urlscan.io logo urlscan.io
SecurityTrails logo

nwrcdivayezdk6ztputrlw-on.drv.tw Open in urlscan Pro
47.254.94.70  Public Scan

Go To Rescan Add Verdict Report
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Submission Tags: phishing malicious Search All
Submission: On January 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 37 HTTP transactions. The main IP is 47.254.94.70, located in San Mateo, United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is nwrcdivayezdk6ztputrlw-on.drv.tw.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 5th 2020. Valid for: 3 months.
This is the only time nwrcdivayezdk6ztputrlw-on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 16 47.254.94.70 45102 (CNNIC-ALI...)
5 5 2a00:1450:400... 15169 (GOOGLE)
3 8 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
1 104.111.228.123 16625 (AKAMAI-AS)
2 104.108.34.200 16625 (AKAMAI-AS)
4 151.101.193.35 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 64.4.245.84 17012 (PAYPAL)
37 10
16    47.254.94.70 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
nwrcdivayezdk6ztputrlw-on.drv.tw
drv.tw
5    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
8    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-0c-cc-docs.googleusercontent.com
doc-04-cc-docs.googleusercontent.com
doc-0o-cc-docs.googleusercontent.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
1    104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com
www.paypalobjects.com
2    104.108.34.200 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-34-200.deploy.static.akamaitechnologies.com
t.paypal.com
4    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
Domain Requested by
12 nwrcdivayezdk6ztputrlw-on.drv.tw 5 redirects nwrcdivayezdk6ztputrlw-on.drv.tw
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
nwrcdivayezdk6ztputrlw-on.drv.tw
5 drive.google.com 5 redirects
4 www.googletagmanager.com drv.tw
4 c.paypal.com nwrcdivayezdk6ztputrlw-on.drv.tw
c.paypal.com
4 drv.tw nwrcdivayezdk6ztputrlw-on.drv.tw
4 doc-0o-cc-docs.googleusercontent.com 1 redirects nwrcdivayezdk6ztputrlw-on.drv.tw
3 docs.google.com 3 redirects
2 t.paypal.com nwrcdivayezdk6ztputrlw-on.drv.tw
2 doc-04-cc-docs.googleusercontent.com 1 redirects nwrcdivayezdk6ztputrlw-on.drv.tw
2 doc-0c-cc-docs.googleusercontent.com 1 redirects nwrcdivayezdk6ztputrlw-on.drv.tw
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.paypalobjects.com nwrcdivayezdk6ztputrlw-on.drv.tw
37 15

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
Subject Issuer Validity Valid
*.drv.tw
Let's Encrypt Authority X3		 2020-11-05 -
2021-02-03		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-13 -
2022-01-11		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-11-18 -
2021-11-22		 a year crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-06-24 -
2022-06-29		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA		 2020-03-13 -
2022-06-03		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Frame ID: 74CFD7B6B8840EB432641886B7A7FCDA
Requests: 18 HTTP requests in this frame

Frame: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
Frame ID: 7DEA6D76037176DCD237C6BACFF9C170
Requests: 5 HTTP requests in this frame

Frame: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
Frame ID: 4443929230BB71B668145468EBB118B9
Requests: 6 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: A449B61FE9FE9750E643CE6B0B08CFE8
Requests: 7 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3
Frame ID: FC8AEC7B957D44620137BB8CE8376E33
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

37
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

15
Subdomains

10
IPs

4
Countries

564 kB
Transfer

1026 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/pa.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84 HTTP 302
  • https://drive.google.com/uc?id=1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw HTTP 302
  • https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw HTTP 302
  • https://docs.google.com/nonceSigner?nonce=nr84n1cttft4m&continue=https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw&hash=f63a96ob86kov8beeh0l4ofis5lv5j39 HTTP 302
  • https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw?nonce=nr84n1cttft4m&user=15885649966393152522Z&hash=0n3tdvb86up5ddsudmrgdetb4gohmiae
Request Chain 2
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/tealeaf-ul-prod_domcap.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84 HTTP 302
  • https://drive.google.com/uc?id=1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy HTTP 302
  • https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy HTTP 302
  • https://docs.google.com/nonceSigner?nonce=83v6v0n3k0k6o&continue=https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy&hash=n0j9jo791vvnj8vb388kk2n16cga4elf HTTP 302
  • https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy?nonce=83v6v0n3k0k6o&user=15885649966393152522Z&hash=gelemqnpk1nsplehifsbg37oujpdro8v
Request Chain 3
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84 HTTP 302
  • https://drive.google.com/uc?id=1Pt0M6FIi0EepD_58fi_RU8095_D__jj2 HTTP 302
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2 HTTP 302
  • https://docs.google.com/nonceSigner?nonce=58vqh78puqe0o&continue=https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2&hash=m4p7j2qnvpaj6cgcesjj8qp3gqqd1rgp HTTP 302
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2?nonce=58vqh78puqe0o&user=15885649966393152522Z&hash=70erkna79sqtrqqtf59on1pvj9t29htn
Request Chain 4
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/w HTTP 302
  • https://drive.google.com/uc?id=1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3 HTTP 302
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/frg0oefevc9ta3ulb6qrbf43n2gld5rq/1611120075000/02582167529234199780/15885649966393152522Z/1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3
Request Chain 16
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84 HTTP 302
  • https://drive.google.com/uc?id=1Pt0M6FIi0EepD_58fi_RU8095_D__jj2 HTTP 302
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/5fde5vng74c5qdtb2skm5uo65va65db1/1611120150000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
Request Chain 34
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3 HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request paypal.html
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/ 		72 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2c3533e89ec77cab69d5bd82ca4fcf16638ff7aef4aed4fbd1da3cd25b967d76

Request headers

:method
GET
:authority
nwrcdivayezdk6ztputrlw-on.drv.tw
:scheme
https
:path
/yy/paypal.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Wed, 20 Jan 2021 05:22:24 GMT
content-type
text/html
last-modified
Sat, 15 Aug 2020 21:57:26 GMT
cache-control
public, max-age=604800
vary
Accept-Encoding
content-encoding
gzip
x-cache
BYPASS
set-cookie
uid=rBEPrmAHvhBe+Apxj4eaAg==; domain=.drv.tw; path=/
contextualLogin.css
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/contextualLogin.css
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4639830951d4d3f956e579d758079b0941f879ed63b2a9a10f1ea858bedd26a2

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2017 19:34:04 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
x-cache
BYPASS
content-type
text/css
cache-control
public, max-age=604800
1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw
doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/
Redirect Chain
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/pa.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
  • https://drive.google.com/uc?id=1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw
  • https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum...
  • https://docs.google.com/nonceSigner?nonce=nr84n1cttft4m&continue=https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120...
  • https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum...
34 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw?nonce=nr84n1cttft4m&user=15885649966393152522Z&hash=0n3tdvb86up5ddsudmrgdetb4gohmiae
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f57532babdb4626effc5887a4f01a20df5819d6039bb4448a44b3096ab1770db

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-Uw1a3b-4y5T7pPbbcvpKH3sr2X0Ou5Yr_XyOLcWTVKxjg4IGLunRzUwPrQhytCgW_JFMZcNutiEezlpTsnohHo
x-goog-hash
crc32c=el1QFg==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="pa.js._____";filename*=UTF-8''pa.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
content-type
application/octet-stream
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35129
expires
Wed, 20 Jan 2021 05:22:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:26 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-0c-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/9pq1qp4dnc8g36foc6bsl0n9k24s56p6/1611120075000/02582167529234199780/15885649966393152522Z/1bnkhhGeYpIdWum5e4LgV0EVx6Ox5WIuw?nonce=nr84n1cttft4m&user=15885649966393152522Z&hash=0n3tdvb86up5ddsudmrgdetb4gohmiae
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-wrfMFukPXjRHRt1XSG+O+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-wrfMFukPXjRHRt1XSG+O+w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy
doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/
Redirect Chain
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/tealeaf-ul-prod_domcap.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
  • https://drive.google.com/uc?id=1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy
  • https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2...
  • https://docs.google.com/nonceSigner?nonce=83v6v0n3k0k6o&continue=https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120...
  • https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2...
110 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy?nonce=83v6v0n3k0k6o&user=15885649966393152522Z&hash=gelemqnpk1nsplehifsbg37oujpdro8v
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-Uy1Ol-rFW27OHyvz899ucoWiXx5LM9UVEgGQo6lkLkZqC52Dkk5LgcjZT_AHHY230Dyf0k24FxPRs5Z5z2cLJ8
x-goog-hash
crc32c=vmDP2g==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="tealeaf-ul-prod_domcap.min.js._____";filename*=UTF-8''tealeaf-ul-prod_domcap.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
content-type
application/octet-stream
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112702
expires
Wed, 20 Jan 2021 05:22:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:26 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-04-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/62nabpn5bk35ve086uc4rp0ae25rsu0i/1611120075000/02582167529234199780/15885649966393152522Z/1VeWOooSCM-3dF2D1gGB8Rsnw5A4sJQcy?nonce=83v6v0n3k0k6o&user=15885649966393152522Z&hash=gelemqnpk1nsplehifsbg37oujpdro8v
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-nJ7OwqQKdFNFzUoCI0b9GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-nJ7OwqQKdFNFzUoCI0b9GA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/
Redirect Chain
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
  • https://drive.google.com/uc?id=1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_...
  • https://docs.google.com/nonceSigner?nonce=58vqh78puqe0o&continue=https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120...
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_...
57 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2?nonce=58vqh78puqe0o&user=15885649966393152522Z&hash=70erkna79sqtrqqtf59on1pvj9t29htn
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6c25542f4da7c95065ab378eb66d16551561827668543412bb2102d924125589

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UyAp11nyY47blc3j8EypyBZUaOjH8HehqltYABA9zOMWTD8gfkjxZDU7M9wgwSyYiVp7up0niFsc_pEwa69PfE
x-goog-hash
crc32c=2A6lGw==
p3p
CP="This is not a P3P policy! See http://www.google.com/support/accounts/answer/151657?hl=en for more info."
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="fb-all-prod.pp2.min.js._____";filename*=UTF-8''fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
content-type
application/octet-stream
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58520
expires
Wed, 20 Jan 2021 05:22:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:26 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/dq69evvkhs24st85imhp8d8ddq6r3ps5/1611120075000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2?nonce=58vqh78puqe0o&user=15885649966393152522Z&hash=70erkna79sqtrqqtf59on1pvj9t29htn
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-mlJAnwLIivm47Q0zmmxTPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentSignerHttp/cspreport;worker-src 'self', script-src 'nonce-mlJAnwLIivm47Q0zmmxTPA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentSignerHttp/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3
doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/frg0oefevc9ta3ulb6qrbf43n2gld5rq/1611120075000/02582167529234199780/15885649966393152522Z/
Redirect Chain
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/w
  • https://drive.google.com/uc?id=1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/frg0oefevc9ta3ulb6qrbf43n2gld5rq/1611120075000/02582167529234199780/15885649966393152522Z/1-Y2T5xrMKREOPH...
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/frg0oefevc9ta3ulb6qrbf43n2gld5rq/1611120075000/02582167529234199780/15885649966393152522Z/1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:28 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-UwnsI-LMQxgU3-J7EQQzX5DIEfhgufxoAaVFLMaQX-iz2fcRcXUfpLDsnKbF4W0PeF613acn0_lGprYBbPHNVw
x-goog-hash
crc32c=AAAAAA==
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="w";filename*=UTF-8''w
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Wed, 20 Jan 2021 05:22:28 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/frg0oefevc9ta3ulb6qrbf43n2gld5rq/1611120075000/02582167529234199780/15885649966393152522Z/1-Y2T5xrMKREOPH7cmrv-uzwHe9b8m_y3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-9LLN6Yts83kFcy2c0bKkWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
321
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
wd.js
drv.tw/inc/ 		365 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drv.tw/inc/wd.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
last-modified
Mon, 28 Dec 2020 05:44:07 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fe970a7-16d"
x-cache
BYPASS
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
365
expires
Thu, 21 Jan 2021 05:22:27 GMT
saved_resource.html
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/ Frame 7DEA 		203 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f3b5588b47cc61c28e3ef7b2db2eacd4149679be106b82bba6387940f6e5f745

Request headers

:method
GET
:authority
nwrcdivayezdk6ztputrlw-on.drv.tw
:scheme
https
:path
/yy/PayPal.indx_files/saved_resource.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=rBEPrmAHvhBe+Apxj4eaAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Wed, 20 Jan 2021 05:22:29 GMT
content-type
text/html
last-modified
Thu, 10 Aug 2017 19:34:05 GMT
cache-control
public, max-age=604800
vary
Accept-Encoding
content-encoding
gzip
x-cache
BYPASS
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/contextualLogin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/contextualLogin.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
16973
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
last-modified
Fri, 24 Oct 2014 22:52:57 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1929
server
Apache
expires
Wed, 20 Jan 2021 06:22:27 GMT
ts
t.paypal.com/ 		42 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.1.8&t=1611120147395&g=-60&e=im&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&tmpl=unifiedloginnodeweb%2Fpublic%2Ftemplates%2FcontextualLoginView%2Fsignin.dust&pgst=1502393538313&calc=ea0e8d2b38ebf&rsta=en_US&pgtf=Nodejs&s=ci&csci=9c4455a7866f47ceb1e635773eba4f8d&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&transition_name=process_ul_browser_render&fn_sync_enabled=Y&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=LOGIN_UL&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&view=%7B%22t10%22%3A548%2C%22t14%22%3A1611120141430%2C%22t11%22%3A5963%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=548&t1c=548&t1d=224&t1s=309&t2=2314&t3=148&t4d=0&t4=0&t4e=0&tt=0&teal=UhNQx82N0jLLERk8AyGsVt%252F2VIacqGQnPVTUZUuByY8q2Pm2u702MlaskgD2vnOvFor7XuQWz3nvkiNGbtnH7A5Gr8VCde%252BR_15dcda21709&res=%7B%22css%22%3A%7B%22t9%22%3A3037%2C%22t12%22%3A3037%2C%22t13%22%3A0%2C%22cnt%22%3A1%7D%2C%22scr%22%3A%7B%22t9%22%3A349.1%2C%22t12%22%3A349.1%2C%22t13%22%3A0%2C%22cnt%22%3A3%7D%7D
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.34.200 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-34-200.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jan 2021 05:22:27 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Wed, 20 Jan 2021 05:22:27 GMT
saved_resource(1).html
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/ Frame 4443 		297 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
72ccc81a8f4ec4f071543f39bd175c08dda1dfa9f3507c5dbecc5a53d0cd453d

Request headers

:method
GET
:authority
nwrcdivayezdk6ztputrlw-on.drv.tw
:scheme
https
:path
/yy/PayPal.indx_files/saved_resource(1).html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=rBEPrmAHvhBe+Apxj4eaAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Wed, 20 Jan 2021 05:22:29 GMT
content-type
text/html
last-modified
Thu, 10 Aug 2017 19:34:05 GMT
cache-control
public, max-age=604800
vary
Accept-Encoding
content-encoding
gzip
x-cache
BYPASS
i.html
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/ Frame A449 		2 KB
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55215eba4f95b5a6cca418009648fd1cf0a6a1b09206ca10a9dc85b72ebca3d8

Request headers

:method
GET
:authority
nwrcdivayezdk6ztputrlw-on.drv.tw
:scheme
https
:path
/yy/PayPal.indx_files/i.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=rBEPrmAHvhBe+Apxj4eaAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Wed, 20 Jan 2021 05:22:29 GMT
content-type
text/html
last-modified
Thu, 10 Aug 2017 19:34:05 GMT
cache-control
public, max-age=604800
vary
Accept-Encoding
content-encoding
gzip
x-cache
BYPASS
e
c.paypal.com/v1/r/d/b/ 		18 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=Uncaught%20ReferenceError%3A%20data%20is%20not%20defined20170807&ep=abh
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
ac376e6ab0ac6
x-timer
S1611120147.485873,VS0,VE164
x-served-by
cache-lhr7367-LHR, cache-ams21073-AMS
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
ac376e6ab0ac6
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
18
x-cache-hits
0, 0
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: drv.tw
URL: https://drv.tw/inc/wd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4b364e5a43aa7509a25beb8b4d87191bd907c6fa77bbb8c61bb4c1d1ee32bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38967
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jan 2021 05:22:27 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
175
date
Wed, 20 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 20 Jan 2021 07:19:32 GMT
collect
www.google-analytics.com/j/ 		2 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=945465437&t=pageview&_s=1&dl=https%3A%2F%2Fnwrcdivayezdk6ztputrlw-on.drv.tw%2Fyy%2Fpaypal.html&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPal%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1569846981&gjid=1480116859&cid=533680748.1611120148&tid=UA-85417367-1&_gid=155805007.1611120148&_r=1&gtm=2ou161&z=788417694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nwrcdivayezdk6ztputrlw-on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-85417367-1&cid=533680748.1611120148&jid=1569846981&gjid=1480116859&_gid=155805007.1611120148&_u=IEBAAUAAAAAAAC~&z=761374801
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jan 2021 05:22:27 GMT
content-type
text/plain
access-control-allow-origin
https://nwrcdivayezdk6ztputrlw-on.drv.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/5fde5vng74c5qdtb2skm5uo65va65db1/1611120150000/02582167529234199780/15885649966393152522Z/ Frame A449
Redirect Chain
  • https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
  • https://drive.google.com/uc?id=1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
  • https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/5fde5vng74c5qdtb2skm5uo65va65db1/1611120150000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_...
57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/5fde5vng74c5qdtb2skm5uo65va65db1/1611120150000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5e25cf6c1ba21d21a846e47c3f65a38738d604fed6b2cd1a51fe132fb5ac5ef9

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:31 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
x-guploader-uploadid
ABg5-Uy34e-EIc-iS2--S61UswsnTdGePJHFlBdEKTXugw3Ml0V_8P_XKoAJuOgjrIFTMYc3sStOhaFZw4uHyvtfuOk
x-goog-hash
crc32c=2A6lGw==
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
attachment;filename="fb-all-prod.pp2.min.js._____";filename*=UTF-8''fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58520
expires
Wed, 20 Jan 2021 05:22:31 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jan 2021 05:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://doc-0o-cc-docs.googleusercontent.com/docs/securesc/otaapfumd7ttlrqcbmqdn8h1rphd5qkc/5fde5vng74c5qdtb2skm5uo65va65db1/1611120150000/02582167529234199780/15885649966393152522Z/1Pt0M6FIi0EepD_58fi_RU8095_D__jj2
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-1Qawhl3gCr7a8prWBUBlDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
wd.js
drv.tw/inc/ Frame A449 		365 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drv.tw/inc/wd.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:29 GMT
last-modified
Mon, 28 Dec 2020 05:44:07 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fe970a7-16d"
x-cache
BYPASS
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
365
expires
Thu, 21 Jan 2021 05:22:29 GMT
wd.js
drv.tw/inc/ Frame 7DEA 		365 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drv.tw/inc/wd.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:29 GMT
last-modified
Mon, 28 Dec 2020 05:44:07 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fe970a7-16d"
x-cache
BYPASS
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
365
expires
Thu, 21 Jan 2021 05:22:29 GMT
counter.cgi
nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/ Frame 4443 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/counter.cgi
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:31 GMT
last-modified
Thu, 10 Aug 2017 19:34:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
0ByDanEJMcQKYMEZUTVR6eFNBVHhwU2xUQWpIMkxzekR2R2pzPQ
vary
Accept-Encoding
x-cache
BYPASS
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
42
wd.js
drv.tw/inc/ Frame 4443 		365 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drv.tw/inc/wd.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:29 GMT
last-modified
Mon, 28 Dec 2020 05:44:07 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5fe970a7-16d"
x-cache
BYPASS
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
365
expires
Thu, 21 Jan 2021 05:22:29 GMT
js
www.googletagmanager.com/gtag/ Frame 7DEA 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: drv.tw
URL: https://drv.tw/inc/wd.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4b364e5a43aa7509a25beb8b4d87191bd907c6fa77bbb8c61bb4c1d1ee32bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38967
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jan 2021 05:22:29 GMT
js
www.googletagmanager.com/gtag/ Frame 4443 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: drv.tw
URL: https://drv.tw/inc/wd.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4b364e5a43aa7509a25beb8b4d87191bd907c6fa77bbb8c61bb4c1d1ee32bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38967
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jan 2021 05:22:29 GMT
analytics.js
www.google-analytics.com/ Frame 4443 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
177
date
Wed, 20 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 20 Jan 2021 07:19:32 GMT
analytics.js
www.google-analytics.com/ Frame 7DEA 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
177
date
Wed, 20 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 20 Jan 2021 07:19:32 GMT
collect
www.google-analytics.com/ Frame 4443 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=2047464895&t=pageview&_s=1&dl=https%3A%2F%2Fnwrcdivayezdk6ztputrlw-on.drv.tw%2Fyy%2FPayPal.indx_files%2Fsaved_resource(1).html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAUAB~&jid=&gjid=&cid=533680748.1611120148&tid=UA-85417367-1&_gid=155805007.1611120148&gtm=2ou161&z=1743156725
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource(1).html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 11:59:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62609
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 7DEA 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=403284440&t=pageview&_s=1&dl=https%3A%2F%2Fnwrcdivayezdk6ztputrlw-on.drv.tw%2Fyy%2FPayPal.indx_files%2Fsaved_resource.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAUAB~&jid=&gjid=&cid=533680748.1611120148&tid=UA-85417367-1&_gid=155805007.1611120148&gtm=2ou161&z=1516361679
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 11:59:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62609
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame A449 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: drv.tw
URL: https://drv.tw/inc/wd.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4b364e5a43aa7509a25beb8b4d87191bd907c6fa77bbb8c61bb4c1d1ee32bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38967
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jan 2021 05:22:31 GMT
analytics.js
www.google-analytics.com/ Frame A449 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
179
date
Wed, 20 Jan 2021 05:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 20 Jan 2021 07:19:32 GMT
collect
www.google-analytics.com/ Frame A449 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=878736857&t=pageview&_s=1&dl=https%3A%2F%2Fnwrcdivayezdk6ztputrlw-on.drv.tw%2Fyy%2FPayPal.indx_files%2Fi.html&ul=en-us&de=windows-1252&dt=PayPal&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAUAB~&jid=&gjid=&cid=533680748.1611120148&tid=UA-85417367-1&_gid=155805007.1611120148&gtm=2ou161&z=108906448
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/i.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 11:59:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62611
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
challenge.js
nwrcdivayezdk6ztputrlw-on.drv.tw/auth/createchallenge/5777e24a3eb1d880/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nwrcdivayezdk6ztputrlw-on.drv.tw/auth/createchallenge/5777e24a3eb1d880/challenge.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.94.70 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
119935c3c8211af18cf3f1082f0544529c89d3019a9a9ed964efc93714b608a1

Request headers

Accept
application/json
Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:32 GMT
cache-control
public, max-age=604800
server
nginx/1.14.0 (Ubuntu)
content-encoding
gzip
content-type
text/html
fb-all-prod.pp2.min.js
c.paypal.com/webstatic/r/fb/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:32 GMT
via
1.1 varnish
age
610529
x-cache
HIT
content-encoding
gzip
content-length
18320
x-served-by
cache-ams21073-AMS
last-modified
Mon, 30 Sep 2019 18:09:04 GMT
server
Apache
x-timer
S1611120152.088642,VS0,VE2
vary
Accept-Encoding
content-type
application/x-javascript
expires
Thu, 21 Jan 2021 05:22:32 GMT
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
13857
e
c.paypal.com/v1/r/d/b/ 		18 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27length%27%20of%20undefined20170807&ep=abh
Requested by
Host: nwrcdivayezdk6ztputrlw-on.drv.tw
URL: https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/PayPal.indx_files/fb-all-prod.pp2.min.js.%D8%AA%D9%86%D8%B2%D9%8A%D9%84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 05:22:32 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
5c417155115ee
x-timer
S1611120152.090214,VS0,VE143
x-served-by
cache-lhr7373-LHR, cache-ams21073-AMS
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
5c417155115ee
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
18
x-cache-hits
0, 0
ts
t.paypal.com/ 		42 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.1.8&t=1611120152088&g=-60&e=im&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&tmpl=unifiedloginnodeweb%2Fpublic%2Ftemplates%2FcontextualLoginView%2Fsignin.dust&pgst=1502393538313&calc=ea0e8d2b38ebf&rsta=en_US&pgtf=Nodejs&s=ci&csci=9c4455a7866f47ceb1e635773eba4f8d&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&transition_name=process_ul_browser_render&fn_sync_enabled=Y&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=LOGIN_UL&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&teal=UhNQx82N0jLLERk8AyGsVt%252F2VIacqGQnPVTUZUuByY8q2Pm2u702MlaskgD2vnOvFor7XuQWz3nvkiNGbtnH7A5Gr8VCde%252BR_15dcda21709
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.34.200 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-34-200.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jan 2021 05:22:32 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Wed, 20 Jan 2021 05:22:32 GMT
counter2.cgi
dub.stats.paypal.com/v1/ Frame FC8A
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 05:22:32 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lOWNkM2FhYjkzZjA0OWQ1ODdhYTZiNDFiNTdlMmIxZCZpPTM3LjIzNy4yMDIuMTgmdD0xNTAyMzkzNTM4LjM3NyZhPTIxJnM9VU5JRklFRF9MT0dJTlCJX8I8L4gbiHWsuBoFMJVEylE3
Date
Wed, 20 Jan 2021 05:22:32 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
i
c.paypal.com/v1/r/d/ Frame A449 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
c.paypal.com
:scheme
https
:path
/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ts=vreXpYrS%3D1705728147%26vteXpYrS%3D1611121947%26vr%3D1e3e7c741770a276c224da6affffffff%26vt%3D1e3e7c741770a276c224da6afffffffe; ts_c=vr%3D1e3e7c741770a276c224da6affffffff%26vt%3D1e3e7c741770a276c224da6afffffffe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nwrcdivayezdk6ztputrlw-on.drv.tw/yy/paypal.html

Response headers

correlation-id
80fb31f1553d4
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
80fb31f1553d4
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Wed, 20 Jan 2021 05:22:32 GMT
age
88015
x-served-by
cache-lhr7348-LHR, cache-ams21073-AMS
x-cache
HIT, HIT
x-cache-hits
1056, 28
x-timer
S1611120152.131406,VS0,VE1
vary
Accept-Encoding
content-length
160

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ function| _classCallCheck function| _typeof function| _createClass number| HTTPOK string| HTTPGET string| HTTPPOST number| DEFAULT_XHR_TIMEOUT object| fpti string| fptiserverurl object| pako object| TLT function| AjaxRequest string| PP_SERVICE_URL string| BASE_SWF_URL string| BEACON_BASE_URL string| PP_IFRAME_JS_URL string| PP_NEW_SERVICE_URL string| PP_VERSION object| Configuration object| PFB_4732Config object| PFB_4732 object| dataCollector object| fp undefined| runFb function| initTsFb object| jstz function| SwfStore function| SlvtStore object| _0xa8fb function| _0xba8f object| d function| acdeebdff boolean| error function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.drv.tw/ Name: _gat_gtag_UA_85417367_1
Value: 1
.drv.tw/ Name: _ga
Value: GA1.2.533680748.1611120148
nwrcdivayezdk6ztputrlw-on.drv.tw/ Name: xppcts
Value: f04e8ec4da9c808c
.drv.tw/ Name: _gid
Value: GA1.2.155805007.1611120148
.drv.tw/ Name: uid
Value: rBEPrmAHvhBe+Apxj4eaAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
doc-04-cc-docs.googleusercontent.com
doc-0c-cc-docs.googleusercontent.com
doc-0o-cc-docs.googleusercontent.com
docs.google.com
drive.google.com
drv.tw
dub.stats.paypal.com
nwrcdivayezdk6ztputrlw-on.drv.tw
stats.g.doubleclick.net
t.paypal.com
www.google-analytics.com
www.googletagmanager.com
www.paypalobjects.com
104.108.34.200
104.111.228.123
151.101.193.35
2a00:1450:4001:801::2001
2a00:1450:4001:802::200e
2a00:1450:4001:806::200e
2a00:1450:4001:815::200e
2a00:1450:4001:816::2008
2a00:1450:4001:818::2008
2a00:1450:400c:c00::9b
47.254.94.70
64.4.245.84
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
119935c3c8211af18cf3f1082f0544529c89d3019a9a9ed964efc93714b608a1
22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466
2c3533e89ec77cab69d5bd82ca4fcf16638ff7aef4aed4fbd1da3cd25b967d76
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc
4639830951d4d3f956e579d758079b0941f879ed63b2a9a10f1ea858bedd26a2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
55215eba4f95b5a6cca418009648fd1cf0a6a1b09206ca10a9dc85b72ebca3d8
5e25cf6c1ba21d21a846e47c3f65a38738d604fed6b2cd1a51fe132fb5ac5ef9
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25542f4da7c95065ab378eb66d16551561827668543412bb2102d924125589
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72ccc81a8f4ec4f071543f39bd175c08dda1dfa9f3507c5dbecc5a53d0cd453d
7a4b364e5a43aa7509a25beb8b4d87191bd907c6fa77bbb8c61bb4c1d1ee32bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f3b5588b47cc61c28e3ef7b2db2eacd4149679be106b82bba6387940f6e5f745
f57532babdb4626effc5887a4f01a20df5819d6039bb4448a44b3096ab1770db