xd55.top Open in urlscan Pro
207.148.30.232  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request button.html Show response xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/	60 KB 14 KB	380ms 117ms	Document text/html	207.148.30.232 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 207.148.30.232 Piscataway, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 207.148.30.232.vultr.com Software nginx / Resource Hash 6e9e7bfe679d5cd04923beaf2e1408c9bcd449524d59bffd2dc8251b00ebd592 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority xd55.top :scheme https :path /gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx date Fri, 05 Mar 2021 19:15:43 GMT content-type text/html last-modified Fri, 05 Mar 2021 14:18:14 GMT vary Accept-Encoding etag W/"60423da6-f1ab" strict-transport-security max-age=31536000 content-encoding gzip
GET H2	200	checkout.js.download Show response xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/	1 MB 1 MB	125ms 124ms	Script application/octet-stream	207.148.30.232 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/checkout.js.download Requested by Host: xd55.top URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 207.148.30.232 Piscataway, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 207.148.30.232.vultr.com Software nginx / Resource Hash 46c81bf72af4727f8482bffd0527493b7b7c75620f8ef7550193ae6767923bec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 19:15:43 GMT last-modified Fri, 05 Mar 2021 14:17:20 GMT server nginx etag "60423d70-1650ac" strict-transport-security max-age=31536000 content-type application/octet-stream accept-ranges bytes content-length 1462444
GET H2	200	button.js.download Show response xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/	394 KB 395 KB	314ms 314ms	Script application/octet-stream	207.148.30.232 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.js.download Requested by Host: xd55.top URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 207.148.30.232 Piscataway, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 207.148.30.232.vultr.com Software nginx / Resource Hash 761cf2a4f82f0c824c0e3ed1be2200349124342f31d546b33b7a24101ec0df70 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 19:15:43 GMT last-modified Fri, 05 Mar 2021 14:17:20 GMT server nginx etag "60423d70-628ce" strict-transport-security max-age=31536000 content-type application/octet-stream accept-ranges bytes content-length 403662
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	128ms 41ms	Script application/x-javascript	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=xd55.top&source=checkoutjs&t=xo&v=4.0.325 Requested by Host: xd55.top URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/checkout.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Resource Hash 7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nMvZD7eIY6SjQuYQqJlMHyuyQk/4cyY4y8Bgn0bZ13CWYo1o' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://xd55.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nMvZD7eIY6SjQuYQqJlMHyuyQk/4cyY4y8Bgn0bZ13CWYo1o' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff etag W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M" x-frame-options SAMEORIGIN content-type application/x-javascript; charset=utf-8 paypal-debug-id 97d342ff6cb9f cache-control public, max-age=3600 date Fri, 05 Mar 2021 19:15:44 GMT strict-transport-security max-age=63072000 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4456 x-xss-protection 1; mode=block
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/	0 0	301ms 230ms	Preflight	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Protocol H2 Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-app-name,x-requested-with Origin https://xd55.top User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-app-name,x-requested-with access-control-allow-methods POST access-control-allow-origin https://xd55.top cache-control max-age=0, no-cache, no-store, must-revalidate paypal-debug-id a3860a799359c x-content-type-options nosniff x-powered-by Express content-length 0 dc ccg11-origin-www-1.paypal.com x-edgeconnect-midmile-rtt 146 x-edgeconnect-origin-mex-latency 43 date Fri, 05 Mar 2021 19:15:44 GMT strict-transport-security max-age=63072000
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	858 B 2 KB	242ms 241ms	XHR application/json	104.111.228.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Requested by Host: xd55.top URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/checkout.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-228-123.deploy.static.akamaitechnologies.com Software / Express Resource Hash 056af22aa682d2124801d731a8a5ce8a3d74539eb40a4d330b3b82494db119d6 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers x-app-name checkoutjs Referer https://xd55.top/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-edgeconnect-origin-mex-latency 49 date Fri, 05 Mar 2021 19:15:44 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 145 x-powered-by Express strict-transport-security max-age=63072000 content-type application/json; charset=utf-8 access-control-allow-origin https://xd55.top cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true paypal-debug-id 00d2e6e3af622 dc ccg11-origin-www-1.paypal.com content-length 858 etag W/"35a-60t8cGIeOeEu5uGjpMAlTZnUiuU"
GET H2	200	ts t.paypal.com/	42 B 675 B	334ms 249ms	Image image/gif	151.101.129.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=PayPal&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1614971744092&g=-60&completeurl=https%3A%2F%2Fxd55.top%2Fgsdfsfgds%2FFCUK%2520Racism%2520Message%2520T-Shirt%2520at%2520PacSun.com_files%2Fbutton.html&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: xd55.top URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/button.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software akka-http/10.1.11 / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Request headers Referer https://xd55.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 05 Mar 2021 19:15:44 GMT via 1.1 varnish server akka-http/10.1.11 x-timer S1614971744.193948,VS0,VE223 x-cache MISS p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" http_x_pp_az_locator slcb.slc expires Fri, 05 Mar 2021 19:15:44 GMT cache-control no-cache, no-store, max-age=0, no-transform x-cache-hits 0 accept-ranges bytes content-type image/gif content-length 42 x-served-by cache-hhn4061-HHN
OPTIONS		logger www.paypal.com/xoplatform/logger/api/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.paypal.com

URL

https://www.paypal.com/xoplatform/logger/api/logger

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| pre function| preload function| preloadComplete object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| __paypal_storage__ object| paypal object| PAYPAL object| ppxo object| angular object| meta object| cookies object| config object| localizationJSON string| __GRAPHQL_ENDPOINT__ function| $Class function| $Error function| $Contingency function| $Forbidden function| $ApiError function| $BatchShortCircuit function| $FallbackError function| $Api object| __belter_experiment_storage__ object| spb object| paypalDDL

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://xd55.top/gsdfsfgds/FCUK%20Racism%20Message%20T-Shirt%20at%20PacSun.com_files/checkout.js.download(Line 2848) Message: ppxo_unhandled_error [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
www.paypal.com
xd55.top
www.paypal.com
104.111.228.123
151.101.129.35
207.148.30.232
056af22aa682d2124801d731a8a5ce8a3d74539eb40a4d330b3b82494db119d6
46c81bf72af4727f8482bffd0527493b7b7c75620f8ef7550193ae6767923bec
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e9e7bfe679d5cd04923beaf2e1408c9bcd449524d59bffd2dc8251b00ebd592
761cf2a4f82f0c824c0e3ed1be2200349124342f31d546b33b7a24101ec0df70
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378