hxxps://www[.]paypal[.]com/us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1[.]294[.]0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security

Analysis

max time kernel
9s
max time network
10s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
09/12/2024, 14:28 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.paypal.com/us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security

Score

5^/10

paypal discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand PAYPAL.
phishing paypal

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133782281001860134"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4744	chrome.exe
4744	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe

Suspicious use of AdjustPrivilegeToken 18 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe
Token: SeShutdownPrivilege	4744	chrome.exe
Token: SeCreatePagefilePrivilege	4744	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe
4744	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4744 wrote to memory of 2164	4744	chrome.exe	80
PID 4744 wrote to memory of 2164	4744	chrome.exe	80
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 2100	4744	chrome.exe	81
PID 4744 wrote to memory of 3656	4744	chrome.exe	82
PID 4744 wrote to memory of 3656	4744	chrome.exe	82
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83
PID 4744 wrote to memory of 4452	4744	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.paypal.com/us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff9cf91cc40,0x7ff9cf91cc4c,0x7ff9cf91cc58
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1776,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  PID:3656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2428 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3736,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4340 /prefetch:1
  2⤵
  PID:3652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4796,i,7624246761881848156,10793252878492404710,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4808 /prefetch:8
  2⤵
  PID:232

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4412

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2612

Network

DNS

www.paypal.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.paypal.com

IN A

Response

www.paypal.com

IN CNAME

www.glb.paypal.com

www.glb.paypal.com

IN CNAME

paypal-dynamic.map.fastly.net

paypal-dynamic.map.fastly.net

IN A

151.101.1.21

paypal-dynamic.map.fastly.net

IN A

151.101.129.21

paypal-dynamic.map.fastly.net

IN A

151.101.193.21

paypal-dynamic.map.fastly.net

IN A

151.101.65.21
GET

https://www.paypal.com/us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-QT6bawFC9oeTVIRNZSxlz3/lRQEeZZ7WjCCZdA030XKqkQ8g' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
location: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f889645c05c38
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:12 GMT; HttpOnly; Secure; SameSite=None
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:16 GMT; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5Njg2MyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=mppnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:16 GMT; HttpOnly; Secure; SameSite=None
set-cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290496%26vteXpYrS%3D1733756296%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:16 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:16 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f889645c05c38-52880cb7b3d3c11f-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980073-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754497.686190,VS0,VE249
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 188
GET

https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /us/digital-wallet/buyer-purchase-protection HTTP/2.0
host: www.paypal.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5Njg2MyIsImwiOiIwIiwibSI6IjAifQ
cookie: tsrce=mppnodeweb
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: ts=vreXpYrS%3D1765290496%26vteXpYrS%3D1733756296%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://*.paypal-mktg.com https://*.qualtrics.com; script-src 'nonce-cQXG5LPfHsoVodqOx+Zk1FRo1VgDLZPGPQwSqdExRsINNBT0' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com https://pypd.paypal-mktg.com 'unsafe-inline'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com https://*.salesforce.com https://*.force.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://paypal.us-4.evergage.com https://browser-intake-us5-datadoghq.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data: https://www.google-analytics.com https://www.analytics.google.com https://region1.google-analytics.com https://region1.analytics.google.com; form-action 'self' https://*.paypal.com https://*.salesforce.com https://secure.opinionlab.com https://*.paypal-mktg.com https://*.paypal-corp.com https://signup.partnerize.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"241da-BovKHoG6IG4f5CcGrDuxB2fVe9Q"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f889645f26f7b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:17 GMT; Secure; SameSite=None
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:13 GMT; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=ppcmsnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:16 GMT; HttpOnly; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5NzM2NCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290497%26vteXpYrS%3D1733756297%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:17 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f889645f26f7b-6048be9b0b867ae6-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980050-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754497.972229,VS0,VE523
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
GET

https://www.paypal.com/auth/createchallenge/f2f744a37bc919bd/recaptchav3.js?_sessionID=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /auth/createchallenge/f2f744a37bc919bd/recaptchav3.js?_sessionID=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: tsrce=ppcmsnodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5NzM2NCIsImwiOiIwIiwibSI6IjAifQ
cookie: ts=vreXpYrS%3D1765290497%26vteXpYrS%3D1733756297%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-HKZHHlZfvgwK+/hamWG/s6Er/zJFn3BGKxbp3AAyVcrL+3hO' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/javascript; charset=utf-8
etag: W/"2b2a-yOJlEEt1UyVk7wLIr2n15iXB888"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f22237457381e
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:13 GMT; HttpOnly; Secure; SameSite=None
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:17 GMT; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5NzkwNyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=authchallengenodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290497%26vteXpYrS%3D1733756297%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:17 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f22237457381e-ffce1a926881e8a8-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980036-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754498.755199,VS0,VE230
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f22237457381e-f61a75641b09f6bd-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
GET

https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=paypal&tenantData={}

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=paypal&tenantData={} HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
content-type: application/json
access-control-allow-origin: *
accept: */*
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version: "123.0.6312.123"
x-requested-with: XMLHttpRequest
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: ts=vreXpYrS%3D1765290497%26vteXpYrS%3D1733756297%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5NzkwNyIsImwiOiIwIiwibSI6IjAifQ
cookie: tsrce=authchallengenodeweb
cookie: l7_az=dcg04.phx
cookie: _dd_s=rum=2&id=3924ac0f-ff3c-4452-b955-32f1e1db0f44&created=1733754497520&expire=1733755397520

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
etag: W/"15c2-193241934e0"
last-modified: Wed, 13 Nov 2024 05:57:32 GMT
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f222374f77e51
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:14 GMT; HttpOnly; Secure
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f222374f77e51-c803277c5516720e-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980088-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754498.134969,VS0,VE161
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f222374f77e51-da909b1625bc6d3f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
GET

https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /auth/recaptcha/grcenterprise_v3.html HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: ts=vreXpYrS%3D1765290497%26vteXpYrS%3D1733756297%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5NzkwNyIsImwiOiIwIiwibSI6IjAifQ
cookie: tsrce=authchallengenodeweb
cookie: l7_az=dcg04.phx
cookie: _dd_s=rum=2&id=3924ac0f-ff3c-4452-b955-32f1e1db0f44&created=1733754497520&expire=1733755397520

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-iSgdFqzuMQDBxdlb1sJs2MhlLEgEc2qGoXetI5NaqA7AtXKz' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/json; charset=utf-8
etag: W/"5625-3mM+/hOyv7CAVCtcAEEsx/vH6jM"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f222374f16c37
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:14 GMT; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=privacynodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODI1NyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f222374f16c37-0f1e2a1ffa738b31-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980093-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754498.082188,VS0,VE252
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f222374f16c37-657f2653a9a8669f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
GET

https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/digital-wallet/buyer-purchase-protection

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /smartchat/open/eligibility?intent=SALESCHAT&page=/us/digital-wallet/buyer-purchase-protection HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-platform-version: "10.0.0"
x-requested-with: XMLHttpRequest
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: _dd_s=rum=2&id=3924ac0f-ff3c-4452-b955-32f1e1db0f44&created=1733754497520&expire=1733755397520
cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: tsrce=privacynodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODI1NyIsImwiOiIwIiwibSI6IjAifQ

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn; script-src 'nonce-lpFI+Pi1InKJuu0dnCuQoyuKSLw7NMvgZiq05ia6X8T/43Lh' 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' ; img-src 'self' https: data:; object-src 'none'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn 'unsafe-inline' https://*.kampyle.com https://*.qualtrics.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn data:; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; frame-ancestors 'self' https://help.venmo.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypal.cn https://*.qualtrics.com;
content-type: application/json; charset=utf-8
etag: W/"4f2-UxvHfBpKz8abJxSgVmLnWYZmMoA"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f22237408a579
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:14 GMT; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=smartchatnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODUyMCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f22237408a579-e9d0ebd705e1d2f9-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980082-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754498.368380,VS0,VE229
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
GET

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
content-type: application/json
sec-ch-ua-full-version: "123.0.6312.123"
accept: application/json
sec-ch-ua-platform-version: "10.0.0"
x-requested-with: XMLHttpRequest
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: _dd_s=rum=2&id=3924ac0f-ff3c-4452-b955-32f1e1db0f44&created=1733754497520&expire=1733755397520
cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: tsrce=privacynodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODI1NyIsImwiOiIwIiwibSI6IjAifQ

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-d5/W9LHyB/0cTAfSaZY+TKXZYh2xHwIxg4f/700SiDAyaNL5' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/plain; charset=utf-8
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f2223746ee278
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:14 GMT; HttpOnly; Secure; SameSite=None
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODU3MSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:18 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f2223746ee278-d4de218199e375f6-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Mon, 09 Dec 2024 14:28:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980081-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754498.430172,VS0,VE220
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f2223746ee278-822d8e07f0debddd-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
POST

https://www.paypal.com/auth/verifygrcenterprise

chrome.exe

Remote address:

151.101.1.21:443

Request

POST /auth/verifygrcenterprise HTTP/2.0
host: www.paypal.com
content-length: 2571
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
content-type: application/x-www-form-urlencoded
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-platform-version: "10.0.0"
x-requested-with: XMLHttpRequest
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.paypal.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
cookie: tsrce=smartchatnodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODU3MSIsImwiOiIwIiwibSI6IjAifQ
cookie: _dd_s=rum=2&id=3924ac0f-ff3c-4452-b955-32f1e1db0f44&created=1733754497520&expire=1733755397520
cookie: ts=vreXpYrS%3D1765290499%26vteXpYrS%3D1733756299%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; script-src 'nonce-8AlQSelt1l/wCE25oDURnPvau6MWozTHlkHE0kIZelUEI05E' 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.recaptcha.net https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://objects.paypal.cn https://*.paypal.com https://*.paypal.cn https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; font-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://www.google.com https://www.recaptcha.net https://paypal-api.arkoselabs.com https://paypal-api.arkose.com.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com; form-action 'self' https://*.paypal.com https://*.paypal.cn https://*.zettle.com https://*.xoom.com; base-uri 'self' https://*.paypal.com https://*.paypal.cn; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://hcaptcha.com https://*.hcaptcha.com https://*.qualtrics.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f216291644f27
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: _dd_s=; Domain=www.paypal.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:20 GMT; Secure; SameSite=None
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:16 GMT; HttpOnly; Secure; SameSite=None
set-cookie: _dd_s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDUwMDMwMyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=authchallengenodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:20 GMT; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:20 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290500%26vteXpYrS%3D1733756300%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:20 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:20 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f216291644f27-f61370dd1d5c8bb5-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
date: Mon, 09 Dec 2024 14:28:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980078-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754500.064237,VS0,VE320
server-timing: "traceparent;desc="00-0000000000000000000f216291644f27-b93464ca46a8d17f-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
GET

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

chrome.exe

Remote address:

151.101.1.21:443

Request

GET /myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection HTTP/2.0
host: www.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
content-type: application/json
sec-ch-ua-full-version: "123.0.6312.123"
accept: application/json
sec-ch-ua-platform-version: "10.0.0"
x-requested-with: XMLHttpRequest
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: nsid=s%3A1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N.Z80H7%2BzKciv5PRWAMqH1diDhPrHZ%2Bjht5PvYZyTfJ4w
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
cookie: ts=vreXpYrS%3D1765290500%26vteXpYrS%3D1733756300%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDUwMDMwMyIsImwiOiIwIiwibSI6IjAifQ
cookie: tsrce=authchallengenodeweb
cookie: _dd_s=

Response

HTTP/2.0 200

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4FGWcmt9NeMNszT+a1PJdaT56vOtcj9Raoq/qFzgTgMHSqqr' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://api.sprig.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; frame-ancestors 'self' https://www.zettle.com/; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/plain; charset=utf-8
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f506300311046
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
set-cookie: _dd_s=; Domain=www.paypal.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 09 Dec 2025 14:28:21 GMT; Secure; SameSite=None
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Mon, 09 Dec 2024 23:14:17 GMT; HttpOnly; Secure; SameSite=None
set-cookie: _dd_s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure
set-cookie: x-pp-s=eyJ0IjoiMTczMzc1NDUwMTUxOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: tsrce=privacynodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 12 Dec 2024 14:28:21 GMT; HttpOnly; Secure; SameSite=None
set-cookie: l7_az=dcg04.phx; Path=/; Domain=paypal.com; Expires=Mon, 09 Dec 2024 14:58:21 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts=vreXpYrS%3D1765290501%26vteXpYrS%3D1733756301%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:21 GMT; HttpOnly; Secure; SameSite=None
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6; Path=/; Domain=paypal.com; Expires=Tue, 09 Dec 2025 14:28:21 GMT; Secure; SameSite=None
traceparent: 00-0000000000000000000f506300311046-81ce512a643f1727-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Mon, 09 Dec 2024 14:28:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr-egll1980052-LHR, cache-lcy-eglc8600088-LCY, cache-lcy-eglc8600088-LCY
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-timer: S1733754501.383711,VS0,VE214
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f506300311046-570d33fec4b22246-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

21.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.1.101.151.in-addr.arpa

IN PTR

Response
DNS

10.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.213.58.216.in-addr.arpa

IN PTR

Response

10.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f101e100net

10.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f10�H
DNS

www.paypalobjects.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.paypalobjects.com

IN A

Response

www.paypalobjects.com

IN CNAME

ppo.glb.paypal.com

ppo.glb.paypal.com

IN CNAME

paypal-dynamic-cdn.map.fastly.net

paypal-dynamic-cdn.map.fastly.net

IN A

151.101.3.1

paypal-dynamic-cdn.map.fastly.net

IN A

151.101.195.1

paypal-dynamic-cdn.map.fastly.net

IN A

151.101.67.1

paypal-dynamic-cdn.map.fastly.net

IN A

151.101.131.1
GET

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/helpers-a2443dbd.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/component-chunks/helpers-a2443dbd.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: text/css
etag: W/"6733f500-72aae"
last-modified: Wed, 13 Nov 2024 00:38:24 GMT
paypal-debug-id: 18410b00bbf0a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000018410b00bbf0a-d0b91bac74dc3c46-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10066-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 3, 17
x-timer: S1733754498.649881,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 37504
GET

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/Hero-0a33112e.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/component-chunks/Hero-0a33112e.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: text/css
etag: W/"673604f7-525fc"
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
paypal-debug-id: acfbbef99676f
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000acfbbef99676f-9c7bce6d3937d4d5-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000127-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 9, 19
x-timer: S1733754498.650525,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 19835
GET

https://www.paypalobjects.com/globalnav/css/main-f4a6edf8.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /globalnav/css/main-f4a6edf8.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: text/css
etag: W/"673e178c-6e63"
last-modified: Wed, 20 Nov 2024 17:08:28 GMT
paypal-debug-id: 75e15498edb4e
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000075e15498edb4e-ea5c79e117b659c4-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10055-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 15, 280
x-timer: S1733754498.650536,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 2985
GET

https://www.paypalobjects.com/globalnav/css/main-422a4145.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /globalnav/css/main-422a4145.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"6697f682-5a55"
last-modified: Wed, 17 Jul 2024 16:51:14 GMT
paypal-debug-id: fece372d6e65d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000fece372d6e65d-32d498e15f7ae4b1-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000120-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 528, 12703
x-timer: S1733754498.650814,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 6477
GET

https://www.paypalobjects.com/marketing/web23/us/en/ppe/buyer-purchase-protection/hero_size-tablet-up.jpg?quality=75&width=1500&format=webp

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/web23/us/en/ppe/buyer-purchase-protection/hero_size-tablet-up.jpg?quality=75&width=1500&format=webp HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: text/css
etag: W/"673604f7-a402"
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
paypal-debug-id: 117208b9c5ced
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000117208b9c5ced-64063f8249d36462-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000138-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 2605, 1
x-timer: S1733754498.650528,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 4962
GET

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /webcaptcha/ngrlCaptcha.min.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/webp
dc: ccg11-origin-www-1.paypal.com
etag: "l9EsaEeV6VPdOEF2GQX2c0VCBLRrZP0LTmRG2DMZ2JY"
fastly-io-info: ifsz=484608 idim=2560x2560 ifmt=jpeg ofsz=132012 odim=1500x1500 ofmt=webp
fastly-io-served-by: vpop-haf2300708
fastly-stats: io=1
paypal-debug-id: 6e30cd60a197a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006e30cd60a197a-c4bf7ecc28d7a7e5-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10076-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 570, 0
x-timer: S1733754498.650753,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 132012
GET

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/FeatureColumn-fff7a1f0.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/component-chunks/FeatureColumn-fff7a1f0.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: text/css
etag: W/"673e178c-ad8"
last-modified: Wed, 20 Nov 2024 17:08:28 GMT
paypal-debug-id: fb5ecd16495d3
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000fb5ecd16495d3-cfb1aafbb708ea2c-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000105-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-timer: S1733754498.754577,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 486
GET

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CardWrappedContentSection-33d0232e.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/component-chunks/CardWrappedContentSection-33d0232e.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"67378b7b-3b53"
last-modified: Fri, 15 Nov 2024 17:57:15 GMT
paypal-debug-id: 01ab0fea369c3
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000001ab0fea369c3-c83be5fb6f91334a-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10067-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 12, 17
x-timer: S1733754498.754780,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 3620
GET

https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CtaSection-eeefabf6.css

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/component-chunks/CtaSection-eeefabf6.css HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: text/css
etag: W/"673e178c-549"
last-modified: Wed, 20 Nov 2024 17:08:28 GMT
paypal-debug-id: 60a884046e36e
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000060a884046e36e-773a5bdef22f8051-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000097-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 610, 5
x-timer: S1733754498.754780,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 382
GET

https://www.paypalobjects.com/ncs/ncs.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ncs/ncs.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: text/css
etag: W/"673e178c-1e82"
last-modified: Wed, 20 Nov 2024 17:08:28 GMT
paypal-debug-id: 79d4a27cbe1f2
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000079d4a27cbe1f2-e54d3e0467e3d03d-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000122-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1733754498.754800,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 763
GET

https://www.paypalobjects.com/marketing/web/logos/paypal-mark-color_new.svg

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/web/logos/paypal-mark-color_new.svg HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: W/"66c45167-2c5"
last-modified: Tue, 20 Aug 2024 08:18:47 GMT
paypal-debug-id: 40a57c034f5d5
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000040a57c034f5d5-478f50b9c447597b-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10051-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 39, 27
x-timer: S1733754498.761620,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 396
GET

https://www.paypalobjects.com/ncs/paypal/mapping.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ncs/paypal/mapping.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"63dd70ed-11b"
last-modified: Fri, 03 Feb 2023 20:39:09 GMT
paypal-debug-id: b2c71eace5bca
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000b2c71eace5bca-89cb83921414d2d4-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000104-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 878, 19
x-timer: S1733754498.079740,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 108
GET

https://www.paypalobjects.com/pa/js/min/pa.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /pa/js/min/pa.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"6735ac2d-11212"
last-modified: Thu, 14 Nov 2024 07:52:13 GMT
paypal-debug-id: 1a26271cc541f
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001a26271cc541f-5475303183f0153f-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000121-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 21, 13657
x-timer: S1733754498.153960,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 24676
GET

https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /paypal-ui/logos/svg/paypal-mark-color.svg HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: W/"66d9ab63-2c5"
last-modified: Thu, 05 Sep 2024 13:00:19 GMT
paypal-debug-id: 1ffebe234027c
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001ffebe234027c-3da441485e82e581-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10044-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 10, 10538
x-timer: S1733754498.229479,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 396
GET

https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /helpcenter/smartchat/sales/v1/open-chat.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
etag: "60271b1c-5bf"
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
paypal-debug-id: 8d703efa6fa8b
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000008d703efa6fa8b-a2badc33a7c12339-01
dc: ccg11-origin-www-1.paypal.com
log-timing: fetch=63920,misspass=131,do_stream=0
log-origin: ip=173.0.87.20,port=443,name=F_ccg13_wju_origin_www_1_paypal_com,status=200,reason=OK,method=GET,url="/helpcenter/smartchat/sales/v1/open-chat.js",host=www.paypalobjects.com,shield=SJC,src_ip=157.52.96.47,alternate_path=0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10047-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 878, 25
x-timer: S1733754498.229469,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 1471
GET

https://www.paypalobjects.com/webstatic/icon/pp32.png

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /webstatic/icon/pp32.png HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "L8ILBcMkrkSJB9s5nmuLuLKzLm5JpnBB7E2KeA4ZxRU"
fastly-io-info: ifsz=3972 idim=32x32 ifmt=png ofsz=1514 odim=32x32 ofmt=png
fastly-io-served-by: vpop-haf2300713
fastly-stats: io=1
paypal-debug-id: 9a41d4e204c84
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009a41d4e204c84-c8d4b6462a508053-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000107-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 3815, 28
x-timer: S1733754499.753410,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1514
GET

https://www.paypalobjects.com/webstatic/icon/favicon.ico

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /webstatic/icon/favicon.ico HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: image/x-icon
etag: W/"5362bc15-1536"
last-modified: Thu, 01 May 2014 21:26:45 GMT
paypal-debug-id: c17eace0e3326
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c17eace0e3326-64e78e2effca0473-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10023-SJC, cache-lon420116-LON
x-cache: HIT, HIT
x-cache-hits: 2889, 5122
x-timer: S1733754499.785643,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1309
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/core-64559002.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
etag: "66a3cfaf-6edb"
last-modified: Fri, 26 Jul 2024 16:32:47 GMT
paypal-debug-id: 732c52415be8c
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000732c52415be8c-94fe729a17af7cb9-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10030-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 36, 5732
x-timer: S1733754498.653071,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 28379
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/datadog-b1cfe729.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/datadog-b1cfe729.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673604f7-15378"
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
paypal-debug-id: cc5c53052e59f
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000cc5c53052e59f-73229b875c101c7d-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000107-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 5239
x-timer: S1733754498.653029,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 30217
GET

https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Bold.woff2

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Bold.woff2 HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673604f7-6d66"
last-modified: Thu, 14 Nov 2024 14:11:03 GMT
paypal-debug-id: 597d019c9ad73
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000597d019c9ad73-44f53da5842ca2ea-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10073-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 9, 2
x-timer: S1733754498.653009,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 10505
GET

https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Book.woff2

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Book.woff2 HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
etag: "66a3cfaf-6d55"
last-modified: Fri, 26 Jul 2024 16:32:47 GMT
paypal-debug-id: 47aad06552b85
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000047aad06552b85-0d6e339f3e66cdfa-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000124-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 62, 5769
x-timer: S1733754498.653114,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 27989
GET

https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Black.woff2

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Black.woff2 HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
etag: "66a3cfaf-67bf"
last-modified: Fri, 26 Jul 2024 16:32:47 GMT
paypal-debug-id: fbef60f83c3f3
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000fbef60f83c3f3-a8d207dfbfa2d5b2-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc10039-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 61, 4008
x-timer: S1733754498.653026,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 26559
GET

https://www.paypalobjects.com/globalnav/js/main-6bedacaf.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /globalnav/js/main-6bedacaf.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-28a5a"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: 64989a30de18a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000064989a30de18a-3cde8faa1ca4fb2a-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000090-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 3387
x-timer: S1733754498.653617,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 53394
GET

https://www.paypalobjects.com/globalnav/js/main-fbf73d19.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /globalnav/js/main-fbf73d19.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-181413"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: 6bdd84688c6fb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006bdd84688c6fb-193b3b8bda302816-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:17 GMT
x-served-by: cache-sjc1000143-SJC, cache-lcy-eglc8600096-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1733754498.652321,VS0,VE2
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 430590
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/HeroRebrand-c6ea945e.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/HeroRebrand-c6ea945e.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-5b"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: 8d40a3ebb350b
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000008d40a3ebb350b-459de671ee2309d0-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10020-SJC, cache-lcy-eglc8600096-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 3250
x-timer: S1733754498.116724,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 79
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/TextSectionType-3d3a57bb.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/TextSectionType-3d3a57bb.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-37d4"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: d5e87ec13c7b9
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d5e87ec13c7b9-1b5ad79fb8c55ee9-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10060-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1733754498.116262,VS0,VE2
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 3715
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/FeatureColumnType-366e00d9.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/FeatureColumnType-366e00d9.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-5b"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: 5ee492bbf058a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005ee492bbf058a-14130ef13a11d2a6-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000136-SJC, cache-lcy-eglc8600096-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 382
x-timer: S1733754498.118848,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 79
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/TruncatedTextGroup-4d4b7e76-e4574189.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/TruncatedTextGroup-4d4b7e76-e4574189.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-30b"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: c197e4b0c4bc8
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c197e4b0c4bc8-f4a612e48b228536-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10078-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 10, 0
x-timer: S1733754498.118313,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 411
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/CardWrappedContentSection-92fdf6fe.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/CardWrappedContentSection-92fdf6fe.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-e15"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: d621de9559f79
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d621de9559f79-8a93ae9b9178d963-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10069-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 0
x-timer: S1733754498.118262,VS0,VE2
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1481
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/SplitSectionType-7e65ff86.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/SplitSectionType-7e65ff86.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-13c"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: df62259ef03f6
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000df62259ef03f6-2ce3d99188674e2f-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10065-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 1160, 2
x-timer: S1733754498.120135,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 212
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/FaqType-3b0cc31c.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/FaqType-3b0cc31c.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-5b"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: bae6a20f48f20
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000bae6a20f48f20-21c91b07e0580f8f-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000144-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 0
x-timer: S1733754498.119905,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 78
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/RelatedContentType-22d5c010.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/RelatedContentType-22d5c010.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-932"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: 5f9e55694b8c8
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005f9e55694b8c8-7a53e19edc70bf5b-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000086-SJC, cache-lcy-eglc8600096-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 927
x-timer: S1733754498.134475,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 773
GET

https://www.paypalobjects.com/ppcmsnodeweb/core/CtaClosingRebrand-a0b06056.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /ppcmsnodeweb/core/CtaClosingRebrand-a0b06056.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=31536000
content-encoding: br
content-type: application/javascript
etag: W/"673b8e35-5b"
last-modified: Mon, 18 Nov 2024 18:57:57 GMT
paypal-debug-id: a281c0313fc76
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a281c0313fc76-c65cb0e8926c54ab-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10058-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 0
x-timer: S1733754498.134298,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 80
GET

https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /martech/tm/paypal/mktgtagmanager.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"67042d91-3eb4"
last-modified: Mon, 07 Oct 2024 18:50:57 GMT
paypal-debug-id: 6d094eca696e8
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006d094eca696e8-26c35fad44a6c71b-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10061-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 48961
x-timer: S1733754498.212507,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 6260
GET

https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /pa/mi/paypal/latmconf.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"6735ac2d-3ac5"
last-modified: Thu, 14 Nov 2024 07:52:13 GMT
paypal-debug-id: 4a5c7ab567ecb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000004a5c7ab567ecb-13d9b30c4f6832d7-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000117-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 14, 48935
x-timer: S1733754498.215351,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 4124
GET

https://www.paypalobjects.com/martech/tm/paypal/mktconf.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /martech/tm/paypal/mktconf.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"673b68e7-8e2a9"
last-modified: Mon, 18 Nov 2024 16:18:47 GMT
paypal-debug-id: 698c04c8af694
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000698c04c8af694-4b1a0375f258552f-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc1000113-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 21, 48900
x-timer: S1733754498.290054,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 32381
GET

https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /paypal-ui/fonts/PayPalOpen-Regular.woff2 HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-methods: GET
cache-control: s-maxage=31536000, public,max-age=31536000
etag: "6298f2c0-6b41"
last-modified: Thu, 02 Jun 2022 17:26:24 GMT
paypal-debug-id: 428a6bea2bb89
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000428a6bea2bb89-72820685982bda3e-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10020-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 14, 33214
x-timer: S1733754499.664083,VS0,VE0
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 27457
GET

https://www.paypalobjects.com/martech/tm/paypal/3pjs/adobe/alloy.min.js

chrome.exe

Remote address:

151.101.3.1:443

Request

GET /martech/tm/paypal/3pjs/adobe/alloy.min.js HTTP/2.0
host: www.paypalobjects.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.paypal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-type: application/javascript
etag: W/"66f1ab0e-1cdcf"
last-modified: Mon, 23 Sep 2024 17:53:18 GMT
paypal-debug-id: 079aeba58be91
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000079aeba58be91-36d1ca83966613a4-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Dec 2024 14:28:18 GMT
x-served-by: cache-sjc10022-SJC, cache-lcy-eglc8600096-LCY
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1733754499.664215,VS0,VE1
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 35160
DNS

browser-intake-us5-datadoghq.com

chrome.exe

Remote address:

8.8.8.8:53

Request

browser-intake-us5-datadoghq.com

IN A

Response

browser-intake-us5-datadoghq.com

IN A

34.149.66.134
POST

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=33f75f17-5c19-47f1-ac6c-8c09a0af302b&batch_time=1733754497546

chrome.exe

Remote address:

34.149.66.134:443

Request

POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=33f75f17-5c19-47f1-ac6c-8c09a0af302b&batch_time=1733754497546 HTTP/2.0
host: browser-intake-us5-datadoghq.com
content-length: 15694
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.paypal.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=df33e8ad-a422-4fa3-aace-a3d1b6333834&batch_time=1733754497653

chrome.exe

Remote address:

34.149.66.134:443

Request

POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=df33e8ad-a422-4fa3-aace-a3d1b6333834&batch_time=1733754497653 HTTP/2.0
host: browser-intake-us5-datadoghq.com
content-length: 15952
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.paypal.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=2c0ac2ba-7bbe-4de2-84d5-b80ed591f843&batch_time=1733754498231

chrome.exe

Remote address:

34.149.66.134:443

Request

POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=2c0ac2ba-7bbe-4de2-84d5-b80ed591f843&batch_time=1733754498231 HTTP/2.0
host: browser-intake-us5-datadoghq.com
content-length: 15961
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.paypal.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

71.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.31.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

227.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.187.250.142.in-addr.arpa

IN PTR

Response

227.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f31e100net
DNS

1.3.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.3.101.151.in-addr.arpa

IN PTR

Response
DNS

134.66.149.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.66.149.34.in-addr.arpa

IN PTR

Response

134.66.149.34.in-addr.arpa

IN PTR

1346614934bcgoogleusercontentcom
DNS

t.paypal.com

chrome.exe

Remote address:

8.8.8.8:53

Request

t.paypal.com

IN A

Response

t.paypal.com

IN CNAME

t.glb.paypal.com

t.glb.paypal.com

IN CNAME

cs1150.wpc.betacdn.net

cs1150.wpc.betacdn.net

IN A

192.229.221.25
GET

https://t.paypal.com/ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&calc=f889645f26f7b&rsta=en_US&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&lgin=out&lgcook=0&server=origin&pageurl=%2Fdigital-wallet%2Fbuyer-purchase-protection&fcp=1531.000&fcp_attr=%7B%22timeToFirstByte%22%3A%221114.000%22%2C%22firstByteToFCP%22%3A%22417.000%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%221531.000%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22good%22%7D&e=cwv

chrome.exe

Remote address:

192.229.221.25:443

Request

GET /ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&calc=f889645f26f7b&rsta=en_US&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&lgin=out&lgcook=0&server=origin&pageurl=%2Fdigital-wallet%2Fbuyer-purchase-protection&fcp=1531.000&fcp_attr=%7B%22timeToFirstByte%22%3A%221114.000%22%2C%22firstByteToFCP%22%3A%22417.000%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%221531.000%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22good%22%7D&e=cwv HTTP/2.0
host: t.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: tsrce=privacynodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODI1NyIsImwiOiIwIiwibSI6IjAifQ
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial

Response

HTTP/2.0 200

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
correlation-id: ebb4d83161921
date: Mon, 09 Dec 2024 14:28:18 GMT
expires: Mon, 09 Dec 2024 14:28:18 GMT
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ebb4d83161921
pragma: no-cache
server: ECAcc (lhd/3589)
server-timing: traceparent;desc="00-0000000000000000000ebb4d83161921-58a6985e8a4ecd13-01"
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew;Expires=Tue, 09 Dec 2025 14:28:18 GMT;domain=.paypal.com;path=/;secure;HttpOnly;SameSite=None;
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6;Expires=Tue, 09 Dec 2025 14:28:18 GMT;domain=.paypal.com;path=/;secure;SameSite=None;
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000ebb4d83161921-366f4c8e2e00c538-01
vary: Accept-Encoding
GET

https://t.paypal.com/ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=110041%2C109128%2C105410%2C105409%2C104759%2C109059%2C104407&xt=148500%2C143659%2C123956%2C123954%2C120842%2C143369%2C119038&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&api_name=cookieBanner&displaypage=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&userstate=ENG&usercountry=GB&stateaccuracy=60&countryaccuracy=99&loggedin=false&event_name=cookie_banner_shown&product=cookieBanner&e=ac

chrome.exe

Remote address:

192.229.221.25:443

Request

GET /ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=110041%2C109128%2C105410%2C105409%2C104759%2C109059%2C104407&xt=148500%2C143659%2C123956%2C123954%2C120842%2C143369%2C119038&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&api_name=cookieBanner&displaypage=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&userstate=ENG&usercountry=GB&stateaccuracy=60&countryaccuracy=99&loggedin=false&event_name=cookie_banner_shown&product=cookieBanner&e=ac HTTP/2.0
host: t.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: enforce_policy=ccpa
cookie: LANG=en_US%3BUS
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: tsrce=privacynodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODI1NyIsImwiOiIwIiwibSI6IjAifQ
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial

Response

HTTP/2.0 200

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
correlation-id: ad252e486b6a1
date: Mon, 09 Dec 2024 14:28:18 GMT
expires: Mon, 09 Dec 2024 14:28:18 GMT
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ad252e486b6a1
pragma: no-cache
server: ECAcc (lhd/35F4)
server-timing: traceparent;desc="00-0000000000000000000ad252e486b6a1-58c37611865b8370-01"
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew;Expires=Tue, 09 Dec 2025 14:28:18 GMT;domain=.paypal.com;path=/;secure;HttpOnly;SameSite=None;
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6;Expires=Tue, 09 Dec 2025 14:28:18 GMT;domain=.paypal.com;path=/;secure;SameSite=None;
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000ad252e486b6a1-4cc0f95d1f66d808-01
vary: Accept-Encoding
GET

https://t.paypal.com/ts?v=1.9.5&t=1733754498618&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2538%2C%22tcp%22%3A1531%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A209%7D&pt=PayPal%20Purchase%20Protection%20%7C%20Protection%20for%20Buyers%20%7C%20PayPal%20US&cd=24&sw=1280&sh=720&dw=1280&dh=720&bw=1280&bh=593&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=540&t3=18&t4d=0&t4=0&t4e=0&tt=2329&rdc=1&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=346

chrome.exe

Remote address:

192.229.221.25:443

Request

GET /ts?v=1.9.5&t=1733754498618&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2538%2C%22tcp%22%3A1531%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A209%7D&pt=PayPal%20Purchase%20Protection%20%7C%20Protection%20for%20Buyers%20%7C%20PayPal%20US&cd=24&sw=1280&sh=720&dw=1280&dh=720&bw=1280&bh=593&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=540&t3=18&t4d=0&t4=0&t4e=0&tt=2329&rdc=1&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=346 HTTP/2.0
host: t.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: ts=vreXpYrS%3D1765290498%26vteXpYrS%3D1733756298%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
cookie: tsrce=smartchatnodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODU3MSIsImwiOiIwIiwibSI6IjAifQ

Response

HTTP/2.0 200

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
correlation-id: bf86dd1489da8
date: Mon, 09 Dec 2024 14:28:19 GMT
expires: Mon, 09 Dec 2024 14:28:19 GMT
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: bf86dd1489da8
pragma: no-cache
server: ECAcc (lhd/35FA)
server-timing: traceparent;desc="00-0000000000000000000bf86dd1489da8-f3e021a4d66b7d4c-01"
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1765290499%26vteXpYrS%3D1733756299%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew;Expires=Tue, 09 Dec 2025 14:28:19 GMT;domain=.paypal.com;path=/;secure;HttpOnly;SameSite=None;
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6;Expires=Tue, 09 Dec 2025 14:28:19 GMT;domain=.paypal.com;path=/;secure;SameSite=None;
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000bf86dd1489da8-043e9e24bc23e305-01
vary: Accept-Encoding
GET

https://t.paypal.com/ts?v=1.9.5&t=1733754499626&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=t_paypal_cpl&t1=6&t1c=0&t1d=0&t1s=0&t2=180&t3=0&tt=182&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A6%2C%22t11%22%3A182%2C%22nt%22%3A%22res%22%7D&e=pf

chrome.exe

Remote address:

192.229.221.25:443

Request

GET /ts?v=1.9.5&t=1733754499626&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=t_paypal_cpl&t1=6&t1c=0&t1d=0&t1s=0&t2=180&t3=0&tt=182&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A6%2C%22t11%22%3A182%2C%22nt%22%3A%22res%22%7D&e=pf HTTP/2.0
host: t.paypal.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.paypal.com/us/digital-wallet/buyer-purchase-protection
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: LANG=en_US%3BUS
cookie: enforce_policy=ccpa
cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6
cookie: l7_az=dcg04.phx
cookie: cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
cookie: tsrce=smartchatnodeweb
cookie: x-pp-s=eyJ0IjoiMTczMzc1NDQ5ODU3MSIsImwiOiIwIiwibSI6IjAifQ
cookie: ts=vreXpYrS%3D1765290499%26vteXpYrS%3D1733756299%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew

Response

HTTP/2.0 200

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
correlation-id: d49372f5af11c
date: Mon, 09 Dec 2024 14:28:20 GMT
expires: Mon, 09 Dec 2024 14:28:20 GMT
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d49372f5af11c
pragma: no-cache
server: ECAcc (lhd/35B7)
server-timing: traceparent;desc="00-0000000000000000000d49372f5af11c-4be9b9bda4eb319b-01"
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1765290500%26vteXpYrS%3D1733756300%26vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6%26vtyp%3Dnew;Expires=Tue, 09 Dec 2025 14:28:20 GMT;domain=.paypal.com;path=/;secure;HttpOnly;SameSite=None;
set-cookie: ts_c=vr%3Dabd226fc1930ad10203fb8edf5df73b7%26vt%3Dabd226fc1930ad10203fb8edf5df73b6;Expires=Tue, 09 Dec 2025 14:28:20 GMT;domain=.paypal.com;path=/;secure;SameSite=None;
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000d49372f5af11c-bee72d7a39eeedb6-01
vary: Accept-Encoding
DNS

www.recaptcha.net

chrome.exe

Remote address:

8.8.8.8:53

Request

www.recaptcha.net

IN A

Response

www.recaptcha.net

IN A

142.250.178.3
GET

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

chrome.exe

Remote address:

142.250.178.3:443

Request

GET /recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=rf0xqj9cmxv8

chrome.exe

Remote address:

142.250.178.3:443

Request

GET /recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=rf0xqj9cmxv8 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2

chrome.exe

Remote address:

142.250.178.3:443

Request

GET /recaptcha/enterprise/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2 HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: worker
referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=rf0xqj9cmxv8
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

216.58.212.234

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

216.58.212.202

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

172.217.169.10

content-autofill.googleapis.com

IN A

142.250.187.202
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk6LvSEmV-UxxIFDVNaR8Uhpin292XaDbA=?alt=proto

chrome.exe

Remote address:

142.250.187.234:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk6LvSEmV-UxxIFDVNaR8Uhpin292XaDbA=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CJGXywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

25.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.221.229.192.in-addr.arpa

IN PTR

Response
DNS

3.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.178.250.142.in-addr.arpa

IN PTR

Response

3.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f31e100net
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
GET

https://www.google.com/js/bg/Xe7AbhhPfZcEikoNmhghBXAEhOusDIBKWKS_roS4Q7E.js

chrome.exe

Remote address:

142.250.187.196:443

Request

GET /js/bg/Xe7AbhhPfZcEikoNmhghBXAEhOusDIBKWKS_roS4Q7E.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CJGXywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.recaptcha.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

234.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.187.250.142.in-addr.arpa

IN PTR

Response

234.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f101e100net
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net

151.101.1.21:443

https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

tls, http2

chrome.exe

9.2kB
71.0kB
45
72

HTTP Request

GET https://www.paypal.com/us/webapps/mpp/paypal-safety-and-security?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000186&utm_unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&ppid=RT000186&cnac=US&rsta=en_US%28en-US%29&unptid=3583acda-acd8-11ef-8b1e-7d231ea39775&calc=f35732450afb5&unp_tpcid=requestmoney-notifications-requestee&page=main%3Aemail%3ART000186&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&tenant_name=&xt=145585%2C150948%2C104038&link_ref=mpp_paypal-safety-and-security

HTTP Response

301

HTTP Request

GET https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

HTTP Response

200

HTTP Request

GET https://www.paypal.com/auth/createchallenge/f2f744a37bc919bd/recaptchav3.js?_sessionID=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N

HTTP Response

200

HTTP Request

GET https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=paypal&tenantData={}

HTTP Request

GET https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/us/digital-wallet/buyer-purchase-protection

HTTP Request

GET https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=pageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://www.paypal.com/auth/verifygrcenterprise

HTTP Response

200

HTTP Request

GET https://www.paypal.com/myaccount/privacy/cookieprefs/cookies?eventSource=afterPageLoad&page=main:mktg:personal:product:digital-wallet-buyer-purchase-protection:::&component=ppcmsnodeweb&eventSourceUrl=https://www.paypal.com/us/digital-wallet/buyer-purchase-protection

HTTP Response

200
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.1kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.1kB
4.8kB
9
10
151.101.3.1:443

https://www.paypalobjects.com/webstatic/icon/favicon.ico

tls, http2

chrome.exe

9.2kB
259.5kB
146
217

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/helpers-a2443dbd.css

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/Hero-0a33112e.css

HTTP Request

GET https://www.paypalobjects.com/globalnav/css/main-f4a6edf8.css

HTTP Request

GET https://www.paypalobjects.com/globalnav/css/main-422a4145.css

HTTP Request

GET https://www.paypalobjects.com/marketing/web23/us/en/ppe/buyer-purchase-protection/hero_size-tablet-up.jpg?quality=75&width=1500&format=webp

HTTP Request

GET https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/FeatureColumn-fff7a1f0.css

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CardWrappedContentSection-33d0232e.css

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/component-chunks/CtaSection-eeefabf6.css

HTTP Request

GET https://www.paypalobjects.com/ncs/ncs.js

HTTP Request

GET https://www.paypalobjects.com/marketing/web/logos/paypal-mark-color_new.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/ncs/paypal/mapping.js

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/pa/js/min/pa.js

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg

HTTP Request

GET https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/webstatic/icon/pp32.png

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/webstatic/icon/favicon.ico

HTTP Response

200
151.101.3.1:443

https://www.paypalobjects.com/martech/tm/paypal/3pjs/adobe/alloy.min.js

tls, http2

chrome.exe

18.0kB
755.9kB
331
576

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/core-64559002.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/datadog-b1cfe729.js

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Bold.woff2

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Book.woff2

HTTP Request

GET https://www.paypalobjects.com/marketing/pp-com-components/fonts/SupremeLLTestSubWeb-Black.woff2

HTTP Request

GET https://www.paypalobjects.com/globalnav/js/main-6bedacaf.js

HTTP Request

GET https://www.paypalobjects.com/globalnav/js/main-fbf73d19.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/HeroRebrand-c6ea945e.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/TextSectionType-3d3a57bb.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/FeatureColumnType-366e00d9.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/TruncatedTextGroup-4d4b7e76-e4574189.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/CardWrappedContentSection-92fdf6fe.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/SplitSectionType-7e65ff86.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/FaqType-3b0cc31c.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/RelatedContentType-22d5c010.js

HTTP Request

GET https://www.paypalobjects.com/ppcmsnodeweb/core/CtaClosingRebrand-a0b06056.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/martech/tm/paypal/mktgtagmanager.js

HTTP Request

GET https://www.paypalobjects.com/pa/mi/paypal/latmconf.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/martech/tm/paypal/mktconf.js

HTTP Response

200

HTTP Request

GET https://www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2

HTTP Request

GET https://www.paypalobjects.com/martech/tm/paypal/3pjs/adobe/alloy.min.js

HTTP Response

200

HTTP Response

200
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.1kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
10
9
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.8kB
9
10
151.101.3.1:443

www.paypalobjects.com

tls

chrome.exe

1.0kB
4.7kB
9
8
34.149.66.134:443

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=2c0ac2ba-7bbe-4de2-84d5-b80ed591f843&batch_time=1733754498231

tls, http2

chrome.exe

51.8kB
6.8kB
50
43

HTTP Request

POST https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=33f75f17-5c19-47f1-ac6c-8c09a0af302b&batch_time=1733754497546

HTTP Request

POST https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=df33e8ad-a422-4fa3-aace-a3d1b6333834&batch_time=1733754497653

HTTP Request

POST https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.24.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Appcmsnodeweb&dd-api-key=pubc2ea00ebdaf6a0f6395d8d4d458f2802&dd-evp-origin-version=5.24.0&dd-evp-origin=browser&dd-request-id=2c0ac2ba-7bbe-4de2-84d5-b80ed591f843&batch_time=1733754498231
192.229.221.25:443

https://t.paypal.com/ts?v=1.9.5&t=1733754499626&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=t_paypal_cpl&t1=6&t1c=0&t1d=0&t1s=0&t2=180&t3=0&tt=182&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A6%2C%22t11%22%3A182%2C%22nt%22%3A%22res%22%7D&e=pf

tls, http2

chrome.exe

6.2kB
12.1kB
18
19

HTTP Request

GET https://t.paypal.com/ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&calc=f889645f26f7b&rsta=en_US&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&lgin=out&lgcook=0&server=origin&pageurl=%2Fdigital-wallet%2Fbuyer-purchase-protection&fcp=1531.000&fcp_attr=%7B%22timeToFirstByte%22%3A%221114.000%22%2C%22firstByteToFCP%22%3A%22417.000%22%2C%22fcpEntry%22%3A%7B%22name%22%3A%22first-contentful-paint%22%2C%22entryType%22%3A%22paint%22%2C%22startTime%22%3A%221531.000%22%2C%22duration%22%3A0%7D%2C%22rating%22%3A%22good%22%7D&e=cwv

HTTP Request

GET https://t.paypal.com/ts?v=1.9.5&t=1733754497838&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=110041%2C109128%2C105410%2C105409%2C104759%2C109059%2C104407&xt=148500%2C143659%2C123956%2C123954%2C120842%2C143369%2C119038&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&api_name=cookieBanner&displaypage=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&ppage=privacy_banner&bannertype=cookiebanner&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&eligibility_reason=true&is_native=false&cookie_disabled=false&userstate=ENG&usercountry=GB&stateaccuracy=60&countryaccuracy=99&loggedin=false&event_name=cookie_banner_shown&product=cookieBanner&e=ac

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://t.paypal.com/ts?v=1.9.5&t=1733754498618&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=ppcom_page_viewed&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A2538%2C%22tcp%22%3A1531%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A209%7D&pt=PayPal%20Purchase%20Protection%20%7C%20Protection%20for%20Buyers%20%7C%20PayPal%20US&cd=24&sw=1280&sh=720&dw=1280&dh=720&bw=1280&bh=593&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=540&t3=18&t4d=0&t4=0&t4e=0&tt=2329&rdc=1&protocol=h2&cenc=gzip&cdn=fastly&res=%7B%7D&rtt=346

HTTP Response

200

HTTP Request

GET https://t.paypal.com/ts?v=1.9.5&t=1733754499626&g=0&pgrp=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection&page=main%3Amktg%3Apersonal%3Aproduct%3Adigital-wallet-buyer-purchase-protection%3A%3A%3A&pgst=1733754497128&calc=f889645f26f7b&nsid=1_Bje1kRQmxCTkn7fu-zqTI1PzFW3L-N&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=6809cd1150dc4c20abb7b9c84d6e3092&comp=ppcmsnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=107814%2C110460%2C110461%2C107911%2C109112%2C109922&xt=147536%2C150921%2C150925%2C139669%2C143574%2C147959&pp_ref_id=d8afae6a-ee62-41fb-a0e9-6c3432f5fd7e&pgsf=personal&bzsr=main&lgin=out&page_type=ecm&shir=main_mktg_personal_product&pros=1&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&page_segment=consumer&user_props=cu%2Cxe%2Cxt&lgcook=0&server=origin&space_key=SKDENK&event_name=t_paypal_cpl&t1=6&t1c=0&t1d=0&t1s=0&t2=180&t3=0&tt=182&protocol=h2&cdn=edgecast&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A6%2C%22t11%22%3A182%2C%22nt%22%3A%22res%22%7D&e=pf

HTTP Response

200
192.229.221.25:443

t.paypal.com

tls

chrome.exe

1.6kB
8.4kB
9
10
142.250.178.3:443

https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en

tls, http2

chrome.exe

1.9kB
15.7kB
15
20

HTTP Request

GET https://www.recaptcha.net/recaptcha/enterprise.js?render=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&hl=en
142.250.178.3:443

https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2

tls, http2

chrome.exe

3.9kB
46.9kB
45
46

HTTP Request

GET https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cHM6Ly93d3cucGF5cGFsLmNvbTo0NDM.&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=rf0xqj9cmxv8

HTTP Request

GET https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2
142.250.187.234:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk6LvSEmV-UxxIFDVNaR8Uhpin292XaDbA=?alt=proto

tls, http2

chrome.exe

1.8kB
6.6kB
15
13

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk6LvSEmV-UxxIFDVNaR8Uhpin292XaDbA=?alt=proto
142.250.187.196:443

https://www.google.com/js/bg/Xe7AbhhPfZcEikoNmhghBXAEhOusDIBKWKS_roS4Q7E.js

tls, http2

chrome.exe

1.9kB
14.4kB
15
17

HTTP Request

GET https://www.google.com/js/bg/Xe7AbhhPfZcEikoNmhghBXAEhOusDIBKWKS_roS4Q7E.js

8.8.8.8:53

www.paypal.com

dns

chrome.exe

60 B
189 B
1
1

DNS Request

www.paypal.com

DNS Response

151.101.1.21

151.101.129.21

151.101.193.21

151.101.65.21
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

21.1.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

21.1.101.151.in-addr.arpa
8.8.8.8:53

10.213.58.216.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

10.213.58.216.in-addr.arpa
8.8.8.8:53

www.paypalobjects.com

dns

chrome.exe

67 B
207 B
1
1

DNS Request

www.paypalobjects.com

DNS Response

151.101.3.1

151.101.195.1

151.101.67.1

151.101.131.1
8.8.8.8:53

browser-intake-us5-datadoghq.com

dns

chrome.exe

78 B
94 B
1
1

DNS Request

browser-intake-us5-datadoghq.com

DNS Response

34.149.66.134
8.8.8.8:53

71.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

71.31.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

227.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.187.250.142.in-addr.arpa
8.8.8.8:53

1.3.101.151.in-addr.arpa

dns

70 B
130 B
1
1

DNS Request

1.3.101.151.in-addr.arpa
8.8.8.8:53

134.66.149.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

134.66.149.34.in-addr.arpa
8.8.8.8:53

t.paypal.com

dns

chrome.exe

58 B
130 B
1
1

DNS Request

t.paypal.com

DNS Response

192.229.221.25
8.8.8.8:53

www.recaptcha.net

dns

chrome.exe

63 B
79 B
1
1

DNS Request

www.recaptcha.net

DNS Response

142.250.178.3
34.149.66.134:443

browser-intake-us5-datadoghq.com

https

chrome.exe

10.1kB
4.5kB
13
12
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
333 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.187.234

216.58.212.234

142.250.200.42

172.217.169.74

142.250.200.10

216.58.204.74

216.58.201.106

172.217.169.42

142.250.179.234

216.58.213.10

172.217.16.234

142.250.178.10

216.58.212.202

142.250.180.10

172.217.169.10

142.250.187.202
8.8.8.8:53

25.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

25.221.229.192.in-addr.arpa
8.8.8.8:53

3.178.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.178.250.142.in-addr.arpa
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
142.250.178.3:443

www.recaptcha.net

https

chrome.exe

26.9kB
21.5kB
40
40
8.8.8.8:53

234.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.187.250.142.in-addr.arpa
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c719a2c88d5b53f0c22c209ec849016e

SHA1
088d21f38d2d2287268b2a998b3e235ca149d770

SHA256
745c276cac774ef818229faa7046d9227d8e60094ab8271190d6f6c3c1ebda8e

SHA512
d2361436173adcd5b92428f2f31e18b1d649cad4fde6ab2ec695a230f872c573df7c8e52df7853d1455fb6502f90ca47c239ff2b28646b528ef9f6e6c8bbb9cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request