wxdxbbgzivsfdkfjzkmg3w.on.drv.tw Open in urlscan Pro
47.254.94.70  Malicious Activity! Public Scan

41 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request paypal.html Show response wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/	98 KB 23 KB	5876ms 2032ms	Document text/html	47.254.94.70 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.254.94.70 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 85f574d067710e364e8c7f65da87c22f073b456c222dbe680137fa4160dc942d Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control public, s-maxage=43200, max-age=43200 content-encoding gzip content-type text/html date Sun, 03 Apr 2022 08:24:09 GMT last-modified Mon, 28 Sep 2020 23:18:20 GMT server nginx/1.14.0 (Ubuntu) vary Origin, Sec-Fetch-Mode, X-Requested-Wtih Accept-Encoding x-cache BYPASS
GET H2	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	50ms 8ms	Font application/font-woff2	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 03:38:51 GMT cache-control s-maxage=31536000, public,max-age=3600 etag "5a66ae4b-4790" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id 9b05cf6fc13a3 strict-transport-security max-age=31536000 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 18320
GET H2	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	53ms 12ms	Font application/font-woff2	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 02:50:53 GMT cache-control public,max-age=3600 etag "5a66a30d-47b8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id b24478a9fb000 strict-transport-security max-age=31536000 accept-ranges bytes dc slc-b-origin-www-1.paypal.com content-length 18360
GET H2	200	eb419198434f125e3e772612b3ebd1d9c0892c.css www.paypalobjects.com/marketing-resources/css/10/	298 KB 48 KB	59ms 18ms	Stylesheet text/css	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash ddc2d28c6818ca1661476cad9604af4159e7baf3fc7d02d0c07c65ae3b6ed040 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:20:36 GMT etag W/"60271b54-4a97a" surrogate-control max-age=31536000 vary Accept-Encoding content-type text/css paypal-debug-id 64936aec4c3e2 cache-control s-maxage=31536000, public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 48572
GET H2	200	covid-icon.png www.paypalobjects.com/marketing/web/us/en/home/	2 KB 2 KB	55ms 18ms	Image image/webp	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/marketing/web/us/en/home/covid-icon.png Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash e2c610afed7aa887ff1b24a9df40d57d8d1889f3cf214e8cc131a8aadfe0fc1f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff x-check-cacheable YES x-serial 1565 etag "Gy6h3A5VuHUovnOmZfFA30Xusja0uynswlnCuEHR0k4" strict-transport-security max-age=31536000 content-type image/webp cache-control private, no-transform, max-age=43200 last-modified Mon, 28 Mar 2022 18:20:32 GMT content-length 1546 server Akamai Image Manager expires Sun, 03 Apr 2022 20:24:09 GMT
GET H2	200	react-16_6_3-bundle.js Show response www.paypalobjects.com/digitalassets/c/website/js/	109 KB 36 KB	55ms 18ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/website/js/react-16_6_3-bundle.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash a6cb296cc17962a45f2e1ec8caa628f675def3f2296af7c66a40ab9bfe17bd3a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 19 Dec 2018 01:10:32 GMT etag W/"5c199a88-1b4c8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id bcf1350911e4b cache-control public,max-age=3600 strict-transport-security max-age=31536000 dc ccg11-origin-www-2.paypal.com content-length 36652
GET H2	200	bs-chunk.js Show response www.paypalobjects.com/tagmgmt/	19 B 354 B	13ms 12ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/tagmgmt/bs-chunk.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 3439ce9282ae9 dc slc-b-origin-www-3.paypal.com vary Accept-Encoding content-length 19 last-modified Sat, 13 Feb 2021 00:28:58 GMT etag "60271d4a-13" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=3600 accept-ranges bytes access-control-allow-headers x-csrf-token
GET H2	200	pa.js Show response www.paypalobjects.com/pa/js/min/	54 KB 21 KB	50ms 12ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/pa/js/min/pa.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 7e9eaa7554a2f6581952711e2245a579e4f85945ee46de092c1f91e6f92661ef Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff surrogate-control max-age=31536000 paypal-debug-id 76ee87395b274 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 21181 last-modified Fri, 25 Mar 2022 23:27:27 GMT etag W/"623e4fdf-d883" strict-transport-security max-age=31536000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token
GET H2	200	open-chat.js Show response www.paypalobjects.com/helpcenter/smartchat/sales/v1/	1 KB 1 KB	13ms 13ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:19:40 GMT cache-control public,max-age=3600 etag W/"60271b1c-5bf" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript access-control-allow-origin * paypal-debug-id a03bdbb9fac55 strict-transport-security max-age=31536000 dc slc-b-origin-www-3.paypal.com content-length 779
GET H2	200	marketingIntentsV2.js Show response www.paypalobjects.com/activation/js/	554 B 667 B	14ms 13ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/activation/js/marketingIntentsV2.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 12 Feb 2021 23:55:13 GMT etag W/"60271561-22a" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id d68b9535cb136 cache-control public, max-age=86400 strict-transport-security max-age=31536000 dc ccg11-origin-www-2.paypal.com content-length 365 expires Mon, 04 Apr 2022 08:24:09 GMT
GET H2	200	wd.js Show response drv.tw/inc/	362 B 566 B	1732ms 157ms	Script application/javascript	47.254.94.70 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://drv.tw/inc/wd.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.254.94.70 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 814f9fb1692be6f1929d73131141529b8c097e7f0a835714ab77198d57660ee4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:11 GMT last-modified Tue, 01 Feb 2022 15:26:59 GMT server nginx/1.14.0 (Ubuntu) etag "61f95143-16a" x-cache BYPASS content-type application/javascript accept-ranges bytes content-length 362
GET H2	200	wd.js Show response www.drv.tw/inc/	690 B 737 B	1276ms 18ms	Script text/javascript	20.50.153.39 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.drv.tw/inc/wd.js?s=wxdxbbgzivsfdkfjzkmg3w Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.50.153.39 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding br referrer-policy same-origin last-modified Fri, 25 Mar 2022 06:39:27 GMT etag "64907855" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, must-revalidate, max-age=30 date Sun, 03 Apr 2022 08:24:10 GMT x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	206	PayPal_UltimateHomepage_Desktop_1600x800_Dollar-left.mp4 www.paypalobjects.com/marketing/web/us/en/home/everydayessential/v5/	2 MB 2 MB	20ms 20ms	Media video/mp4	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing/web/us/en/home/everydayessential/v5/PayPal_UltimateHomepage_Desktop_1600x800_Dollar-left.mp4 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 6dba70861f12d2d6ba63b482eb8f07b1ee79bc472119d2a759bb27198df0e551 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Range bytes=0- Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:25:23 GMT cache-control s-maxage=31536000, public,max-age=3600 etag "60271c73-18c1ab" surrogate-control max-age=31536000 vary Accept-Encoding content-type video/mp4 Content-Range bytes 0-1622442/1622443 paypal-debug-id a6884d0df2e79 strict-transport-security max-age=31536000 accept-ranges bytes dc ccg11-origin-www-1.paypal.com Content-Length 1622443
GET H2	200	pp_fc_hl.svg www.paypalobjects.com/digitalassets/c/website/logo/full-text/	11 KB 4 KB	10ms 10ms	Image image/svg+xml	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/digitalassets/c/website/logo/full-text/pp_fc_hl.svg Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 15 Mar 2016 17:48:58 GMT cache-control public,max-age=3600 etag W/"56e84b0a-2b4b" surrogate-control max-age=31536000 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * paypal-debug-id 5b87bed6e29e3 strict-transport-security max-age=31536000 dc phx-origin-www-3.paypal.com content-length 3732
GET H2	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	37ms 7ms	Font application/font-woff2	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css Origin https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 03:38:51 GMT cache-control s-maxage=31536000, public,max-age=3600 etag "5a66ae4b-4790" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id 9b05cf6fc13a3 strict-transport-security max-age=31536000 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 18320
GET H2	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/	18 KB 18 KB	42ms 13ms	Font application/font-woff2	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css Origin https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:09 GMT x-content-type-options nosniff last-modified Tue, 23 Jan 2018 02:50:53 GMT cache-control public,max-age=3600 etag "5a66a30d-47b8" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * paypal-debug-id b24478a9fb000 strict-transport-security max-age=31536000 accept-ranges bytes dc slc-b-origin-www-1.paypal.com content-length 18360
GET H2	200	ts t.paypal.com/	42 B 652 B	193ms 165ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974249813&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=dc2511c4e7e82&nsid=nZtksdgl3Jld0ZTw5DBlD5x5O2H7CZH8&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=5cf125c5b45f4f2f83917066aa8e66f3&comp=mppnodeweb&tsrce=smartchatnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201%2C102643&xt=108244%2C108088%2C110047&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&displayPage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:09 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 38b8a9b6f42c4 cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=159 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	99 KB 39 KB	195ms 74ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-85417367-1 Requested by Host: www.drv.tw URL: https://www.drv.tw/inc/wd.js?s=wxdxbbgzivsfdkfjzkmg3w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f01e2a55910d835e028d405e001076efc11ac807b090289bfebbf1543dc56a40 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:10 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39172 x-xss-protection 0 expires Sun, 03 Apr 2022 08:24:10 GMT
GET H2	200	ts t.paypal.com/	42 B 437 B	163ms 163ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974250814&g=0&e=err&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:10 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 8776e342b929c cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=158 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:10 GMT
GET H2	200	ts t.paypal.com/	42 B 391 B	165ms 165ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974250815&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=dc2511c4e7e82&nsid=nZtksdgl3Jld0ZTw5DBlD5x5O2H7CZH8&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=5cf125c5b45f4f2f83917066aa8e66f3&comp=mppnodeweb&tsrce=smartchatnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201%2C102643&xt=108244%2C108088%2C110047&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=%2F%2Ft.paypal.&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&event_name=t_paypal_cpl&t1=28&t1c=28&t1d=1&t1s=21&t2=165&t3=1&tt=195&protocol=h2&cdn=edgecast&view=%7B%22t10%22%3A28%2C%22t11%22%3A195%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:10 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 8e58dc49d978a cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=160 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:10 GMT
GET H2	404	eligibility Show response wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/smartchat/open/	2 KB 1 KB	534ms 534ms	XHR text/html	47.254.94.70 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/smartchat/open/eligibility?intent=SALESCHAT&page=/www.paapal.net/paypal.html Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.254.94.70 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash ab04ea00add135d1972e76d4ca04beb8e497bf72554c2ab074ec4470cf81d319 Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:11 GMT cache-control public, s-maxage=604800, max-age=604800 server nginx/1.14.0 (Ubuntu) content-encoding gzip content-type text/html
GET H2	200	ts t.paypal.com/	42 B 437 B	164ms 163ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974251085&g=0&e=err&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:11 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 76a7771874d88 cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=156 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:11 GMT
GET H2	200	ts t.paypal.com/	42 B 343 B	164ms 164ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974251269&g=0&e=err&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:11 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 34c7a485309ba cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=158 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:11 GMT
GET H2	200	50552279252e81a1555200b7085d342e153b3b.js Show response www.paypalobjects.com/marketing-resources/js/9d/	1 MB 280 KB	22ms 22ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/marketing-resources/js/9d/50552279252e81a1555200b7085d342e153b3b.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash 641625995cc79fdc5f058ac4603cc5cdb2eea6b83a9aaac4d11320dedc38731f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com date Sun, 03 Apr 2022 08:24:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:22:06 GMT etag W/"60271bae-132a0b" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id feaa50769d0f8 cache-control s-maxage=31536000, public,max-age=31536000 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 285806
GET H2	200	opinionLab-2.1.0.js Show response www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/	41 KB 12 KB	9ms 8ms	Script application/javascript	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js Requested by Host: wxdxbbgzivsfdkfjzkmg3w.on.drv.tw URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software / Resource Hash da3177d9f38349f23abc99dcc0a87a8e1178a1576f0b27192821b20ebecc45e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 14 Jun 2020 15:52:22 GMT etag W/"5ee647b6-a5a5" surrogate-control max-age=31536000 vary Accept-Encoding content-type application/javascript paypal-debug-id 3ae59e676228f cache-control public,max-age=3600 strict-transport-security max-age=31536000 dc ccg11-origin-www-1.paypal.com content-length 12254
GET H2	200	Yellow_Yoga.png www.paypalobjects.com/marketing/web/us/en/home/Everyday-Essentials/v5/	12 KB 12 KB	28ms 27ms	Image image/webp	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/marketing/web/us/en/home/Everyday-Essentials/v5/Yellow_Yoga.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 76bb0ebcaa27696249404ee67aa46a2d91e020499513af45d96ae08fee1ed55d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:11 GMT x-content-type-options nosniff last-modified Sat, 19 Mar 2022 19:46:04 GMT server Akamai Image Manager etag "60271c73-10918" strict-transport-security max-age=31536000 content-type image/webp cache-control private, no-transform, max-age=43200 content-length 11924 expires Sun, 03 Apr 2022 20:24:11 GMT
GET H2	200	Groceries_phone_US_New_v3.gif www.paypalobjects.com/marketing/web/us/en/home/everydayessential/v5/	255 KB 256 KB	38ms 38ms	Image image/webp	184.25.158.196 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/marketing/web/us/en/home/everydayessential/v5/Groceries_phone_US_New_v3.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.25.158.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-25-158-196.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 590ba6417790d5d47ce990ca21163f43d4e6a7332722933e233bab152efd52d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sun, 03 Apr 2022 08:24:11 GMT x-content-type-options nosniff last-modified Sun, 03 Apr 2022 06:42:17 GMT server Akamai Image Manager etag "60271c73-5c5d7" strict-transport-security max-age=31536000 content-type image/webp cache-control private, no-transform, max-age=43200 content-length 261592 expires Sun, 03 Apr 2022 20:24:11 GMT
GET H2	200	ts t.paypal.com/	42 B 389 B	158ms 158ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?v=1.6.2&t=1648974251771&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=dc2511c4e7e82&nsid=nZtksdgl3Jld0ZTw5DBlD5x5O2H7CZH8&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=5cf125c5b45f4f2f83917066aa8e66f3&comp=mppnodeweb&tsrce=smartchatnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201%2C102643&xt=108244%2C108088%2C110047&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&imsrc=setup&view=%7B%22t10%22%3A3844%2C%22t11%22%3A7911%2C%22tcp%22%3A6040%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A108%7D&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=3844&t1c=3844&t1d=3528&t1s=160&t2=2032&t3=1&t4d=0&t4=0&t4e=2&tt=7803&rdc=0&protocol=h2&res=%7B%7D&rtt=165&3p_vid=1aaf186e10766e62&3p_fpti=491069935b8ae62 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FB1) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sun, 03 Apr 2022 08:24:11 GMT content-type image/gif server ECAcc (frc/8FB1) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 14b2e860fc3af cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=151 timing-allow-origin * content-length 42 expires Sun, 03 Apr 2022 08:24:11 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| antiClickjack object| modelData function| bindGdprEvents object| dataLayer object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| React object| ReactDOM function| hideGdprBanner function| showGdprBanner function| gtag function| t object| google_tag_manager function| openSalesChat object| OOo object| PageBundle object| __core-js_shared__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/	1969-12-31 23:59:59	Name: uid Value: rBEPrmJJWalPwAopkH8jAg==
			.paypal.com/	1970-01-21 04:21:08	Name: ts_c Value: vr%3D491069935b8ae62%26vt%3D1aaf186e10766e62
			.paypal.com/	1970-01-21 04:21:08	Name: ts Value: vreXpYrS%3D1743668651%26vteXpYrS%3D1648976051%26vr%3D491069935b8ae62%26vt%3D1aaf186e10766e62
			drv.tw/	1969-12-31 23:59:59	Name: uid Value: rBEPrmJJWatPwAopkH9AAg==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Message: A preload for 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Message: A preload for 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Message: A preload for 'https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/smartchat/open/eligibility?intent=SALESCHAT&page=/www.paapal.net/paypal.html Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Message: The resource https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://wxdxbbgzivsfdkfjzkmg3w.on.drv.tw/www.paapal.net/paypal.html Message: The resource https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drv.tw
t.paypal.com
www.drv.tw
www.googletagmanager.com
www.paypalobjects.com
wxdxbbgzivsfdkfjzkmg3w.on.drv.tw
184.25.158.196
192.229.221.25
20.50.153.39
2a00:1450:4001:808::2008
47.254.94.70
036f5ec2d493c1c70c99b98eb3a666241af203a93f3fc3b8b64316794b4dcd3f
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f
590ba6417790d5d47ce990ca21163f43d4e6a7332722933e233bab152efd52d0
641625995cc79fdc5f058ac4603cc5cdb2eea6b83a9aaac4d11320dedc38731f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dba70861f12d2d6ba63b482eb8f07b1ee79bc472119d2a759bb27198df0e551
76bb0ebcaa27696249404ee67aa46a2d91e020499513af45d96ae08fee1ed55d
7e9eaa7554a2f6581952711e2245a579e4f85945ee46de092c1f91e6f92661ef
814f9fb1692be6f1929d73131141529b8c097e7f0a835714ab77198d57660ee4
85f574d067710e364e8c7f65da87c22f073b456c222dbe680137fa4160dc942d
a6cb296cc17962a45f2e1ec8caa628f675def3f2296af7c66a40ab9bfe17bd3a
ab04ea00add135d1972e76d4ca04beb8e497bf72554c2ab074ec4470cf81d319
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
da3177d9f38349f23abc99dcc0a87a8e1178a1576f0b27192821b20ebecc45e3
ddc2d28c6818ca1661476cad9604af4159e7baf3fc7d02d0c07c65ae3b6ed040
e2c610afed7aa887ff1b24a9df40d57d8d1889f3cf214e8cc131a8aadfe0fc1f
f01e2a55910d835e028d405e001076efc11ac807b090289bfebbf1543dc56a40