paypal-update.xyz Open in urlscan Pro
45.195.67.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paypal-update.xyz/hk/home
Submission Tags: @phishunt_io
Submission: On March 08 via api (March 8th 2021, 3:42:57 pm UTC) from ES

Summary HTTP 57 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 57 HTTP transactions. The main IP is 45.195.67.117, located in Hong Kong and belongs to HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK. The main domain is paypal-update.xyz.
TLS certificate: Issued by R3 on March 8th 2021. Valid for: 3 months.

This is the only time paypal-update.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
3	45.195.67.117 45.195.67.117	139640 (HKNEWCLOU...) (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED)
38	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
57	10

3 45.195.67.117 (Hong Kong)

ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK)

paypal-update.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	paypalobjects.com www.paypalobjects.com	630 KB
9	youtube-nocookie.com www.youtube-nocookie.com	679 KB
3	paypal-update.xyz paypal-update.xyz	143 KB
2	paypal.com t.paypal.com	1 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	17 KB
1	ytimg.com i.ytimg.com	6 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	6 KB
57	8

	Domain	Requested by
38	www.paypalobjects.com	paypal-update.xyz www.paypalobjects.com
9	www.youtube-nocookie.com	paypal-update.xyz www.youtube-nocookie.com
3	paypal-update.xyz	paypal-update.xyz
2	t.paypal.com
1	www.gstatic.com	www.youtube-nocookie.com
1	i.ytimg.com	www.youtube-nocookie.com
1	yt3.ggpht.com	www.youtube-nocookie.com
1	www.google.com	www.youtube-nocookie.com
1	fonts.gstatic.com	www.youtube-nocookie.com
57	9

This site contains links to these domains. Also see Links.

Domain
www.hktvmall.com
www.cathaypacific.com
www.ebay.com.hk
www.mydress.com
store.steampowered.com
www.spotify.com
global.gmarket.co.kr
buyee.jp
developer.paypal.com

Subject Issuer	Validity	Valid
paypal-update.xyz R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-13` - `2022-01-11`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://paypal-update.xyz/hk/home
Frame ID: 1BE535FFFE424772961CF801FC58A554
Requests: 44 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
Frame ID: 29868A13C602FC75F19A11AE4C24BBF7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

57
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

1485 kB
Transfer

3314 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hktvmall.com/
Title: HKTV mall

Search URL Search Domain Scan URL

URL: https://www.cathaypacific.com/cx/en_HK.html
Title: Cathay Pacific

Search URL Search Domain Scan URL

URL: http://www.ebay.com.hk/
Title: Ebay

Search URL Search Domain Scan URL

URL: http://www.mydress.com/
Title: MyDress

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/
Title: Steam

Search URL Search Domain Scan URL

URL: https://www.spotify.com/hk-en/
Title: Spotify

Search URL Search Domain Scan URL

URL: http://global.gmarket.co.kr/Home/Main
Title: Gmarket

Search URL Search Domain Scan URL

URL: http://buyee.jp/
Title: Buyee

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/
Title: Developers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set home Show response
paypal-update.xyz/hk/ 48 KB
51 KB 2009ms
1149ms Document
text/html 45.195.67.117
HKNEWCLOUD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal-update.xyz/hk/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.195.67.117 , Hong Kong, ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK),

Reverse DNS

Software

openresty/1.19.3.1 /

Resource Hash

5007d639ed142854dbc1b4069e9be00a40b043e6ae88629b64a1ed9ab16d22e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://.qualtrics.com; script-src 'nonce-+yo2Wponc/ZbpCh1bKrTawobE4aZHye2nO+ZDfbjYMO0vq/z' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.dialogtech.com https://.qualtrics.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: paypal-update.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: openresty/1.19.3.1
Date: Mon, 08 Mar 2021 15:42:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Content-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.brighttalk.com https://*.paypal.com https://*.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://*.qualtrics.com; script-src 'nonce-+yo2Wponc/ZbpCh1bKrTawobE4aZHye2nO+ZDfbjYMO0vq/z' 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com https://*.salesforce.com https://*.force.com https://*.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://*.brighttalk.com https://*.dialogtech.com https://*.qualtrics.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com https://*.salesforce.com https://*.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-ancestors 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Etag: W/"bcc5-uqa0wtPHh7AEr6/091+89sNJTWY"
Paypal-Debug-Id: 95b8610cf5fc3
Set-Cookie: enforce_policy=; Domain=.paypal-update.xyz; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure; SameSite=None cookie_check=yes; Max-Age=315532799; Domain=.paypal-update.xyz; Path=/; Expires=Sat, 08 Mar 2031 15:42:34 GMT; HttpOnly; Secure; SameSite=None LANG=en_GB%3BHK; Max-Age=31556; Domain=.paypal-update.xyz; Path=/; Expires=Tue, 09 Mar 2021 00:28:31 GMT; HttpOnly; Secure; SameSite=None tsrce=mppnodeweb; Max-Age=259199; Domain=.paypal-update.xyz; Path=/; Expires=Thu, 11 Mar 2021 15:42:34 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxNTIxODE1NTc5MSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal-update.xyz; Path=/; HttpOnly; Secure; SameSite=None nsid=s%3Ab6ZDoyJ1efsLW_v_tEWuLVnMOiKMx-BW.p08AJkfuCFdhx7iKr%2BNLjaYqIgoYEDt5KasjVYxFgEc; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg02.phx; Path=/; Domain=paypal-update.xyz; Expires=Mon, 08 Mar 2021 16:12:35 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1709912555%26vteXpYrS%3D1615219955%26vr%3D1281201c1780a4cca51a0cecfee38d92%26vt%3D1281201c1780a4cca51a0cecfee38d91%26vtyp%3Dnew; Path=/; Domain=paypal-update.xyz; Expires=Thu, 07 Mar 2024 15:42:35 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D1281201c1780a4cca51a0cecfee38d92%26vt%3D1281201c1780a4cca51a0cecfee38d91; Path=/; Domain=paypal-update.xyz; Expires=Thu, 07 Mar 2024 15:42:35 GMT; Secure; SameSite=None x-cdn=fastly:HND; Domain=paypal-update.xyz; Path=/; Secure
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
DC: phx-origin-www-3.paypal.com
Accept-Ranges: bytes
Via: 1.1 varnish, 1.1 varnish
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Served-By: cache-sjc10055-SJC, cache-hnd18736-HND
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1615218155.426322,VS0,VE457
Vary: Accept-Encoding

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 300ms
33ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18348
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 PayPalSansBig-Light.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ 18 KB
18 KB 312ms
45ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18388
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H/1.1 200
OK jquery.min.js Show response
paypal-update.xyz/ 87 KB
88 KB 522ms
288ms Script
application/javascript 45.195.67.117
HKNEWCLOUD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-update.xyz/jquery.min.js
Requested by: Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.195.67.117 , Hong Kong, ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://paypal-update.xyz/hk/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 15:42:35 GMT
Last-Modified: Mon, 08 Mar 2021 10:43:59 GMT
Server: openresty/1.19.3.1
ETag: "6045ffef-15d84"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89476

GET
H2 200 fef3789bff1fac6ca5cc3930311503e3ce8077.css
www.paypalobjects.com/marketing-resources/css/44/ 135 KB
26 KB 299ms
32ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ed2249e83fa33af5432a990cdad080fc25fa673d8a29447f0debdb10ca18221e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:14:13 GMT
etag: W/"5f7654b5-21d0e"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: text/css
paypal-debug-id: eaf48c12a6378
cache-control: max-age=3600
strict-transport-security: max-age=31536000
dc: slc-b-origin-www-3.paypal.com
content-length: 26353
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 41b14ca4a6ddac0653a486322ef151c75430eb.css
www.paypalobjects.com/marketing-resources/css/d9/ 15 KB
4 KB 316ms
49ms Stylesheet
text/css 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba6bffcc76a1b34bb7374b68487348c30891a1f27607543131fb9be8983b3733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:14:13 GMT
etag: W/"5f7654b5-3d48"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: text/css
paypal-debug-id: dadbdecbc48fb
cache-control: max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 3481
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 bag-green-icon.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/ 751 B
1000 B 30ms
30ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/bag-green-icon.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

5fbca6c2ec25a2e8617de79d92d17e6a91265fe4ab800412abbe9ae7dfcc1d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 01:42:59 GMT
server: Akamai Image Manager
etag: "qNjTr3Jy632ivn7TdYZETp+DssB3OSpAaNem2Nu8+Eg"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 751
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 van-orange-icon.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/ 776 B
1 KB 28ms
27ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/van-orange-icon.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9ed58b47334f8edb64df1df088e7ff6186894234dcdec247abe5726fa8133e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 300
etag: "CeZdHTjSfKeXw5ehJFfRZ9nyUbxKuo2os4JpU4f1Uxs"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 22 Nov 2020 23:24:58 GMT
content-length: 776
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 icon-cards-pink.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/ 638 B
917 B 31ms
30ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/icon-cards-pink.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

be8d3289657ca1b68bcc1c8a716df611d0362ed242ae428da1740a3173cbec65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 2003
etag: "h5FxZK+ANlrsZurRkeY4XcDLm1g6hsnTFSHhX6YFp9A"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 01:39:22 GMT
content-length: 638
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 convenient-blue-icon.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/ 913 B
1 KB 31ms
30ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/icon/convenient-blue-icon.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a3070bcd8d6fa3c0188b438d5e57314327bbbcab2259dff10f3a72b4f1fc9c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1863
etag: "QKlZXXIaQC3ZieF65XfMiRMpDTKhsoq0fyzRgEOG1RU"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Thu, 28 Jan 2021 01:54:18 GMT
content-length: 913
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 step-paypal-btn.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/ 2 KB
2 KB 45ms
38ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/step-paypal-btn.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9596c492de603894a76ab0c6917dae9777111774184b7514e56ba2413a75add7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 02:08:41 GMT
server: Akamai Image Manager
etag: "FTrwApwZR70m235Uc2l+PfJJcBMlzMiksgQxbwh0/UY"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 2108
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 step-login.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/ 1 KB
2 KB 56ms
50ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/step-login.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9c8f2cbb31648a3edd87362fe01d8c5fabb285d7b2edfdac40bf0c0bdfa31cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1997
etag: "n7BbIIpbqUZZvDJg4PFALaI/p8+wVD3CSad3lNRQu0A"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 01:38:21 GMT
content-length: 1488
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 step-purchase.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/ 2 KB
2 KB 40ms
34ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/home/steps/step-purchase.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2d096ac468a75094fcdabf23913e20fe5309c174b413746d0d5436f88ead7831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 54
etag: "OTpyCsG9dhdYR7tAOb7t9dogmHEVJxvXqqRJYvf2+jk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 19 Feb 2021 04:23:34 GMT
content-length: 2044
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 hktv-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 2 KB
3 KB 57ms
51ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/hktv-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e96d3a6dfe0c36c277b59b0ae2e8f761fb69d544d499354aeca2913bef40a7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 599
etag: "QqNxSFtsccjchV3U6haNtECqwlK8MhYulpRGIdIMklw"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 01:38:53 GMT
content-length: 2278
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 cathay-pacific-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 1 KB
2 KB 51ms
45ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/cathay-pacific-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e814ee25ae613e722f2959d1df9e2cdb6e24229f80fe118e6e9b6e70d5f021cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 07 Feb 2021 00:41:48 GMT
server: Akamai Image Manager
etag: "inOzhiU8phKeieK4wTN4N300Ev4Qlug/ep4NdJ1XxY0"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1412
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 ebay-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 2 KB
2 KB 52ms
45ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ebay-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9b064f0c29bf41de5df26d913a2ac04910f916b617336b7166a18fa043ba219d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 01:38:21 GMT
server: Akamai Image Manager
etag: "L+J6vsQFzVSRmO6FBQgqp06sQGe+eVd5OoXxHkIJJKo"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 2282
expires: Tue, 09 Mar 2021 03:42:36 GMT

GET
H2 200 mydress-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 2 KB
2 KB 57ms
50ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/mydress-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8c2bbed11f1c25a93310acfa37abd6abc1c7879d4c83305ba94cefa310f1f558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 08:46:03 GMT
server: Akamai Image Manager
etag: "GoG/xzcXQnXIdt6MZkfO0iXwhUdJaYVbsIMiTnz+WJ4"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1574
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 steam-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 1 KB
1 KB 61ms
55ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/steam-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f5cd5c5d0e2b385d720d50d4d1de286527fbed725d8c460bf2b716cfdea59688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 741
etag: "PzLoQntE2R4ek8nzJMQGH+gRAIxUEz5DDY8ati2fP0I"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 02:16:48 GMT
content-length: 1066
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 spotify-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 1 KB
2 KB 60ms
54ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/spotify-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b2a34098cf525f4dac3af766341349f75e98ac5828a90974a73fbf026a5c4e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 434
etag: "Zbsn0Lpz8nsPmAiZI5AzHdaAL1+d5m0/aKHZ7cJiknk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 01:50:18 GMT
content-length: 1476
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 gmarket-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 3 KB
4 KB 68ms
62ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/gmarket-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

50fa36ced9fe5dd410498109ceba229b84325c127bfd2c12f8a0faf5c2ac50a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 305
etag: "fPse6m5Oh/goNXtnpFJvCcOrtQ77KWt1UEXVOKmMMkQ"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Thu, 04 Feb 2021 13:56:12 GMT
content-length: 3440
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 buyee-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 3 KB
3 KB 68ms
63ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/buyee-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

eb4a62236976f44693167cf2d6b23a559c04e95873ac7d56c4dcb39b6637be49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 14:43:11 GMT
server: Akamai Image Manager
etag: "509AVbeh/KI6c5E87nnCxPamqt7qWslgHWu35rM1NHA"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 2714
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 home_n1_1x.jpg
www.paypalobjects.com/webstatic/en_PH/mktg/wright/home/ 12 KB
12 KB 67ms
61ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/en_PH/mktg/wright/home/home_n1_1x.jpg

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

513ac3fcd68a87c628d333db033b61075f2c48902d2d599a79c9961bab638e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:49:23 GMT
server: Akamai Image Manager
etag: "/yW0P1GZgXUqbGD/pbHM+ZuQry3Kf7JLp6sUV4rCOdU"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 12404
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 visa-logo-white.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 1 KB
1 KB 75ms
70ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/visa-logo-white.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

6b84b42f6bcf2a93ad51f905d38983e343cd50442b5a3e708e12c0db3edb1ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Dec 2020 04:49:32 GMT
server: Akamai Image Manager
etag: "Vxxaxyeywk6HkG4GRwDcbDtYD6uKyuFnJKtf27JEkSk"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1176
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 mastercard-logo-bw.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 3 KB
3 KB 75ms
70ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/mastercard-logo-bw.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3223b68f2e30b3f7191fd3f17c8cb6605cbfd6af6a552c0dab566e3712af46cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 271
etag: "27KP6hQJrLUoOOzNmDSqXboRD2tuR8oovf45RK8a+/c"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 22 Feb 2021 06:20:37 GMT
content-length: 3212
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 american-express-white.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 952 B
1 KB 79ms
74ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/american-express-white.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7cdb3c3c470d7a60dbe26269662332884f3a92115e782066f520b746cf8901ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1517
etag: "g9hTMBm1Az8KY1gwrQUxa7soTsPZ11znq7DWIpqH1Nc"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 01:40:49 GMT
content-length: 952
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 discover_bw-logo.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/ 1 KB
1 KB 88ms
84ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/hk/optimized/logo/discover_bw-logo.png

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

403d3721ba7eb87f4726a4db5b50899583eaa5af88ce9accd7e7685f5274ed1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Dec 2020 21:17:30 GMT
server: Akamai Image Manager
etag: "jtbrWmzvFMQc0rzLl2lCFUxNN3Kv9hEQ4kIyTy7x8QI"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1090
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 301df828c1f704f838dd3fa1891441ac4a20b5.js Show response
www.paypalobjects.com/marketing-resources/js/98/ 143 KB
47 KB 39ms
39ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/98/301df828c1f704f838dd3fa1891441ac4a20b5.js

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

d360a4c1edc5e5d232a823ae51edd2ee15255c82a359f9d6ea40f0b3f577c5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:14:25 GMT
etag: W/"5f7654c1-23a7a"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 6756f20a954df
cache-control: max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-3.paypal.com
content-length: 47281
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 2d850648cc754f04b71b636b19cb430dcc5fe8.js Show response
www.paypalobjects.com/marketing-resources/js/47/ 9 KB
3 KB 34ms
33ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/marketing-resources/js/47/2d850648cc754f04b71b636b19cb430dcc5fe8.js

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f5c40b2851c13aab412478237697ca63c90925060c28e3895d2344f838878310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 14:41:22 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 3283
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 bs-chunk.js Show response
www.paypalobjects.com/tagmgmt/ 19 B
292 B 78ms
73ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/tagmgmt/bs-chunk.js

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Nov 2019 01:44:09 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
content-length: 19
expires: Mon, 08 Mar 2021 16:42:37 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 52 KB
20 KB 30ms
30ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: cb4fa6c43183
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 20130
last-modified: Thu, 18 Feb 2021 06:57:36 GMT
etag: W/"602e0fe0-cfcb"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: x-csrf-token
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 marketingIntentsV2.js Show response
www.paypalobjects.com/activation/js/ 554 B
666 B 77ms
74ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/activation/js/marketingIntentsV2.js

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal-update.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
etag: W/"60271561-22a"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 1e4c4b7a33c09
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 365
expires: Tue, 09 Mar 2021 15:42:37 GMT

GET
H/1.1 200
OK pes.js Show response
paypal-update.xyz/ 4 KB
5 KB 269ms
239ms Script
application/javascript 45.195.67.117
HKNEWCLOUD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal-update.xyz/pes.js
Requested by: Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.195.67.117 , Hong Kong, ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 12b953ecf4d1defd1438df6b42229e9e4dd3ac2f3dcfce27ba9c63951d72cbfd

Request headers

Referer: https://paypal-update.xyz/hk/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Mar 2021 15:42:35 GMT
Last-Modified: Mon, 08 Mar 2021 11:08:30 GMT
Server: openresty/1.19.3.1
ETag: "604605ae-1185"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4485

GET
H2 200 e2h_ZeSxZ2U Show response
www.youtube-nocookie.com/embed/ Frame 2986 50 KB
21 KB 57ms
53ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1

Requested by

Host: paypal-update.xyz
URL: https://paypal-update.xyz/hk/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34bc1d5ae867534eb528a1f8cefcf98417d60b7c5cb547672a36107813a39ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paypal-update.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paypal-update.xyz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 08 Mar 2021 15:42:37 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+762; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ppcom-white.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ 5 KB
2 KB 76ms
75ms Image
image/svg+xml 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom-white.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Mar 2015 01:00:01 GMT
cache-control: max-age=3600
etag: W/"550cc291-1445"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
paypal-debug-id: 4dd2e6e0d32b
strict-transport-security: max-age=31536000
dc: slc-b-origin-www-1.paypal.com
content-length: 1988
expires: Mon, 08 Mar 2021 16:42:37 GMT

GET
H2 200 personal-home-upper-funnel-p2-krhk.jpg
www.paypalobjects.com/digitalassets/c/website/marketing/apac/shared/upper-funnel-phase2/ 72 KB
72 KB 102ms
99ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/shared/upper-funnel-phase2/personal-home-upper-funnel-p2-krhk.jpg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3e94be18aba681e8586479916aeac6dbf065cb94291f911405412ee892e9bf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1531
etag: "FR91dBtNkS9xtAqbw7F8TDuo+sb7jOHkHBO+0gUdnWg"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 07 Feb 2021 17:42:01 GMT
content-length: 73236
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 editorial-automated-payments.jpg
www.paypalobjects.com/digitalassets/c/website/marketing/apac/shared/home/optimized/ 97 KB
97 KB 83ms
83ms Image
image/jpeg 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/shared/home/optimized/editorial-automated-payments.jpg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ed09222b1e896548277f58d9842b6eb0e0e0ab062df7eb6c63e5c2f0b3b5b285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 01:28:38 GMT
server: Akamai Image Manager
etag: "r7jcNr4iukabHQEcJ0dYjx5xxMbFjAwUPaTp5U9e50I"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: private, no-transform, max-age=43200
content-length: 99071
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 994cecff0e6c4728f23d55b697d65e23dfea6d902ba8386400fa241989215b08

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sprite_countries_flag5.png
www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/global/country-worldwide/ 25 KB
25 KB 78ms
77ms Image
image/png 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/global/shared/global/country-worldwide/sprite_countries_flag5.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

dd8d04423e8f925ae8d5b47567e78ce92df2b95b30034cdc764676355fc65296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 2040
etag: "ABY5qBI76DhFceTBs9ucLL/O9fGTUWr511lOdOMelVI"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Mon, 01 Mar 2021 01:47:34 GMT
content-length: 25183
server: Akamai Image Manager
expires: Tue, 09 Mar 2021 03:42:37 GMT

GET
H2 200 PayPalSansBig-Medium.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 50 KB
50 KB 23ms
23ms Font
font/woff 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Medium.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba20c92df54a4333cc16983eb8c0043e0ea8781319e03edcf6d5093cd109cf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2015 05:09:04 GMT
cache-control: public, max-age=3600
etag: "560b6e70-c76b"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
paypal-debug-id: 7cc119eefa9ee
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-3.paypal.com
content-length: 51051
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 2F7DFA_7_0.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/Dharma-Gothic-Expanded/webfonts/ 57 KB
58 KB 45ms
44ms Font
font/woff 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/mktg/2014design/font/Dharma-Gothic-Expanded/webfonts/2F7DFA_7_0.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

059ff46da1a7fe0c3943538e734fa4f3867b126632a565d67e23e4d16fd3d452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://www.paypalobjects.com/marketing-resources/css/d9/41b14ca4a6ddac0653a486322ef151c75430eb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2015 03:39:15 GMT
cache-control: max-age=3600
etag: "5629abe3-e4a5"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
paypal-debug-id: 4ed3ecfd34049
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 58533
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 PayPalSansSmall-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 46 KB
46 KB 35ms
35ms Font
font/woff 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2015 05:09:04 GMT
cache-control: public, max-age=3600
etag: "560b6e70-b66f"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
paypal-debug-id: 5c262e7fb56e0
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: slc-b-origin-www-1.paypal.com
content-length: 46703
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 46 KB
47 KB 36ms
35ms Font
font/woff 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2015 05:09:04 GMT
cache-control: max-age=3600
etag: "560b6e70-b8eb"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
paypal-debug-id: ff23e7beab590
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: phx-origin-www-2.paypal.com
content-length: 47339
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H2 200 PayPalSansBig-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 48 KB
48 KB 50ms
50ms Font
application/x-font-woff 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://paypal-update.xyz
Referer: https://www.paypalobjects.com/marketing-resources/css/44/fef3789bff1fac6ca5cc3930311503e3ce8077.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:36 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2015 05:09:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 49115
expires: Mon, 08 Mar 2021 16:42:36 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube-nocookie.com/s/player/a09205f7/ Frame 2986 340 KB
51 KB 42ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 308670
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:58:07 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/a09205f7/www-embed-player.vflset/ Frame 2986 159 KB
58 KB 47ms
29ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 309051
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58950
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:51:46 GMT

GET
H3-Q050 200 base.js Show response
www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame 2986 2 MB
504 KB 51ms
34ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 308637
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516112
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:58:40 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/a09205f7/fetch-polyfill.vflset/ Frame 2986 8 KB
3 KB 50ms
33ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 309051
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:51:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2986 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube-nocookie.com
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 331272
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame 2986 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 308613
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32688
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:59:04 GMT

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
www.google.com/js/bg/ Frame 2986 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 14042
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Tue, 08 Mar 2022 11:48:35 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame 2986 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 308634
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9666
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:58:43 GMT

GET
DATA 200
OK truncated
/ Frame 2986 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwniap-DMvM-BiJHMjyJ9TTQBdH7UkbxETN6JTE1q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2986 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwniap-DMvM-BiJHMjyJ9TTQBdH7UkbxETN6JTE1q=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1cf713f25289f8b096177cb8cfe19110f3a0c7b874cfcc1fbf49f325f1593726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 14:12:56 GMT
x-content-type-options: nosniff
age: 5381
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2112
x-xss-protection: 0
server: fife
etag: "v30"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Mar 2021 14:12:56 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/e2h_ZeSxZ2U/ Frame 2986 6 KB
6 KB 30ms
6ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/e2h_ZeSxZ2U/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b387fdf1473d3588c81b997e35d55ec65a9da2ab8de5ee700dde8285ae4be13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 14:41:03 GMT
x-content-type-options: nosniff
server: sffe
age: 3694
etag: "1467946164"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6038
x-xss-protection: 0
expires: Mon, 08 Mar 2021 16:41:03 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2986 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 08 Mar 2021 15:42:37 GMT

GET
H3-Q050 204 generate_204
www.youtube-nocookie.com/ Frame 2986 0
38 B 18ms
6ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?8rYqZw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 15:42:37 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ts
t.paypal.com/ 42 B
705 B 210ms
177ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1615218158006&g=-60&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=95b8610cf5fc3&nsid=b6ZDoyJ1efsLW_v_tEWuLVnMOiKMx-BW&rsta=en_HK&pgtf=Nodejs&env=live&s=ci&ccpg=hk&csci=296a01c4286a45018b728d36a1120067&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&xe=102471%2C102472&xt=109173%2C109175&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.dust&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=1&lgcook=0&e=im&cdn=fastly&imsrc=setup&view=%7B%22t10%22%3A861%2C%22t11%22%3A3740%2C%22tcp%22%3A3093%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A323%7D&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=861&t1c=861&t1d=374&t1s=472&t2=1149&t3=341&t4d=1280&t4=1304&t4e=24&tt=3416&rdc=0&res=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://paypal-update.xyz/hk/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 15:42:38 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1615218158.048394,VS0,VE158
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slcb.slc
expires: Mon, 08 Mar 2021 15:42:38 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4058-HHN, cache-ams21074-AMS

GET
H2 200 ts
t.paypal.com/ 42 B
431 B 170ms
170ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.30&t=1615218158193&g=-60&e=err&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&comp=mppnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://paypal-update.xyz/hk/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Mar 2021 15:42:38 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1615218158.203034,VS0,VE153
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slcb.slc
expires: Mon, 08 Mar 2021 15:42:38 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11526-HHN, cache-ams21074-AMS

POST
H2 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 2986 28 B
197 B 16ms
16ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/e2h_ZeSxZ2U?rel=0&autoplay=0&autohide=2&border=0&wmode=opaque&showinfo=0&hd=1&playsinline=1&enablejsapi=1&modestbranding=1
X-YouTube-Client-Version: 1.20210304.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtkamRmTTlaZHFpOCjsi5mCBg%3D%3D
X-YouTube-Ad-Signals: dt=1615218157303&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C644%2C362&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 08 Mar 2021 15:42:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 08 Mar 2021 15:42:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal-update.xyz/	1970-01-20 18:57:06	Name: ts_c Value: vr%3D1281201c1780a4cca51a0cecfee38d92%26vt%3D1281201c1780a4cca51a0cecfee38d91
.paypal-update.xyz/	1970-01-20 18:57:06	Name: ts Value: vreXpYrS%3D1709912555%26vteXpYrS%3D1615219955%26vr%3D1281201c1780a4cca51a0cecfee38d92%26vt%3D1281201c1780a4cca51a0cecfee38d91%26vtyp%3Dnew
.paypal-update.xyz/	1970-01-19 16:44:37	Name: tsrce Value: mppnodeweb
.paypal-update.xyz/	1970-01-19 16:40:19	Name: l7_az Value: dcg02.phx
.paypal-update.xyz/	1970-01-23 08:19:10	Name: cookie_check Value: yes
.paypal-update.xyz/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYxNTIxODE1NTc5MSIsImwiOiIwIiwibSI6IjAifQ
.paypal-update.xyz/	1970-01-19 16:40:49	Name: LANG Value: en_GB%3BHK
.paypal-update.xyz/	1969-12-31 23:59:59	Name: x-cdn Value: fastly:HND
paypal-update.xyz/	1969-12-31 23:59:59	Name: nsid Value: s%3Ab6ZDoyJ1efsLW_v_tEWuLVnMOiKMx-BW.p08AJkfuCFdhx7iKr%2BNLjaYqIgoYEDt5KasjVYxFgEc

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://paypal-update.xyz/hk/home(Line 355) Message: %c WARNING!!! color:#FF8F1C; font-size:40px;
console-api	log	URL: https://paypal-update.xyz/hk/home(Line 356) Message: %c This browser feature is for developers only. Please do not copy-paste any code or run any scripts here. It may cause your PayPal account to be compromised. color:#003087; font-size:12px;
console-api	log	URL: https://paypal-update.xyz/hk/home(Line 357) Message: %c For more information, http://en.wikipedia.org/wiki/Self-XSS color:#003087; font-size:12px;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.brighttalk.com https://.paypal.com https://.paypalobjects.com https://www.youtube-nocookie.com https://www.xoom.com https://www.wootag.com https://.qualtrics.com; script-src 'nonce-+yo2Wponc/ZbpCh1bKrTawobE4aZHye2nO+ZDfbjYMO0vq/z' 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://nominatim.openstreetmap.org https://.paypal.com https://.paypalobjects.com https://.google-analytics.com https://.salesforce.com https://.force.com https://.eloqua.com https://nexus.ensighten.com https://api.paypal-retaillocator.com https://.brighttalk.com https://.dialogtech.com https://.qualtrics.com; style-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com https://assets-cdn.s-xoom.com data:; img-src 'self' https: data:; form-action 'self' https://.paypal.com https://.salesforce.com https://.eloqua.com https://secure.opinionlab.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-ancestors 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
i.ytimg.com
paypal-update.xyz
t.paypal.com
www.google.com
www.gstatic.com
www.paypalobjects.com
www.youtube-nocookie.com
yt3.ggpht.com
104.111.228.123
151.101.1.35
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2004
45.195.67.117
059ff46da1a7fe0c3943538e734fa4f3867b126632a565d67e23e4d16fd3d452
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3
0eb22afbab03bbbd8a47d4fc5361ff7518a77273e99fd0b73e235c93dd6ea7aa
12b953ecf4d1defd1438df6b42229e9e4dd3ac2f3dcfce27ba9c63951d72cbfd
1cf713f25289f8b096177cb8cfe19110f3a0c7b874cfcc1fbf49f325f1593726
2d096ac468a75094fcdabf23913e20fe5309c174b413746d0d5436f88ead7831
3223b68f2e30b3f7191fd3f17c8cb6605cbfd6af6a552c0dab566e3712af46cf
34bc1d5ae867534eb528a1f8cefcf98417d60b7c5cb547672a36107813a39ec8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e94be18aba681e8586479916aeac6dbf065cb94291f911405412ee892e9bf30
403d3721ba7eb87f4726a4db5b50899583eaa5af88ce9accd7e7685f5274ed1d
46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80
4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
5007d639ed142854dbc1b4069e9be00a40b043e6ae88629b64a1ed9ab16d22e3
50fa36ced9fe5dd410498109ceba229b84325c127bfd2c12f8a0faf5c2ac50a4
513ac3fcd68a87c628d333db033b61075f2c48902d2d599a79c9961bab638e53
575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476
5fbca6c2ec25a2e8617de79d92d17e6a91265fe4ab800412abbe9ae7dfcc1d31
60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b84b42f6bcf2a93ad51f905d38983e343cd50442b5a3e708e12c0db3edb1ce8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7cdb3c3c470d7a60dbe26269662332884f3a92115e782066f520b746cf8901ec
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
8c2bbed11f1c25a93310acfa37abd6abc1c7879d4c83305ba94cefa310f1f558
9596c492de603894a76ab0c6917dae9777111774184b7514e56ba2413a75add7
994cecff0e6c4728f23d55b697d65e23dfea6d902ba8386400fa241989215b08
9b064f0c29bf41de5df26d913a2ac04910f916b617336b7166a18fa043ba219d
9c8f2cbb31648a3edd87362fe01d8c5fabb285d7b2edfdac40bf0c0bdfa31cd4
9ed58b47334f8edb64df1df088e7ff6186894234dcdec247abe5726fa8133e77
a3070bcd8d6fa3c0188b438d5e57314327bbbcab2259dff10f3a72b4f1fc9c23
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b2a34098cf525f4dac3af766341349f75e98ac5828a90974a73fbf026a5c4e1a
b387fdf1473d3588c81b997e35d55ec65a9da2ab8de5ee700dde8285ae4be13f
ba20c92df54a4333cc16983eb8c0043e0ea8781319e03edcf6d5093cd109cf43
ba6bffcc76a1b34bb7374b68487348c30891a1f27607543131fb9be8983b3733
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
be8d3289657ca1b68bcc1c8a716df611d0362ed242ae428da1740a3173cbec65
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
d360a4c1edc5e5d232a823ae51edd2ee15255c82a359f9d6ea40f0b3f577c5a8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd8d04423e8f925ae8d5b47567e78ce92df2b95b30034cdc764676355fc65296
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e814ee25ae613e722f2959d1df9e2cdb6e24229f80fe118e6e9b6e70d5f021cb
e96d3a6dfe0c36c277b59b0ae2e8f761fb69d544d499354aeca2913bef40a7fe
eb4a62236976f44693167cf2d6b23a559c04e95873ac7d56c4dcb39b6637be49
ed09222b1e896548277f58d9842b6eb0e0e0ab062df7eb6c63e5c2f0b3b5b285
ed2249e83fa33af5432a990cdad080fc25fa673d8a29447f0debdb10ca18221e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f5c40b2851c13aab412478237697ca63c90925060c28e3895d2344f838878310
f5cd5c5d0e2b385d720d50d4d1de286527fbed725d8c460bf2b716cfdea59688
f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

paypal-update.xyz Open in urlscan Pro 45.195.67.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

67 %IPv6

8 Domains

9 Subdomains

10 IPs

3 Countries

1485 kBTransfer

3314 kBSize

9 Cookies

9 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paypal-update.xyz Open in urlscan Pro
45.195.67.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

1485 kB
Transfer

3314 kB
Size

9
Cookies

57 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!