HTTP Headers Analysis for https://developer.paypal.com

Detected Technologies from Headers

See all in URL Inspect 16

PayPal

YouTube

Algolia

Braintree

CHEQ Control & Compliance

Cloudflare CDN

Datadog

Demandbase

Google Analytics

Google Fonts

Google reCAPTCHA

Google Search

Google Static File Front End

Qualtrics

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Basic

base-uri; connect-src; default-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

ch-ua-platform-version=(self "https://c.paypal.com"), ch-ua-arch=(self "https://c.paypal.com"), ch-ua-wow64=(self "https://c.paypal.com"); +4 more

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding

Caching Headers

Cache-Control

Caching

max-age=0, no-cache, no-store, must-revalidate

cache-control: max-age=0, no-cache, no-store, must-revalidate

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

Access-Control-Expose-Headers

Cors

Server-Timing

access-control-expose-headers: Server-Timing

Cookies Headers

Set-Cookie

Cookies

set-cookie: XSRF-TOKEN=mP9VIUWXdOfkaoecuT4RrekUB7QHU%2F5%2B%2Byebk%3D; Path=/
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Thu, 07 May 2026 07:21:13 GMT; HttpOnly; Secure
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Thu, 07 May 2026 07:21:13 GMT; HttpOnly; Secure
cookie_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Thu, 06 May 2027 22:35:17 GMT; Secure
tsrce=devdiscoverynodeweb; Domain=.paypal.com; Path=/; Expires=Sat, 09 May 2026 22:35:17 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3A8uJqb2HbAn2bhJJ0dbevvhaD1uZSi1xi.MwLDOwyFncVQQnrVApZPwoh62h%2FZoRWJUoZJScShpCU; Path=/; HttpOnly; Secure
ts=vreXpYrS%3D1809642917%26vteXpYrS%3D1778108717%26vr%3Dff6e628719d647e089360989ffb0d957%26vt%3Dff6e628719d647e089360989ffb0d956%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 06 May 2027 22:35:17 GMT; HttpOnly; Secure
ts_c=vr%3Dff6e628719d647e089360989ffb0d957%26vt%3Dff6e628719d647e089360989ffb0d956; Path=/; Domain=paypal.com; Expires=Thu, 06 May 2027 22:35:17 GMT; Secure
__cf_bm=.e8o.e_dpm.faE5BVq6Lor4vvseT8H9eZ3mHm7oIT18-1778106917.4004169-1.0.1.1-ooh6B9RQ0YfDplvvLVe6U5QLESALgHTXAB2fwd2GJk0avo88ezcS57JXbpul3t1lMz_h5Pl12AjW6thSuX.9OaFuTCgKR2PsSZgfhxjk3WyeVI_nO6Pr9frCyRkjTFnV; HttpOnly; Secure; Path=/; Domain=developer.paypal.com; Expires=Wed, 06 May 2026 23:05:17 GMT

Other Headers

Accept-Ch

Other

sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9f7b7509baa1d6ff-IAD

Date

Other

Wed, 06 May 2026 22:35:17 GMT

Origin-Trial

Other

AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==

Paypal-Debug-Id

Other

a690f1c04ffbb

Pp-Border

Other

ccg13bdrf5-6.ccg13.slc.paypalinc.com

Server-Timing

Other

traceparent;desc="00-0000000000000000000a690f1c04ffbb-2dc9c794b0c01ad8-01"

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
cf-cache-status: DYNAMIC
cf-ray: 9f7b7509baa1d6ff-IAD
date: Wed, 06 May 2026 22:35:17 GMT
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: a690f1c04ffbb
pp-border: ccg13bdrf5-6.ccg13.slc.paypalinc.com
server-timing: traceparent;desc="00-0000000000000000000a690f1c04ffbb-2dc9c794b0c01ad8-01"

Recommendations

Enable compression (gzip/brotli) to improve performance