mail.securepaxful.com Open in urlscan Pro
199.188.200.110  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request reverify Show response mail.securepaxful.com/	15 KB 5 KB	502ms 183ms	Document text/html	199.188.200.110 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.200.110 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server237-4.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash 4a7b7af2c9988f5cef6bde3ca949993f937c2ebf122b67afc31947017010ddf8 Request headers :method GET :authority mail.securepaxful.com :scheme https :path /reverify pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:18 GMT server Apache x-powered-by PHP/7.2.34 cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6Im91TE9jeDNGeVBKZm1lUldFVHBkdVE9PSIsInZhbHVlIjoiOGxMS04yTm9VZHBGRDg1ajVxd2VYdWxjdFFmcE04OWdzXC90Mks4dU55ZFVEMHMyZVwvbGNMandGZWgrYk5MRGdEWnNGb3AwSW9JWm13U21cL2FxMEZURnc9PSIsIm1hYyI6IjBjZWRjNTcxOWI4OGE2MmQ0MWI0MDZhNWRmNzBlMmRhNDE4OWRmZmY3ZTZlMzg3MTA1Y2RjMGY2MjQyMTlkNDkifQ%3D%3D; expires=Wed, 14-Apr-2021 15:19:18 GMT; Max-Age=7200; path=/ paxful_session=eyJpdiI6Ik94WFQyRDR3bnVCdXhrMEZMcDFsZkE9PSIsInZhbHVlIjoiYnlId1FQa3VSN0hzXC9HaEN2T0VGSnpHRW5PYm8xTHAyOGFtRW55eDdCeVNLK1ExZEV4ZnJMRXFaRXk0K2ZQeTVmdDlyNWFPUDN5SlRHbVwvbXZUKzQ0Zz09IiwibWFjIjoiM2JjMzMyNjJkOWM5MzUwYzA4YTdmZmQxYTI3NzJlYjNmNTk4YTI1MzY1YWVmYmU5YTEyNzI2ZTAzYTY1NzU4NCJ9; expires=Wed, 14-Apr-2021 15:19:18 GMT; Max-Age=7200; path=/; httponly vary Accept-Encoding content-encoding gzip content-length 4481 content-type text/html; charset=UTF-8
GET H2	200	vendors.chunk.css accounts.paxful.com/static/dist/	35 KB 8 KB	401ms 374ms	Stylesheet text/css	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.paxful.com/static/dist/vendors.chunk.css?c=74c68d014c017b5ba93e Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 106500790586a52c7530b4b55bc56f56a92d3371e1d2f2ea4e487640e355c3bf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED x-envoy-upstream-service-time 3 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256e000004a920aaeb000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Origin content-type text/css; charset="utf-8" access-control-allow-origin * cache-control public, max-age=5356800 x-correlation-id 82d21078-2cee-4cd0-9865-b221db5050c1 cf-ray 63fd399e38dc4a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	main.b1be3f6fa746ef370dfd.css accounts.paxful.com/static/dist/	436 KB 65 KB	354ms 326ms	Stylesheet text/css	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.paxful.com/static/dist/main.b1be3f6fa746ef370dfd.css Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4642d305e815aace4f0d2a713e9988fb4ddb3ccc79424a753da56d78a2ff950a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED x-envoy-upstream-service-time 4 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256e000004a92608ed000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Origin content-type text/css; charset="utf-8" access-control-allow-origin * cache-control public, max-age=5356800 x-correlation-id f9399230-2b34-4205-8cce-ed0cec51a86d cf-ray 63fd399e38e34a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 961 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c419f67bf0d7e6a80a54415afed2e62c546bc43f508cea73d574aa230687fcc3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Apr 2021 13:19:18 GMT server ESF date Wed, 14 Apr 2021 13:19:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Apr 2021 13:19:18 GMT
GET H2	200	logo-dark-7510d15ad224f1ed1f9932b6e56a028f.svg accounts.paxful.com/static/dist/assets/images/	2 KB 1 KB	395ms 369ms	Image image/svg+xml	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.paxful.com/static/dist/assets/images/logo-dark-7510d15ad224f1ed1f9932b6e56a028f.svg Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c901dcf4ac1c5e8b33920a96dda1330d268913b814e9df9ab6295f51732848c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED x-envoy-upstream-service-time 4 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256e100004a920f83a000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Origin content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=5356800 x-correlation-id 5091420c-fa69-4e30-926c-73e82c5437ac cf-ray 63fd399e38e54a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	https-label-91194ad43fc85d71e34a467282e95f23.png accounts.paxful.com/static/dist/assets/images/	1 KB 2 KB	260ms 234ms	Image image/png	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.paxful.com/static/dist/assets/images/https-label-91194ad43fc85d71e34a467282e95f23.png Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ff04c566e072040a366c4a8061b5030241ee76008d662668382df02452f472e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:18 GMT x-correlation-id c58933cf-f951-43de-af81-ace7046549be x-content-type-options nosniff cf-cache-status REVALIDATED cf-polished origSize=2090, status=vary_header_present x-envoy-upstream-service-time 3 cf-bgj imgq:100,h2pri alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1336 cf-request-id 09722256e100004a92472b4000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare etag "6075edbc-82a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=5356800 accept-ranges bytes cf-ray 63fd399e38e84a92-FRA expires Tue, 15 Jun 2021 13:19:18 GMT
GET H2	200	gt.js Show response accounts.paxful.com/static/	6 KB 3 KB	391ms 366ms	Script text/javascript	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.paxful.com/static/gt.js Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72dc8123c5b3c53ee6cf7def02c1edfc88cf0c04517410b7464c643dc6d53c26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT x-correlation-id 0561bf9b-e5fa-4ad7-9ed9-9fb83488644f x-content-type-options nosniff cf-cache-status REVALIDATED cf-polished origSize=11403 x-envoy-upstream-service-time 3 cf-bgj minify content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256e100004a9220317000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:11:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control public, max-age=5356800 cf-ray 63fd399e38ec4a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	djangojs.js Show response accounts.paxful.com/static/jsi18n/en/	2 KB 1 KB	393ms 368ms	Script text/javascript	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.paxful.com/static/jsi18n/en/djangojs.js Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d2d217b691ee9e4c0b9191d0f62858fd1d5c995c01b675d07887249c0c435bf Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT x-correlation-id 59ff353d-d8c0-40b5-a944-7e5bf8e5a142 x-content-type-options nosniff cf-cache-status REVALIDATED cf-polished origSize=3269 x-envoy-upstream-service-time 3 cf-bgj minify content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256e100004a9200b06000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:11:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control public, max-age=5356800 cf-ray 63fd399e38f04a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	vendors.chunk.js Show response accounts.paxful.com/static/dist/	2 MB 527 KB	226ms 226ms	Script text/javascript	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://accounts.paxful.com/static/dist/vendors.chunk.js?c=9d5754abf0f0c526cc79 Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f2867ef1c83506950c6ef62e69815d1af5e0d0665d4225660833a49144660e8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:18 GMT x-correlation-id 2efe313f-1380-4f5e-ade9-a4ca5a52a8aa x-content-type-options nosniff cf-cache-status REVALIDATED cf-polished origSize=2117777 x-envoy-upstream-service-time 5 cf-bgj minify content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09722256ec00004a920732e000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Origin content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control public, max-age=5356800 cf-ray 63fd399e49164a92-FRA expires Tue, 15 Jun 2021 13:19:18 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	19 KB 6 KB	36ms 17ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:18 GMT content-encoding br cf-cache-status HIT age 0 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED strict-transport-security max-age=0 x-amz-request-id WGN71WKW2S9W7RX9 x-amz-id-2 rhO0dZ3Efx1yHPE+5rAQ+z3QXCSq3zBsQvSQaqZ3geMVMOBKZ7Y6u/nMnR+wktU0aiw6UD0+X8E= last-modified Mon, 22 Mar 2021 23:03:57 GMT server cloudflare etag W/"7f3954777ce44f906bb3321e70ee7f5b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=3600, s-maxage=60 x-amz-version-id P4XOTo3aAnEAKNAMiAOtpa5tDFHuuBXV cf-request-id 09722256db00004a62a82a6000000001 cf-ray 63fd399e2dee4a62-FRA
GET H2	200	233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Show response ekr.zdassets.com/compose/	586 B 802 B	748ms 728ms	XHR application/json	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cc93e2ff4589cd4f7db85d2373c7e0cf2780d60d0298258b027187fd011879c Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Origin, Accept-Encoding cf-cache-status REVALIDATED status 200 OK strict-transport-security max-age=0 cf-request-id 097222571100001776d48aa000000001 x-request-id 70566dcc-6bab-47c1-b847-bbf9f7941ffd x-runtime 0.003434 server cloudflare etag W/"3cc93e2ff4589cd4f7db85d2373c7e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600 cf-ray 63fd399e8a861776-FRA
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v18/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://mail.securepaxful.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:22 GMT server sffe age 270941 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14380 x-xss-protection 0 expires Mon, 11 Apr 2022 10:03:38 GMT
GET H2	200	mem5YaGs126MiZpBA-UNirkOUuhp.woff2 fonts.gstatic.com/s/opensans/v18/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://mail.securepaxful.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:47 GMT server sffe age 270941 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14880 x-xss-protection 0 expires Mon, 11 Apr 2022 10:03:38 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://mail.securepaxful.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 270941 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19480 x-xss-protection 0 expires Mon, 11 Apr 2022 10:03:38 GMT
GET H2	200	log-in@1x-66ff6d4608ab29a6710651bfd9e6171c.png accounts.paxful.com/static/dist/assets/images/	23 KB 24 KB	230ms 229ms	Image image/png	2606:4700::6811:3b3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.paxful.com/static/dist/assets/images/log-in@1x-66ff6d4608ab29a6710651bfd9e6171c.png Requested by Host: mail.securepaxful.com URL: https://mail.securepaxful.com/reverify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:3b3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 247419253374924d63996b9d609528a408ffc8e32ca5fedc93b754a722443ca4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT x-correlation-id e5962945-cb54-4819-8b5e-ee48dc9336c1 x-content-type-options nosniff cf-cache-status REVALIDATED cf-polished origSize=24734, status=vary_header_present x-envoy-upstream-service-time 3 cf-bgj imgq:100,h2pri alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23883 cf-request-id 097222588100004a9233331000000001 referrer-policy same-origin last-modified Tue, 13 Apr 2021 19:15:08 GMT server cloudflare etag "6075edbc-609e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=5356800 accept-ranges bytes cf-ray 63fd39a0cf5b4a92-FRA expires Tue, 15 Jun 2021 13:19:19 GMT
GET H2	200	preload.fc713956383df327ba01.js Show response static.zdassets.com/web_widget/latest/ Frame 5E56	63 KB 19 KB	20ms 20ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/preload.fc713956383df327ba01.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46507df31be7f6ab2091bc958ce8a32380b401660c81f8b5a568d0c0c1c23625 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1421000 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id CWSSAJ17303VRC67 x-amz-id-2 8i+zRnpxA+ZU4Pf1gJbbouyPTI8Fel08/MVBzhx6BbKHlsD3vJLarRFUUIL0PvScl+I/VodF5iA= last-modified Mon, 29 Mar 2021 01:01:38 GMT server cloudflare etag W/"0d7a9ee2b65a3bde47d954234b242801" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id 12VS_tjIf9JHzKLz5_ETbEhuuxmKyAd5 cf-request-id 09722259f100004a62b40c7000000001 cf-ray 63fd39a31feb4a62-FRA expires Tue, 29 Mar 2022 01:01:37 GMT
GET H2	200	framework.7358ca48d43ed514ac70.chunk.js Show response static.zdassets.com/web_widget/latest/ Frame 5E56	54 KB 17 KB	18ms 17ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/framework.7358ca48d43ed514ac70.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d93fc3ff26df1f9d3a494896b8aa6c678acbba4a707ef40faed48f813077ca30 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1421000 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id CWSNZ429DRZ9CDP5 x-amz-id-2 hb96MGP6noXZb/9hLHjXNNDhKTVbzuYI2n88pYRMqv6hOQ9xTPURBA1pNDsv5hPTzeb1/idDdk0= last-modified Mon, 29 Mar 2021 01:00:45 GMT server cloudflare etag W/"27d42696ff50171eb89e1f154e9f74a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id tOWM6A6BPu1ymkl.VWe4rM7NRghPl2b7 cf-request-id 09722259f200004a62e1941000000001 cf-ray 63fd39a31fee4a62-FRA expires Tue, 29 Mar 2022 01:00:44 GMT
GET H2	200	vendors~framework.b1ea516911eb6ecd8755.chunk.js Show response static.zdassets.com/web_widget/latest/ Frame 5E56	186 KB 57 KB	32ms 32ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d31e623c56bfa8b08f9a0d324173f1915b4c191a9d0f16daf93074d3f8b57a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 3673826 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id B63C38ACC03B03B3 x-amz-id-2 jxo15LkuFzdmPL3sRSy0TNItWFyrwOrPgcqSlR0V523FNs+GQMDtgMB6bl8wR4znu7mGHA+YYqk= last-modified Wed, 03 Mar 2021 00:34:19 GMT server cloudflare etag W/"63eb8c69fdfc903cbfe7a15434f62da9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id FPbxbt0atxYYhpYcFud_sN48AU89geeM cf-request-id 09722259f200004a62d188a000000001 cf-ray 63fd39a31ff14a62-FRA expires Thu, 03 Mar 2022 00:34:18 GMT
GET H2	200	config Show response paxful.zendesk.com/embeddable/	667 B 1 KB	104ms 69ms	XHR application/json	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paxful.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=233f7cf6-c666-499d-b5b4-9fcdff3f4fd9 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ce82e7522d4adb640a50c9a7cc86006cb5d8de2e93359e99b7953e791e1ba82 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mail.securepaxful.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED nel {"max_age":604800,"report_to":"cf-nel"} x-zendesk-origin-server embeddable-app-server-67f68cf96b-zfw5c access-control-allow-methods GET vary Origin, Accept-Encoding cf-request-id 0972225a380000fafa1c8fb000000001 x-request-id 63fd39a38f31fafa-FRA x-runtime 0.001493 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 1728000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mCkaeV6JyAnAwlTKgFftT9FawCXQzE7glzPJdwr7nUfy9oO4kZ6rRf0cA8TdNncVYwmMBKfZRNBLpuTGoXTwK%2BwL8N0TJE8g%2FGfrQ%2BF5rkUjDrk%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control public, max-age=60, stale-while-revalidate=600, stale-if-error=3600 cf-ray 63fd39a38f31fafa-DUS
GET H2	200	en-us-json.81c93c29a397263e2f54.chunk.js Show response static.zdassets.com/web_widget/latest/locales/ Frame 5E56	30 KB 6 KB	20ms 20ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/locales/en-us-json.81c93c29a397263e2f54.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/preload.fc713956383df327ba01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 5645477 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id 6BC7F4F201BBB543 x-amz-id-2 K/A1do9y7T3IXOkLEuG7P/M4u0cLtB/RMuQ4q0N82I7S41Ev4IIzcSvx/qQopAq27/RVs8cseeY= last-modified Mon, 08 Feb 2021 04:48:36 GMT server cloudflare etag W/"bfcb6abe12d1784811bf840f9159a6fb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id C2.576T7kyyWtDTBhFLtvoIcEpen_MXc cf-request-id 0972225a7f00004a6283b01000000001 cf-ray 63fd39a3f9984a62-FRA expires Tue, 08 Feb 2022 04:48:35 GMT
GET H2	200	web_widget~messenger.88c46634dcce586eee9e.chunk.js Show response static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 5E56	338 KB 97 KB	32ms 31ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.88c46634dcce586eee9e.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/preload.fc713956383df327ba01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d0720423a32be2b84ca745e9eff439f3988da5f5edd0d53a4d2c478fa9800f6 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1420999 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id B3HM7P6ZR082370S x-amz-id-2 QYW+MrEYET5tJH2Au7ZOSnARAfpG69MfY1ppw2PUluqX4LHYfTxj+H8QYmzkNGOeBeOC+6UlJdc= last-modified Mon, 29 Mar 2021 01:01:39 GMT server cloudflare etag W/"e8a8918b86cb69524e8c66ed379775d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id DBfelgTBk2MVsGuMMpphx_gjOjQUhzJs cf-request-id 0972225a8000004a62de136000000001 cf-ray 63fd39a4099f4a62-FRA expires Tue, 29 Mar 2022 01:01:38 GMT
GET H2	200	web_widget.2f80a0c45270ff6aa17e.chunk.js Show response static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 5E56	594 KB 139 KB	14ms 14ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.2f80a0c45270ff6aa17e.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/preload.fc713956383df327ba01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fe7c018ff531007abce7ae3cea84c3fd6e4e2651aa49cd1418cbf98ccb36887 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 875 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id XKB8HP18WE2PTZ2W x-amz-id-2 41kKkgmDN9M1zQIf11HyLMrR1DIXz5pzO8I99VOtB7S2/LuSVqonQGZhccM6FmP4qBnmZ/58DuY= last-modified Fri, 09 Apr 2021 02:59:48 GMT server cloudflare etag W/"1b7d305478d45aa65afa198646e44cbe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id JINaVvduSDC1oFR7.GOihtqsRwuJxIc2 cf-request-id 0972225a8100004a62a5197000000001 cf-ray 63fd39a409a14a62-FRA expires Tue, 29 Mar 2022 01:01:38 GMT
GET H2	200	web_widget.ab90333a43c801cfd35a.chunk.js Show response static.zdassets.com/web_widget/latest/lazy/ Frame 5E56	823 KB 153 KB	15ms 14ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/lazy/web_widget.ab90333a43c801cfd35a.chunk.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/preload.fc713956383df327ba01.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab1d007da0116e6b40e736f016230394588ff155ae02a11d3ff713657f89fcde Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 129 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-request-id B3HMHC8D3QP9FWE2 x-amz-id-2 bQxduEAkkiUT9suwQMNiZVMGChbOM2QQ5ZHucvvD1XpWEYUVMIfXDZ9ncuEMvtsm2GOj71vJ/7M= last-modified Mon, 29 Mar 2021 01:00:47 GMT server cloudflare etag W/"9ab9ef266e6d55cc96fc4dbfb097270f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0 content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id IXUF5V19CeOrSOQXCmH4tNDSR.PC5eER cf-request-id 0972225a8100004a62e194d000000001 cf-ray 63fd39a409a34a62-FRA expires Tue, 29 Mar 2022 01:00:46 GMT
GET H2	200	embeddable_blip Show response paxful.zendesk.com/ Frame 5E56	0 469 B	37ms 36ms	XHR text/html	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paxful.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9tYWlsLnNlY3VyZXBheGZ1bC5jb20vcmV2ZXJpZnkiLCJ0aW1lIjozMSwibG9hZFRpbWUiOjI1LjQ2NDk5OTQ4OTQ4NjIxNywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlBheGZ1bCBBY2NvdW50cyIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWF4aW11bS1zY2FsZT0xLCB1c2VyLXNjYWxhYmxlPTAsIHNocmluay10by1maXQ9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjFkNmVkNTUyYTU5NThjNmIxNTkyMTM5ODhhYWQ2ODJmIiwic3VpZCI6Ijc4ZjZmZTFhY2I2Mjc1ZWU0NzIyOGNhY2QyNDU0YTFkIiwidmVyc2lvbiI6IjIzN2RmNmIxZSIsInRpbWVzdGFtcCI6IjIwMjEtMDQtMTRUMTM6MTk6MTkuODY3WiIsInVybCI6Imh0dHBzOi8vbWFpbC5zZWN1cmVwYXhmdWwuY29tL3JldmVyaWZ5In0%3D Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/vendors~framework.b1ea516911eb6ecd8755.chunk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 13:19:19 GMT content-encoding br cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Etf3wPwUp88VKXjVnUC9ZVdh54VtC%2FpQxEgOs7ajnXPsjbS%2F31Qbgu7dtjS9FgT5ZYbtwQ2Fld9MLC8RjKGRRzcDre6EitB85WYj6XWeg8ktqUo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin https://mail.securepaxful.com cache-control no-store, no-cache, must-revalidate cf-ray 63fd39a53a1bfafa-DUS cf-request-id 0972225b430000fafae534a000000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paxful (Crypto Exchange)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| zEWebpackACJsonp function| zE function| zEmbed function| initGeetest object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format object| webpackJsonp boolean| zEACLoaded function| $zopim

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mail.securepaxful.com/	1970-01-19 17:33:33	Name: paxful_session Value: eyJpdiI6Ik94WFQyRDR3bnVCdXhrMEZMcDFsZkE9PSIsInZhbHVlIjoiYnlId1FQa3VSN0hzXC9HaEN2T0VGSnpHRW5PYm8xTHAyOGFtRW55eDdCeVNLK1ExZEV4ZnJMRXFaRXk0K2ZQeTVmdDlyNWFPUDN5SlRHbVwvbXZUKzQ0Zz09IiwibWFjIjoiM2JjMzMyNjJkOWM5MzUwYzA4YTdmZmQxYTI3NzJlYjNmNTk4YTI1MzY1YWVmYmU5YTEyNzI2ZTAzYTY1NzU4NCJ9
			mail.securepaxful.com/	1970-01-19 17:33:33	Name: XSRF-TOKEN Value: eyJpdiI6Im91TE9jeDNGeVBKZm1lUldFVHBkdVE9PSIsInZhbHVlIjoiOGxMS04yTm9VZHBGRDg1ajVxd2VYdWxjdFFmcE04OWdzXC90Mks4dU55ZFVEMHMyZVwvbGNMandGZWgrYk5MRGdEWnNGb3AwSW9JWm13U21cL2FxMEZURnc9PSIsIm1hYyI6IjBjZWRjNTcxOWI4OGE2MmQ0MWI0MDZhNWRmNzBlMmRhNDE4OWRmZmY3ZTZlMzg3MTA1Y2RjMGY2MjQyMTlkNDkifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.paxful.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
mail.securepaxful.com
paxful.zendesk.com
static.zdassets.com
104.16.51.111
104.18.70.113
104.18.72.113
199.188.200.110
2606:4700::6811:3b3a
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
0f2867ef1c83506950c6ef62e69815d1af5e0d0665d4225660833a49144660e8
106500790586a52c7530b4b55bc56f56a92d3371e1d2f2ea4e487640e355c3bf
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1c901dcf4ac1c5e8b33920a96dda1330d268913b814e9df9ab6295f51732848c
247419253374924d63996b9d609528a408ffc8e32ca5fedc93b754a722443ca4
2d2d217b691ee9e4c0b9191d0f62858fd1d5c995c01b675d07887249c0c435bf
3cc93e2ff4589cd4f7db85d2373c7e0cf2780d60d0298258b027187fd011879c
3ce82e7522d4adb640a50c9a7cc86006cb5d8de2e93359e99b7953e791e1ba82
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4642d305e815aace4f0d2a713e9988fb4ddb3ccc79424a753da56d78a2ff950a
46507df31be7f6ab2091bc958ce8a32380b401660c81f8b5a568d0c0c1c23625
4a7b7af2c9988f5cef6bde3ca949993f937c2ebf122b67afc31947017010ddf8
4fe7c018ff531007abce7ae3cea84c3fd6e4e2651aa49cd1418cbf98ccb36887
51ac1255b3e991ea897c6a3fa4f652fffac4fb490e037fbfc21337fd8694ed04
5ff04c566e072040a366c4a8061b5030241ee76008d662668382df02452f472e
67e7792ff2ff166d7f8e7150f7905e1dca63ee6def6a82d959b712f51586e56d
72dc8123c5b3c53ee6cf7def02c1edfc88cf0c04517410b7464c643dc6d53c26
8d0720423a32be2b84ca745e9eff439f3988da5f5edd0d53a4d2c478fa9800f6
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
ab1d007da0116e6b40e736f016230394588ff155ae02a11d3ff713657f89fcde
c419f67bf0d7e6a80a54415afed2e62c546bc43f508cea73d574aa230687fcc3
c8d31e623c56bfa8b08f9a0d324173f1915b4c191a9d0f16daf93074d3f8b57a
d93fc3ff26df1f9d3a494896b8aa6c678acbba4a707ef40faed48f813077ca30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855