
last-modified
Wed, 15 Jun 2022 22:33:20 GMT
server
ECAcc (mil/6C76)
traceparent
00-000000000000000000036532606ce5df-5b43e819cf1f272f-01
etag
W/"62aa5e30-436"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Origin
https://www.paypal.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
8a1d1cb6b4802
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (mil/6C73)
traceparent
00-00000000000000000008a1d1cb6b4802-67b4c1d345995f29-01
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C20) /
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/css/contextualLoginElementalUIv2.css
Origin
https://www.paypal.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
98743da4e753e
dc
ccg11-origin-www-1.paypal.com
content-length
18508
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (mil/6C20)
traceparent
00-000000000000000000098743da4e753e-be11dd1d30f74627-01
etag
"60271cda-484c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:07 GMT
latmconf.js
www.paypalobjects.com/pa/mi/paypal/ 		340 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/mi/paypal/latmconf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5A) /
Resource Hash
571f51ab009648d4ead194e87b103301b217e636dc7b5d1f24069b78a94067fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
1b41f09d86ea6
dc
ccg11-origin-www-1.paypal.com
content-length
38317
last-modified
Thu, 04 Jan 2024 18:26:33 GMT
server
ECAcc (mil/6C5A)
traceparent
00-00000000000000000001b41f09d86ea6-6c0ed5c9e8ecd128-01
etag
W/"6596f859-54e00"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Jan 2024 17:34:07 GMT
logclientdata
www.paypal.com/auth/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db0beabfe7ae09d0a2092962823a6198893a7e7694a12febf6b49098ebd5f048
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-C75OVsAsjtlFFZwVX6pk/E3Vb5ldXXaYHUf3Wa0MdaxbqiLt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-C75OVsAsjtlFFZwVX6pk/E3Vb5ldXXaYHUf3Wa0MdaxbqiLt' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f9793091137dc
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230091-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9793091137dc-1e58d0006bfff565-01
x-timer
S1704645248.762601,VS0,VE208
etag
W/"705-kD9ZulOsVONEuJhdGFWCsbs+rTI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
grcenterprise_v3_static.html
www.paypalobjects.com/webcaptcha/ Frame A3C4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BBA) /
Resource Hash
e500bba8b43058f87009037d8153203079cb1d7989d794f966fe432353fce52d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
1995
content-type
text/html
date
Sun, 07 Jan 2024 16:34:07 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"65801cb4-18db+gzip"
expires
Sun, 07 Jan 2024 17:34:07 GMT
last-modified
Mon, 18 Dec 2023 10:19:32 GMT
paypal-debug-id
2f9d2969cc3fd
server
ECAcc (mil/6BBA)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000002f9d2969cc3fd-00a4d5d9dfbcd492-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
enterprise.js
www.recaptcha.net/recaptcha/ Frame A3C4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/grcenterprise_v3_static.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
GSE /
Resource Hash
fada41896b647069fdf18f422741771a08865c321e033128532a30cce9533735
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 07 Jan 2024 16:34:07 GMT
patleaf.js
www.paypalobjects.com/pa/3pjs/tl/6.4.40/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.40/patleaf.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA5) /
Resource Hash
571263f5db21d1eae6cd993bfdbb5c8bdc80175ff48416233c33418dd362ce56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
df7e8563d46e3
dc
ccg11-origin-www-1.paypal.com
content-length
50923
last-modified
Thu, 04 Jan 2024 18:26:33 GMT
server
ECAcc (mil/6CA5)
traceparent
00-0000000000000000000df7e8563d46e3-c6e085ae5732ed47-01
etag
"6596f859-26c2e+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Jan 2024 17:34:07 GMT
patlcfg.js
www.paypalobjects.com/pa/3pjs/tl/6.4.40/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/3pjs/tl/6.4.40/patlcfg.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C22) /
Resource Hash
3f7228e4427fa6bee73b5c51a4ae99ef99bf5919dfa7f501d1c498bbdfb51e67
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/
Origin
https://www.paypal.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
ef1fb340778aa
dc
ccg11-origin-www-1.paypal.com
content-length
2651
last-modified
Thu, 04 Jan 2024 18:26:33 GMT
server
ECAcc (mil/6C22)
traceparent
00-0000000000000000000ef1fb340778aa-1cec37c09d32f82b-01
etag
"6596f859-18d1+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sun, 07 Jan 2024 17:34:07 GMT
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88590085eeb8bcf48a167dfab420bb7ba10466b3018af1d9f872fec50a33e29d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Az63lSuOyiXSbnaplVRiT+7phb6HvZUoRINp4/dehytbpc+J' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-Az63lSuOyiXSbnaplVRiT+7phb6HvZUoRINp4/dehytbpc+J' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f97930910807a
server-timing
"traceparent;desc="00-0000000000000000000f97930910807a-94e067e153bcc7b2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220083-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f97930910807a-4c4f89a6f6867530-01
x-timer
S1704645248.981424,VS0,VE220
etag
W/"8a1-kML3OVcDKjRlY09GCUrDnt7fjp4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
fb.js
c.paypal.com/da/r/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/ec5/d423d5ca948be117596b4b08bd315/js/checkout-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (daa/7D20) /
Resource Hash
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
248416
date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
age
835602
x-cache
HIT
paypal-debug-id
14db3e43dadf6
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
21999
x-served-by
cache-fco2270024-FCO
last-modified
Wed, 13 Dec 2023 22:28:54 GMT
server
ECAcc (daa/7D20)
traceparent
00-000000000000000000014db3e43dadf6-b8a7b8984e3aa2ec-01
x-timer
S1704645248.004196,VS0,VE1
etag
W/"657a3026-1026d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 16:34:08 GMT
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e79f32143b50d18be9683d35e1a585854e8428229b6a57eb57e7138d9cc15c34
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-a0yy2bTLh/KTUfKgP+Uv3FKU/g7WQJwpvBC5e64T3eyILxxT' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-a0yy2bTLh/KTUfKgP+Uv3FKU/g7WQJwpvBC5e64T3eyILxxT' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f97930908cf66
server-timing
"traceparent;desc="00-0000000000000000000f97930908cf66-ef3e099e4e7472ae-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220108-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f97930908cf66-6851b6941950a06d-01
x-timer
S1704645248.983618,VS0,VE230
etag
W/"7ec-8VBoNbU7cWagppskhitPkSWSWxE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
challenge.js
www.paypal.com/auth/createchallenge/2d11a77c565a3dd3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/createchallenge/2d11a77c565a3dd3/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6117da63c3cf543c247e9b6a7198a8cf0ef7db5a8de3096cf1a7be3d189c37b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-Aj4r4sP03bRbKVIm/f53umo13f6hvQxV8JC4F+kJkw/Iu5UW' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-Aj4r4sP03bRbKVIm/f53umo13f6hvQxV8JC4F+kJkw/Iu5UW' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f979309765849
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230044-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309765849-9c01e51096d78bd4-01
x-timer
S1704645248.984020,VS0,VE319
etag
W/"460f-ny8c1BZG6t650loWphxBFHHd/s4"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b90c27394fd4eeb475bc7209de9abc430d7da45d01f11695945a7377901515b5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-EZJh86UlgnDXJBucubC8m3H3SuYU5SQHKBGiIPLLvcrM7iqi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-EZJh86UlgnDXJBucubC8m3H3SuYU5SQHKBGiIPLLvcrM7iqi' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f9793099587ea
server-timing
"traceparent;desc="00-0000000000000000000f9793099587ea-9f7f226bd64568d9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220094-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9793099587ea-9dafe599ca60c6b4-01
x-timer
S1704645248.985062,VS0,VE252
etag
W/"841-iK4Alc/vcdO5bunfyYD2Lddgs6o"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
cookie-banner
www.paypal.com/signin/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/cookie-banner?flowId=3FT3353711720351R&cookieBannerVariant=hidden&
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45b4f7ba2bdfb257f17a490e7e5afc99ba71092458764085f07b3d1918e4506e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-l0XOA+n9+Rkkim769hYVOD7vAc1auJ69z0nlLGf/i0DxDMtK' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-l0XOA+n9+Rkkim769hYVOD7vAc1auJ69z0nlLGf/i0DxDMtK' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f979309cfba1c
server-timing
"traceparent;desc="00-0000000000000000000f979309cfba1c-8baded441ac349c5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220039-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309cfba1c-5154fb0cc52305f2-01
x-timer
S1704645248.984839,VS0,VE260
etag
W/"4850-8lrf+H17xARrZuR1CvI7ekZTsiI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
load-resource
www.paypal.com/signin/ 		65 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
debc3a34f2611078267eea8130c4fde5b46ee975dc1ca87c9180b100d2bdd435
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-zTAOHsc20uuju+O/5iGXKRZQZEeITK5mRkrdkAQMYOwRSKPR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-zTAOHsc20uuju+O/5iGXKRZQZEeITK5mRkrdkAQMYOwRSKPR' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f979309a40fd7
server-timing
"traceparent;desc="00-0000000000000000000f979309a40fd7-dc95854be21e2652-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230076-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309a40fd7-c167773e47935437-01
x-timer
S1704645248.004325,VS0,VE276
etag
W/"10537-KN/AGNqH18xXOfxoLxI5pZq5AMI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95968232dc3489e5f4cfd205eb22ee6aa55d2f5b3b7a66596b12261dcb35e1f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-HOCWgLFVrW4AHWd0res3dAdowheazg7EgRMSm6o2fVJVEysA' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-HOCWgLFVrW4AHWd0res3dAdowheazg7EgRMSm6o2fVJVEysA' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f9793098f322a
server-timing
"traceparent;desc="00-0000000000000000000f9793098f322a-621133c2c50881b6-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220027-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9793098f322a-8f1b4fdfc8dfe750-01
x-timer
S1704645248.004304,VS0,VE233
etag
W/"7ee-5BEiY8HI84/mTILW9CbGaUeb/jM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
client-log
www.paypal.com/signin/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4a91cc97c13e2d41219b1409fabdcec6a73182fcb21fc12680b7d9cade3eb60
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-DX8Oog7zkuiy5lq91pvOzKAqMEK9aq1tKD5bhce6rePJXYK4' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-DX8Oog7zkuiy5lq91pvOzKAqMEK9aq1tKD5bhce6rePJXYK4' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f979309cc322e
server-timing
"traceparent;desc="00-0000000000000000000f979309cc322e-08ee2cab93714072-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220043-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309cc322e-729e7be0b5783945-01
x-timer
S1704645248.004581,VS0,VE218
etag
W/"7ec-hfe1fcoTKi7qiJW2KqzQBloGRTU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame A3C4 		503 KB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paypalobjects.com/
Origin
https://www.paypalobjects.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:45:52 GMT
x-content-type-options
nosniff
age
20896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
514678
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 10:45:52 GMT
logclientdata
www.paypal.com/auth/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/logclientdata
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d9c5f7ce8c97f5565da783e36349bd6dbbd2811a3f5e52bb1dd150408a58db6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-gBPsBcc0LekOTymzz8XJeRpvbAX4cYe36u4cBFAdbQoea/zv' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-gBPsBcc0LekOTymzz8XJeRpvbAX4cYe36u4cBFAdbQoea/zv' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f979309888dd4
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230025-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309888dd4-c7397117627b7327-01
x-timer
S1704645248.013092,VS0,VE207
etag
W/"709-hD0LBZPZOKLnDIBq/BSj9jOhekM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
csp
www.paypal.com/csplog/api/log/ Frame 2037 		2 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/csplog/api/log/csp
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-5cfO5VRvpszvaJtPHNzsn3ANF0z/c2sQMqx4dAZz5xeFUMCP' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-5cfO5VRvpszvaJtPHNzsn3ANF0z/c2sQMqx4dAZz5xeFUMCP' 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src https://*.paypal.com https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS, MISS
paypal-debug-id
f979309caf9b2
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f979309caf9b2-43dc425d1a4c341e-01
x-timer
S1704645248.049460,VS0,VE229
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0, 0
i
c.paypal.com/v1/r/d/ Frame 72BB 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
78b9e572efe39
date
Sun, 07 Jan 2024 16:34:08 GMT
origin-trial
A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id
78b9e572efe39
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000078b9e572efe39-27d955977c798de7-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220106-FRA, cache-fco2270024-FCO
x-timer
S1704645248.051913,VS0,VE175
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v1/ Frame 2037
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 16:34:08 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1CQS02Uk45NjA2OU05OTgxMTk0NyZpPTg1LjE5MC4yMzMuNSZ0PTE3MDQ2NDUyNDcuMzYmYT0yMSZzPVVOSUZJRURfTE9HSU5EZiBFcabx-Rw4nHJ7nVRPFtOYFw
Date
Sun, 07 Jan 2024 16:34:08 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
p3
c6.paypal.com/v1/r/d/b/ 		0
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=BA-6RN96069M99811947&s=UL_CHECKOUT_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
paypal-debug-id
d126492742b7f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
0
x-served-by
cache-fra-etou8220080-FRA, cache-fco2270032-FCO
correlation-id
d126492742b7f
traceparent
00-0000000000000000000d126492742b7f-245a8be7d27dc5f4-01
x-timer
S1704645248.117599,VS0,VE207
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
fb.js
c.paypal.com/da/r/ Frame 72BB 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (daa/7D20) /
Resource Hash
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
248417
date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
age
835602
x-cache
HIT
paypal-debug-id
14db3e43dadf6
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
21999
x-served-by
cache-fco2270024-FCO
last-modified
Wed, 13 Dec 2023 22:28:54 GMT
server
ECAcc (daa/7D20)
traceparent
00-000000000000000000014db3e43dadf6-b8a7b8984e3aa2ec-01
x-timer
S1704645248.253436,VS0,VE1
etag
W/"657a3026-1026d"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 16:34:08 GMT
ts
t.paypal.com/ 		42 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1704645248263&g=-60&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Agdpr_v2.1&qual=input_email&pgst=1704645247303&calc=f601475142ce0&nsid=xF_oTh5Xbck46DUNCNRGqFtIXercfqDq&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=IT&csci=46a332c6e19d483c94880c8e408f2b2b&comp=unifiedloginnodeweb&tsrce=billingnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105410%2C105409%2C104406%2C104405%2C104407&xt=123956%2C123954%2C119037%2C119034%2C119038&transition_name=ss_prepare_email&userRedirected=true&fltk=3FT3353711720351R&flid=3FT3353711720351R&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7CpayWithCard&context_id=3FT3353711720351R&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&api_name=cookieBanner&displaypage=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&ppage=privacy_banner&bannertype=cookiebanner&flag=gdpr_v2.1&bannerversion=v6&bannersource=ConsentNodeServ&bannervariant=hidden&eligibility_reason=true&is_native=false&cookie_disabled=false&reason_to_hide=Invisible%20banner%20loaded&event_name=cookie_banner_shown&e=ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA5) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 16:34:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
03893aa985eba
server
ECAcc (frc/4CA5)
traceparent
00-000000000000000000003893aa985eba-8c8073478e03798b-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
03893aa985eba
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:34:08 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame E2F0 		41 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
GSE /
Resource Hash
6e4fdc1ce87dcd3927a2e16a8399445adcefc6fb1ca0afb132ccf8cef223c669
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SssqBTVaiL4CBYAo7EyM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SssqBTVaiL4CBYAo7EyM0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 16:34:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C29) /
Resource Hash
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
7acccca376291
dc
ccg11-origin-www-1.paypal.com
content-length
110177
last-modified
Sat, 13 Feb 2021 00:29:58 GMT
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
server
ECAcc (mil/6C29)
etag
"60271d86-1ae61"
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 07 Jan 2024 17:34:08 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 72BB 		125 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c8b28fdc8a75d7b6e4cd18f979e652a91e4218f66e4be0555e24228a1b02671
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
c2b4a974a1891
server-timing
"traceparent;desc="00-0000000000000000000c2b4a974a1891-969ae9036ca0a3ce-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length
125
x-served-by
cache-fra-eddf8230113-FRA, cache-fco2270024-FCO
correlation-id
c2b4a974a1891
traceparent
00-0000000000000000000c2b4a974a1891-a411c9748d9fa19b-01
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.paypal.com
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame 72BB 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 16:34:08 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
71b0469f5811b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220072-FRA, cache-fco2270024-FCO
correlation-id
71b0469f5811b
traceparent
00-000000000000000000071b0469f5811b-80e11b2db081c292-01
vary
Accept-Encoding
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
verifychallenge
www.paypal.com/auth/ 		2 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifychallenge
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-NCL1oI1uwffIEeeFbf9xa59WIK5O6jM9OgqpVgFiH619ej1G' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-NCL1oI1uwffIEeeFbf9xa59WIK5O6jM9OgqpVgFiH619ej1G' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f9793092e7779
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220033-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f9793092e7779-0bf1f0e7545a28a1-01
x-timer
S1704645248.339933,VS0,VE252
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E2F0 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 08:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 08:10:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E2F0 		503 KB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 10:45:52 GMT
x-content-type-options
nosniff
age
20896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
514678
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 10:45:52 GMT
tealeaftarget
www.paypal.com/platform/ 		40 B
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/platform/tealeaftarget
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ef767852211b7eb5cabc89b5ce35844de37ad633c6bcf19a336018192b7500f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Encoding
gzip
X-Tealeaf-SaaS-TLTDID
90360210749201644062803628444250
X-Tealeaf
device (UIC) Lib/6.4.60
X-Tealeaf-SyncXHR
false
X-Tealeaf-MessageTypes
1,2,5,7,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
76938917d7504ff7a962174c021690bd
X-Tealeaf-SaaS-TLTSID
89838780491225296672199491637252
X-Requested-With
fetch
X-TealeafType
GUI
accept-language
it-IT,it;q=0.9
X-PageId
P.M639G4AUP6AEPW9YUFZ5ZBU3JWRB
X-TeaLeaf-Page-Url
/webapps/hermes
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f7742760ff530
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230043-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f7742760ff530-301da92d44483295-01
x-timer
S1704645249.515876,VS0,VE176
etag
W/"28-K4AVMpKWtBWOlbEX4YLDTvxXrLY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame E2F0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 17:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
255631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 17:33:37 GMT
ts
t.paypal.com/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1704645248738&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1704645247303&calc=f601475142ce0&nsid=xF_oTh5Xbck46DUNCNRGqFtIXercfqDq&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=IT&csci=46a332c6e19d483c94880c8e408f2b2b&comp=unifiedloginnodeweb&tsrce=billingnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C102434%2C102434%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C108653%2C108652%2C100846%2C101875%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101124%2C101216%2C100942%2C103648%2C104200%2C108076&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104577%2C104577%2C109052%2C109052%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C105858%2C141151%2C141149%2C102359%2C106610%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103402%2C103864%2C113529%2C114559%2C127485%2C138090&transition_name=ss_prepare_email&userRedirected=true&fltk=3FT3353711720351R&flid=3FT3353711720351R&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7CpayWithCard&context_id=3FT3353711720351R&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2886%2C%22tcp%22%3A2283%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A305%7D&pt=Accedi%20al%20tuo%20conto%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=843&t3=144&t4d=0&t4=0&t4e=3&tt=2583&rdc=0&protocol=h2&res=%7B%7D&rtt=239&t12=2358
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF8) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 16:34:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
8e45f199126e0
server
ECAcc (frc/4CF8)
traceparent
00-00000000000000000008e45f199126e0-9ccafd507ee633a9-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8e45f199126e0
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:34:08 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame E2F0 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 07 Jan 2024 16:34:08 GMT
reload
www.recaptcha.net/recaptcha/enterprise/ Frame E2F0 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/reload?k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
GSE /
Resource Hash
50eff9ff681ea9be65d7f2d98b9fb81f6449e555cea15d0c2d02050c801b20d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsb2JqZWN0cy5jb206NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=wji0kjvrcjxk
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 07 Jan 2024 16:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 07 Jan 2024 16:34:09 GMT
verifygrcenterprise
www.paypal.com/auth/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/auth/verifygrcenterprise
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-bHo7Etaht3WiyIjyDpw2vzMTFvbNhitqraqGqdQrfLepe22q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
x-requested-with
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-bHo7Etaht3WiyIjyDpw2vzMTFvbNhitqraqGqdQrfLepe22q' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 16:34:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f7742761008e8
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230132-FRA, cache-fco2270024-FCO, cache-fco2270024-FCO
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f7742761008e8-48d7e84842eb7d5f-01
x-timer
S1704645249.067186,VS0,VE327
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
ts
t.paypal.com/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1704645249739&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1704645247303&calc=f601475142ce0&nsid=xF_oTh5Xbck46DUNCNRGqFtIXercfqDq&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=IT&csci=46a332c6e19d483c94880c8e408f2b2b&comp=unifiedloginnodeweb&tsrce=billingnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C102434%2C102434%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C108653%2C108652%2C100846%2C101875%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101124%2C101216%2C100942%2C103648%2C104200%2C108076&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104577%2C104577%2C109052%2C109052%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C105858%2C141151%2C141149%2C102359%2C106610%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103402%2C103864%2C113529%2C114559%2C127485%2C138090&transition_name=ss_prepare_email&userRedirected=true&fltk=3FT3353711720351R&flid=3FT3353711720351R&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7CpayWithCard&context_id=3FT3353711720351R&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=280&t3=2&tt=282&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A0%2C%22t11%22%3A282%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 16:34:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
63b47cdc784e5
server
ECAcc (frc/4CB9)
traceparent
00-000000000000000000063b47cdc784e5-76896eeebd149b3f-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
63b47cdc784e5
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:34:09 GMT
ts
t.paypal.com/ 		42 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.8.12&t=1704645249739&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1704645247303&calc=f601475142ce0&nsid=xF_oTh5Xbck46DUNCNRGqFtIXercfqDq&rsta=it_IT&pgtf=Nodejs&env=live&s=ci&ccpg=IT&csci=46a332c6e19d483c94880c8e408f2b2b&comp=unifiedloginnodeweb&tsrce=billingnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=100353%2C105604%2C105604%2C101124%2C105351%2C101126%2C100614%2C101257%2C102153%2C104200%2C104200%2C105352%2C102028%2C105999%2C100885%2C101270%2C102557%2C102557%2C101408%2C101408%2C102434%2C102434%2C100644%2C105124%2C100391%2C102695%2C100263%2C101031%2C100267%2C108076%2C100527%2C107054%2C107054%2C105271%2C101688%2C101821%2C101820%2C102208%2C105543%2C105416%2C105416%2C105544%2C101064%2C106058%2C104778%2C103119%2C100303%2C100942%2C100307%2C100572%2C100316%2C101214%2C101216%2C103648%2C101090%2C105698%2C102629%2C101735%2C104039%2C104039%2C101736%2C108653%2C108652%2C100846%2C101875%2C102390%2C102390%2C104571%2C104571%2C107263%2C107263%2C101124%2C101216%2C100942%2C103648%2C104200%2C108076&xt=100886%2C124899%2C124899%2C103402%2C123673%2C103409%2C101617%2C104043%2C107844%2C127485%2C127485%2C123688%2C107258%2C127242%2C102543%2C106407%2C109630%2C109630%2C104577%2C104577%2C109052%2C109052%2C101702%2C123242%2C100984%2C110241%2C100632%2C102993%2C100641%2C138090%2C101405%2C132781%2C132781%2C123250%2C105645%2C106327%2C106324%2C108106%2C124626%2C125100%2C125100%2C124628%2C103105%2C127563%2C121149%2C112308%2C102555%2C113529%2C100737%2C102546%2C100768%2C103847%2C103864%2C114559%2C104050%2C125356%2C109962%2C105856%2C120731%2C120731%2C105858%2C141151%2C141149%2C102359%2C106610%2C108797%2C108797%2C119908%2C119908%2C133840%2C133840%2C103402%2C103864%2C113529%2C114559%2C127485%2C138090&transition_name=ss_prepare_email&userRedirected=true&fltk=3FT3353711720351R&flid=3FT3353711720351R&ctx_login_ot_content=0&obex=checkout&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7CpayWithCard&context_id=3FT3353711720351R&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=198&t3=1&tt=200&protocol=h2&cenc=br&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A200%2C%22nt%22%3A%22res%22%7D&e=pf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C97) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.paypal.com/webapps/hermes?token=3FT3353711720351R&useraction=commit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 16:34:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
485b137780924
server
ECAcc (frc/4C97)
traceparent
00-0000000000000000000485b137780924-b6c7d00000063df1-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
485b137780924
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:34:09 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL boolean| paypalADSInterceptorInjected function| $ object| fpti string| fptiserverurl object| fptiOptions boolean| trackLazyData object| _ifpti function| init function| _0x27cc function| setStyle function| resizeWidget function| getListenerSearchKey function| getTargetOrigin function| renderGRCV3Enterprise function| recaptchaClientLogPostData function| _0x5d7d object| latmconf object| laDataLayer object| pako object| TLT function| bindGdprEvents function| hideGdprBanner function| showGdprBanner function| _0x436a3 function| _0x24a7 function| _0x3ea3 object| d function| baeebdccdeedcae object| err

19 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09APYnBZU1bDtMK6iZEzRInKNbiAJXa2byMmxfzmOKnY-UbwYQ-TaKiqg6Azmp-98PTi2JomeY1zYMBio6i9kVzUI
.paypal.com/ Name: LANG
Value: it_IT%3BIT
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: x-csrf-jwt
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6ImFmclNySTQtWi1tdXdqRlpJVkUxSnhqZ1VqZG9uWFp3STJoZFVYYUtNWXFPRlRtajNKQ1FyemEzQmlGZm4ydmh6VGlGWWo3cTFiYlAxOHQ2eDF4OVdrUUl3NE1RaHBYVUhrYmswdmJKQ0RBRmxKczQ5SHRGd0hJV0JHQ3ZMYmFmMl9zOEFpU2hTN1l6YnpnZnU4a2tURWFpYzZuOXFvbFFpM0pNdzhCTWNHMVlER0o1UnlaNHFxeG42YkciLCJpYXQiOjE3MDQ2NDUyNDYsImV4cCI6MTcwNDY0ODg0Nn0.1Y8LsYS7JvNoq6GKK6Jz1BvOBauM24y5ToS0or4iF-I
www.paypal.com/ Name: nsid
Value: s%3AxF_oTh5Xbck46DUNCNRGqFtIXercfqDq.MoLiHBYocyqYhvKGEVIGy8APRZkSyJenkSSYrJDiQFI
.paypal.com/ Name: l7_az
Value: dcg16.slc
.paypal.com/ Name: ts_c
Value: vr%3De4c63b7218c0a788586ef741ffe86f7a%26vt%3De4c63b7218c0a788586ef741ffe86f79
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: 46a332c6e19d483c94880c8e408f2b2b1704645247328
.paypal.com/ Name: TLTSID
Value: 89838780491225296672199491637252
.paypal.com/ Name: TLTDID
Value: 90360210749201644062803628444250
.paypal.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.stats.paypal.com/ Name: c
Value: 2ee36264d29b34688e09
.paypal.com/ Name: tsrce
Value: authchallengenodeweb
.paypal.com/ Name: sc_f
Value: rEkVt_ZVkGVC5f1UXvcTSUJBmaLNkpESolRTuS0Hh7kh6GOCvQJkyc_Cd_aSl7-lj_eQiI2Z0BTDFzWR2XRdMNGzHBQFaOPRiIYTD0
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: -XUCmxqMnEqkinHrfqx9kh7u6ROvFr6AnqyszOyqsX3P8SsJjXQEItKHsZwlgp-ONr-55Ajg-Z-XQk7n
.paypal.com/ Name: ddi
Value: ICJ59yG7A6eIMiAouFrxyrTNx6-QZhkaxBLkUG4uywwFePYjLBrSM7oJ7tf0_Ko1vv1I6cf47sdwBj6vEfL7E-tRichTDMJZcWbSPplmyqEpGOKS
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTcwNDY0NTI0OTI5NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1799253249%26vteXpYrS%3D1704647049%26vr%3De4c63b7218c0a788586ef741ffe86f7a%26vt%3De4c63b7218c0a788586ef741ffe86f79%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; script-src 'nonce-ew/RLmnhNbq/6Bl59rWBWMs44mv13oXGNoatpMEgsgemy3oY' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; img-src 'self' https://*.googleusercontent.com/ https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://192.55.233.1 'unsafe-inline' https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://smartlock.google.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
reconexion.deltastreamplus.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
142.250.184.195
142.250.186.68
144.76.111.91
151.101.129.35
151.101.193.21
172.217.16.195
192.229.221.25
64.4.245.84
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
27e23955d2e8a8b15dd900996040b9895ebaad02ddcff68b43a64b90511f7904
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
3f7228e4427fa6bee73b5c51a4ae99ef99bf5919dfa7f501d1c498bbdfb51e67
4027a3588c459615aa41fc2fbcda9acbdd6832efe16c65a8e875716e182005fc
45b4f7ba2bdfb257f17a490e7e5afc99ba71092458764085f07b3d1918e4506e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47096fcf22c58f177936f84eac91ef9113639043881ee6de5358162077fd62b0
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
50eff9ff681ea9be65d7f2d98b9fb81f6449e555cea15d0c2d02050c801b20d7
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
571263f5db21d1eae6cd993bfdbb5c8bdc80175ff48416233c33418dd362ce56
571f51ab009648d4ead194e87b103301b217e636dc7b5d1f24069b78a94067fe
6117da63c3cf543c247e9b6a7198a8cf0ef7db5a8de3096cf1a7be3d189c37b8
69be7adca53f8e3b8d56a359e63ec6510fd119768ec947d343a853f698d7a5c5
6ae30cb1ab74d66217a576b78124e053906f0a93cbf2d9f0ad398518f8442264
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e4fdc1ce87dcd3927a2e16a8399445adcefc6fb1ca0afb132ccf8cef223c669
6fc228cefa26f2917c7ef238654afd0d278c43c821ca4d537aa112b2d2c8993f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c8b28fdc8a75d7b6e4cd18f979e652a91e4218f66e4be0555e24228a1b02671
88590085eeb8bcf48a167dfab420bb7ba10466b3018af1d9f872fec50a33e29d
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95968232dc3489e5f4cfd205eb22ee6aa55d2f5b3b7a66596b12261dcb35e1f6
9ef767852211b7eb5cabc89b5ce35844de37ad633c6bcf19a336018192b7500f
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b90c27394fd4eeb475bc7209de9abc430d7da45d01f11695945a7377901515b5
d4a91cc97c13e2d41219b1409fabdcec6a73182fcb21fc12680b7d9cade3eb60
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
d9c5f7ce8c97f5565da783e36349bd6dbbd2811a3f5e52bb1dd150408a58db6c
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
db0beabfe7ae09d0a2092962823a6198893a7e7694a12febf6b49098ebd5f048
debc3a34f2611078267eea8130c4fde5b46ee975dc1ca87c9180b100d2bdd435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500bba8b43058f87009037d8153203079cb1d7989d794f966fe432353fce52d
e79f32143b50d18be9683d35e1a585854e8428229b6a57eb57e7138d9cc15c34
e8e183d92c4e080b78ab222eeae83c370e2915355d0f268e100e044008e70c34
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
fada41896b647069fdf18f422741771a08865c321e033128532a30cce9533735