For support with specific websites
Moderator: trava90
Forum rules
Please
always mention the name/domain of the website in question in your topic title.
Please one website per topic thread (to help keep things organized). While behavior on different sites might at first glance seem similar, they are not necessarily caused by the same.
Please try to include any relevant output from the Toolkit Error Console or the Developer Tools Web Console using the following procedure:
- Clear any current output
- Navigate or refresh the page in question
- Copy and paste Errors or seemingly relevant Warnings into a single [ code ] block.
-
ko567
- Apollo supporter
- Posts: 39
- Joined: 2019-09-18, 22:04
Post
by ko567 » 2025-08-29, 15:50
I'd appreciate some help with this paypal issue, which I've been having with PM for a long time,
and it's forcing me to use Firefox. (The issue seems to have something to do with captcha.)
Browser console output:
Code: Select all
POST
XHR
https://www.paypal.com/xoplatform/logger/api/logger [0ms]
POST
XHR
https://www.paypal.com/xoplatform/logger/api/logger [0ms]
GET
XHR
https://t.paypal.com/ts [0ms]
GET
XHR
https://t.paypal.com/ts [0ms]
POST
XHR
https://browser-intake-us5-datadoghq.com/api/v2/rum [0ms]
POST
https://browser-intake-us5-datadoghq.com/api/v2/rum [HTTP/2.0 202 Accepted 84ms]
POST
XHR
https://www.paypal.com/xoplatform/logger/api/logger/ [0ms]
POST
XHR
https://www.paypal.com/xoplatform/logger/api/logger/ [0ms]
POST
https://www.paypal.com/platform/tealeaftarget [HTTP/2.0 200 OK 131ms]
GET
https://www.paypal.com/checkoutweb/fallback/ [HTTP/2.0 302 Found 266ms]
POST
XHR
https://www.paypal.com/mtr/1a7c3460cd8c343771081839499ed7a0 [HTTP/2.0 200 OK 179ms]
POST
XHR
https://www.paypal.com/identity/di/signal [HTTP/2.0 201 Created 207ms]
GET
https://www.paypal.com/checkoutweb/genericError [HTTP/2.0 200 OK 413ms]
OPTIONS
XHR
https://ddbm2.paypal.com/js/ [HTTP/2.0 200 OK 17ms]
POST
XHR
https://ddbm2.paypal.com/js/ [HTTP/2.0 200 OK 21ms]
POST
https://browser-intake-us5-datadoghq.com/api/v2/rum [HTTP/2.0 202 Accepted 80ms]
POST
XHR
https://www.paypal.com/xoplatform/logger/api/logger/ [HTTP/2.0 200 OK 149ms]
Content Security Policy: Ignoring “'unsafe-inline'” within script-src: nonce-source or hash-source specified
(unknown)
Content Security Policy: Ignoring “'unsafe-inline'” within style-src: nonce-source or hash-source specified
(unknown)
GET
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js [HTTP/2.0 200 OK 0ms]
Headers
Response
X-Firefox-Spdyh2access-control-allow-headersx-csrf-tokenaccess-control-allow-methodsGETaccess-control-allow-origin*age170cache-controls-maxage=31536000, public,max-age=3600cf-cache-statusHITcf-ray976d0abd59e6f78f-EWRcontent-encodingbrcontent-typeapplication/javascriptdateFri, 29 Aug 2025 15:22:06 GMTdcccg11-origin-www-1.paypal.cometagW/"6697f682-5a55"last-modifiedWed, 17 Jul 2024 16:51:14 GMTpaypal-debug-id652431df1e305pp-borderccg01bdrf5-7.ccg01.phx.paypalinc.comservercloudflarestrict-transport-securitymax-age=31536000; includeSubDomains; preloadtiming-allow-originhttps://www.paypal.com,https://www.sandbox.paypal.comvaryAccept-Encoding, Accept-Encodingx-content-type-optionsnosniff
Accept*/*Accept-Encodinggzip, deflate, brAccept-Languageen-US,en;q=0.5Connectionkeep-aliveHostwww.paypalobjects.comRefererhttps://www.paypal.com/checkoutweb/genericError?token=EC-33L359413E145873J&code=UkVUUlk%3DSec-Fetch-DestscriptSec-Fetch-Modeno-corsSec-Fetch-Sitecross-siteSec-GPC1User-AgentMozilla/5.0 (X11; FreeBSD amd64; rv:128.0) Gecko/20100101 Goanna/6.7 Firefox/128.0 PaleMoon/33.8.1.2
-
UCyborg
- Astronaut
- Posts: 539
- Joined: 2019-01-10, 09:37
- Location: Slovenia
Post
by UCyborg » 2025-09-30, 18:43
The WWW keeps degrading. Before even getting to the login form, it presents a challenge where you either have to move the slider to the right or input the numbers you hear on the audio. After getting past, it just says "You have been blocked. We couldn’t load the security challenge.".
-
UCyborg
- Astronaut
- Posts: 539
- Joined: 2019-01-10, 09:37
- Location: Slovenia
Post
by UCyborg » 2025-09-30, 21:49
5 hours later and it works without presenting any challenges. The wonders.
-
parpfish3
- Newbie
- Posts: 5
- Joined: 2025-10-22, 19:21
Post
by parpfish3 » 2025-10-22, 19:32
Old user (prev. parpfish II, now parpfish3 -- old email address, so presumably missed something and account deleted?) - so had to re-register.
Just FYI, as of today, I've just got a very similar issue when logging into Paypal (they may have changed something very recently, as this didn't happen last night).
When I go to the login page:
https://www.paypal.com/signin/
I get ....
You have been blocked.
We couldn’t load the security challenge.
Name Pale Moon
Version 33.9.0.1 (64-bit)
Build ID 20250924083854
Cheers,
P.
You do not have the required permissions to view the files attached to this post.
-
parpfish3
- Newbie
- Posts: 5
- Joined: 2025-10-22, 19:21
Post
by parpfish3 » 2025-10-22, 19:35
Just as an addendum:
This happens in Safe Mode and doesn't happen in Firefox.
P.
-
Moonchild
- Pale Moon guru
- Posts: 38378
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Post
by Moonchild » 2025-10-22, 19:43
parpfish3 wrote: ↑2025-10-22, 19:32
Old user (prev. parpfish II, now parpfish3 -- old email address, so presumably missed something and account deleted?) - so had to re-register.
forum accounts will be purged if unused for a long time. No reason for us to hang on to your personal data if you're not using the forum.
parpfish3 wrote: ↑2025-10-22, 19:32
I've just got a very similar issue when logging into Paypal (they may have changed something very recently, as this didn't happen last night).
Works for me, Pale Moon 33.9.1 x64
You do not have the required permissions to view the files attached to this post.
"There is no point in arguing with an idiot, because then you're both idiots." - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
parpfish3
- Newbie
- Posts: 5
- Joined: 2025-10-22, 19:21
Post
by parpfish3 » 2025-10-22, 20:02
Do you keep your cookies for Paypal or flush them when closing browser?
P.
-
Moonchild
- Pale Moon guru
- Posts: 38378
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Post
by Moonchild » 2025-10-22, 20:29
I tried in a fresh profile without cookies and indeed the login screen is being blocked by whatever captcha they are using.
"There is no point in arguing with an idiot, because then you're both idiots." - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
parpfish3
- Newbie
- Posts: 5
- Joined: 2025-10-22, 19:21
Post
by parpfish3 » 2025-10-23, 00:06
Thanks - that's helpful. Copied across my Paypal cookies from Firefox (cookies.sqlite) and now I get the login page and can login. Is there any corporate entity that doesn't vacuum data. A session cookie should be sufficient for such "services".
Thanks again.
P.
-
Moonchild
- Pale Moon guru
- Posts: 38378
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Post
by Moonchild » 2025-10-23, 00:13
If you run into this issue, please do report it to PayPal (unfortunately you have to go through the "assistant" chatbot, but if you just ask it to contact customer support it should forward you to an actual support agent (during support hours, anyway)). Pale Moon works just fine with PayPal, is a maintained browser and is kept secure, and what is blocking access is arbitrary and seems to be their choice/configuration of captcha, not paypal's site itself. This impacts our project directly because most of our donation support goes through them.
"There is no point in arguing with an idiot, because then you're both idiots." - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
parpfish3
- Newbie
- Posts: 5
- Joined: 2025-10-22, 19:21
Post
by parpfish3 » 2025-10-23, 04:45
Yes, I'll report it. Tried out of office hours and only got the chatbot.
We have a Paypal business account and such nonsense effects us too. I had to do a bit more than just switch over the cookies.sqlite. Whitelisting only Paypal and associated sites didn't do it. Instead I've had to "allow cookies until they expire" and instead let the "self destructing cookies" add-on act as the whitelist for key sites (incl. Paypal), with default set to "self destruct after close tab". Then untick "cookies" from the Clear History when Pale Moon closes.
Just in case anyone else has the issue.
But I think you're probably correct about "their choice/configuration of captcha" being the issue. I've unticked "Poison canvas data" under tracking. But couldn't conclude their new "security" measures relate to this tracking feature in any way.
Cheers,
P.
