paypal.pslars.com Open in urlscan Pro
104.167.11.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paypal.pslars.com/
Submission Tags: @phishunt_io
Submission: On July 30 via api (July 30th 2022, 4:32:49 am UTC) from DE — Scanned from GB

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 104.167.11.247, located in United Kingdom and belongs to CLOUD-SOUTH, US. The main domain is paypal.pslars.com.
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.

This is the only time paypal.pslars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	104.167.11.247 104.167.11.247		13886 (CLOUD-SOUTH) (CLOUD-SOUTH)
1	2a00:1450:400... 2a00:1450:4001:801::200a		15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133		54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2003		15169 (GOOGLE) (GOOGLE)
13	4

9 104.167.11.247 (United Kingdom)

ASN13886 (CLOUD-SOUTH, US)
PTR: ns.5on5marketing.com

paypal.pslars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	pslars.com paypal.pslars.com	471 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1999	4 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
13	4

	Domain	Requested by
9	paypal.pslars.com	paypal.pslars.com
2	www.paypalobjects.com	paypal.pslars.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	paypal.pslars.com
13	4

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
www.pslars.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paypal.pslars.com/
Frame ID: 57DEAB72C4B95C439536162A9D827C5E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payment Portal – PS+Lars

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

503 kB
Transfer

541 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
paypal.pslars.com/ 52 KB
18 KB 917ms
514ms Document
text/html 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: 7c3f2ec5d386bcd30ae89b1a7b0a62143eede43425fec6a6acdc9ef0637eee2e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Jul 2022 04:32:42 GMT
Keep-Alive: timeout=5, max=100
Link: <https://paypal.pslars.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: paypal.pslars.com
URL: https://paypal.pslars.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb874dc17127d3b8b55d7dd1a05a7481cbf258273583206381706b599ac4d49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 03:26:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 04:32:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 04:32:43 GMT

GET
H/1.1 200
OK style.css
paypal.pslars.com/wp-content/themes/twentyseventeen/ 81 KB
81 KB 300ms
152ms Stylesheet
text/css 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-content/themes/twentyseventeen/style.css?ver=4.8.3
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: ae749882a3debfb6884a0d77c486b033ceef41e6a878b509be6fa1b6cbfb8caf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:43 GMT
Last-Modified: Wed, 17 Oct 2018 18:45:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 82584

GET
H/1.1 200
OK jquery.js Show response
paypal.pslars.com/wp-includes/js/jquery/ 95 KB
95 KB 432ms
147ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:43 GMT
Last-Modified: Wed, 17 Oct 2018 18:45:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97184

GET
H/1.1 200
OK jquery-migrate.min.js Show response
paypal.pslars.com/wp-includes/js/jquery/ 10 KB
10 KB 456ms
168ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:43 GMT
Last-Modified: Wed, 17 Oct 2018 18:45:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10056

GET
H/1.1 200
OK cropped-PSLars-Master-v2s-2.jpg
paypal.pslars.com/wp-content/uploads/2018/01/ 250 KB
251 KB 146ms
145ms Image
image/jpeg 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal.pslars.com/wp-content/uploads/2018/01/cropped-PSLars-Master-v2s-2.jpg
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: a73e593408ada1e7b531c3cc066e7b2eb4c1b1138986272d0cd273efa9bfaba3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:44 GMT
Last-Modified: Wed, 17 Oct 2018 19:08:28 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 256279

GET
H2 200 btn_buynowCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
4 KB 240ms
29ms Image
image/gif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif

Requested by

Host: paypal.pslars.com
URL: https://paypal.pslars.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

58e0d82e00a38d6b340424fecd1b86f33cdb69a642df4594c8d73ffcdb6d2e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 04:32:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=3349 idim=171x47 ifmt=gif ofsz=3348 odim=171x47 ofmt=gif
paypal-debug-id: 18a7ad3378cc1
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 3348
x-served-by: cache-sjc10046-SJC, cache-lcy19243-LCY
traceparent: 00-000000000000000000018a7ad3378cc1-f702b4b2695fe684-01
x-timer: S1659155564.479804,VS0,VE0
etag: "SNSV46nYqESq7/5PFFa7zDR7xjEWReBZKwPPBRPDtuc"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 6, 8

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
249 B 240ms
30ms Image
image/gif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: paypal.pslars.com
URL: https://paypal.pslars.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 04:32:44 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 3b332fe3ea371
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10058-SJC, cache-lcy19243-LCY
x-timer: S1659155564.479968,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 39, 5772

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/ 683 B
937 B 156ms
156ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:43 GMT
Last-Modified: Wed, 17 Oct 2018 19:38:25 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 683

GET
H/1.1 200
OK global.js Show response
paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/ 8 KB
8 KB 148ms
148ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:44 GMT
Last-Modified: Wed, 17 Oct 2018 19:38:25 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7682

GET
H/1.1 200
OK jquery.scrollTo.js Show response
paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/ 6 KB
6 KB 149ms
148ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:44 GMT
Last-Modified: Wed, 17 Oct 2018 19:38:25 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5836

GET
H/1.1 200
OK wp-embed.min.js Show response
paypal.pslars.com/wp-includes/js/ 1 KB
2 KB 143ms
142ms Script
application/javascript 104.167.11.247
CLOUD-SOUTH

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.pslars.com/wp-includes/js/wp-embed.min.js?ver=4.8.3
Requested by: Host: paypal.pslars.com
URL: https://paypal.pslars.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.167.11.247 , United Kingdom, ASN13886 (CLOUD-SOUTH, US),
Reverse DNS: ns.5on5marketing.com
Software: Apache /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paypal.pslars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 30 Jul 2022 04:32:44 GMT
Last-Modified: Wed, 17 Oct 2018 18:38:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1398

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paypal.pslars.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 03:24:42 GMT
x-content-type-options: nosniff
age: 263282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 03:24:42 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| twentyseventeenScreenReaderText object| jQuery112408887025970281579 object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
paypal.pslars.com
www.paypalobjects.com
104.167.11.247
151.101.66.133
2a00:1450:4001:801::200a
2a00:1450:4001:831::2003
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
58e0d82e00a38d6b340424fecd1b86f33cdb69a642df4594c8d73ffcdb6d2e21
7c3f2ec5d386bcd30ae89b1a7b0a62143eede43425fec6a6acdc9ef0637eee2e
a73e593408ada1e7b531c3cc066e7b2eb4c1b1138986272d0cd273efa9bfaba3
ae749882a3debfb6884a0d77c486b033ceef41e6a878b509be6fa1b6cbfb8caf
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a
fb874dc17127d3b8b55d7dd1a05a7481cbf258273583206381706b599ac4d49c
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e