bank.paypar.online Open in urlscan Pro
2a02:4780:b:860:0:2e0b:5435:10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bank.paypar.online/
Submission: On December 14 via api (December 14th 2024, 3:18:58 am UTC) from JP — Scanned from JP

Summary HTTP 45 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 45 HTTP transactions. The main IP is 2a02:4780:b:860:0:2e0b:5435:10, located in Phoenix, United States and belongs to AS-HOSTINGER Hostinger International Limited, CY. The main domain is bank.paypar.online.
TLS certificate: Issued by R10 on December 14th 2024. Valid for: 3 months.

This is the only time bank.paypar.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2a02:4780:b:8... 2a02:4780:b:860:0:2e0b:5435:10	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
1	2404:6800:400... 2404:6800:400a:80e::200a	15169 (GOOGLE) (GOOGLE)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.70.41 172.67.70.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	82.180.172.198 82.180.172.198	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
4	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
1	13.249.160.68 13.249.160.68	16509 (AMAZON-02) (AMAZON-02)
1	142.251.42.163 142.251.42.163	15169 (GOOGLE) (GOOGLE)
1 2	172.217.175.100 172.217.175.100	15169 (GOOGLE) (GOOGLE)
2	157.240.31.5 157.240.31.5	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:440... 2606:4700:4400::ac40:9473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:400a:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c03::9d	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400a:805::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.26.227 172.217.26.227	15169 (GOOGLE) (GOOGLE)
1	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
1 1	172.217.25.162 172.217.25.162	15169 (GOOGLE) (GOOGLE)
2	13.249.160.126 13.249.160.126	16509 (AMAZON-02) (AMAZON-02)
45	19

6 2a02:4780:b:860:0:2e0b:5435:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

bank.paypar.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.70.41 (United States)

ASN13335 (CLOUDFLARENET, US)

level.uicore.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 82.180.172.198 (Phoenix, United States)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

bank.paypar.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.160.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-68.nrt12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9473 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c03::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:805::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.26.227 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.2 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2528 (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.25.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sin01s16-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.160.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-126.nrt12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	paypar.online bank.paypar.online	399 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	572 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	345 KB
4	uicore.co level.uicore.co	556 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	24 B
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 7118	62 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	102 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 25693	127 B
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 23280	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	81 KB
1	brevo.com in-automate.brevo.com — Cisco Umbrella Rank: 24219	108 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	gstatic.com fonts.gstatic.com	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1007 B
45	15

	Domain	Requested by
14	bank.paypar.online	bank.paypar.online
4	www.googletagmanager.com	bank.paypar.online www.googletagmanager.com
4	level.uicore.co	bank.paypar.online
3	js.driftt.com	bank.paypar.online js.driftt.com
3	cdnjs.cloudflare.com	bank.paypar.online cdnjs.cloudflare.com
2	www.facebook.com	bank.paypar.online
2	www.google.co.jp	bank.paypar.online
2	td.doubleclick.net	www.googletagmanager.com
2	sibautomation.com	bank.paypar.online sibautomation.com
2	connect.facebook.net	bank.paypar.online connect.facebook.net
2	www.google.com	1 redirects www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	in-automate.brevo.com	sibautomation.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	bank.paypar.online
45	18

This site contains links to these domains. Also see Links.

Domain
paypar.online
support.uicore.co
uicore.co
1.envato.market

Subject Issuer	Validity	Valid
bank.paypar.online R10	`2024-12-14` - `2025-03-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
uicore.co WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
drift.com Amazon RSA 2048 M03	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-23` - `2024-12-22`	3 months	crt.sh
sibautomation.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.co.jp WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.googleadservices.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
brevo.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://bank.paypar.online/
Frame ID: EB97D387DFE6F83EEF10772D541D9E0F
Requests: 39 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fbank.paypar.online
Frame ID: 7E3C7A1986C3E3AC85060C14F9AF28BB
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=0c711xxkv9vw7znyw8fwhs5l
Frame ID: 2B490DC228F070FFFC172F448FEB7496
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-7TT57F51E8&gacid=583837505.1734146333&gtm=45je4cc1v884573526z8890449762za200zb890449762&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=811817499
Frame ID: 43930C1D3083143B2D27029EA3123C65
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11022721731?random=1734146333460&cv=11&fst=1734146333460&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&oid=-&value=0&currency_code=%24&bttype=purchase&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&ct_cookie_present=0
Frame ID: 59EFA0DA2DFE315069FACB45400E5CC4
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=f23xx9fxwppz&eId=f23xx9fxwppz&region=US&forceShow=false&skipCampaigns=false&sessionId=19c5ae04-a275-426d-91c1-222d78472e28&sessionStarted=1734146333.993&campaignRefreshToken=e6d8041d-354c-4785-a38b-fa3b396ffd61&hideController=false&pageLoadStartTime=1734146332407&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fbank.paypar.online%2F
Frame ID: 811190FFE9F8C0248CA104A26FFD4DA4
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1734146332407
Frame ID: 76E96B5D2EA2D820735D17654D4D7F2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paypar Bank

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<div class=(?:"|')[^"']*elementor

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

40 %
IPv6

15
Domains

18
Subdomains

19
IPs

4
Countries

1576 kB
Transfer

3765 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://paypar.online/myaccount/secure/
Title: Login

Search URL Search Domain Scan URL

URL: https://paypar.online/myaccount/secure/index?action=enroll&access=fHA3Cg3Z2ArErBiQzqBEJRdm1Jr5xF4jGzugMNUK5oYtCudoiILf2WnYfCJW8c0p
Title: Create Account

Search URL Search Domain Scan URL

URL: https://support.uicore.co/help-center/categories/4/getting-started?utm_campaign=Level&utm_source=Demos&utm_medium=LinkHelper
Title: Read Documentation

Search URL Search Domain Scan URL

URL: https://support.uicore.co/?utm_campaign=Level&utm_source=Demos&utm_medium=LinkHelper
Title: Support

Search URL Search Domain Scan URL

URL: https://uicore.co/blog/category/showcase/?utm_campaign=Level&utm_source=Demos&utm_medium=LinkHelper
Title: Showcase

Search URL Search Domain Scan URL

URL: http://1.envato.market/gbLzGr
Title: Purchase Level

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&value=0&currency_code=%24&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&fmt=3&ct_cookie_present=false&eoid=CjEKEQiA0--6BhDS1uLApajW5IIBEhwAXcdlru59l0UF7RLlf0T4R2l15rmpK8m4tmid8P8HAQ&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAgjrzLECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChEIgNPvugYQuqa99ty_yNGkARIdAMHsEI89d6w-Eb63jRNtHVEJGozJdaQJAm-fB54&pscrd=IhMIla7LwaamigMVK6XpBR1cPzpMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2JhbmsucGF5cGFyLm9ubGluZS9CV0NoRUlnTlB2dWdZUTNZVEppS0xNNUxXUUFSSXNBSTM1TFpjRGl3NGQ0OGh3QXRUd2xVeVlpTXZyOHJ0cTh6MnhyY3NFb01HRGpMTWk3LXhtQkkxUnhnaw HTTP 302
https://www.google.com/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&value=0&currency_code=%24&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&fmt=3&ct_cookie_present=false&eoid=CjEKEQiA0--6BhDS1uLApajW5IIBEhwAXcdlru59l0UF7RLlf0T4R2l15rmpK8m4tmid8P8HAQ&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAgjrzLECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIla7LwaamigMVK6XpBR1cPzpMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2JhbmsucGF5cGFyLm9ubGluZS9CV0NoRUlnTlB2dWdZUTNZVEppS0xNNUxXUUFSSXNBSTM1TFpjRGl3NGQ0OGh3QXRUd2xVeVlpTXZyOHJ0cTh6MnhyY3NFb01HRGpMTWk3LXhtQkkxUnhnaw&is_vtc=1&cid=CAQSKQCa7L7dXfPnFhGCoOGknXRz6S0nq6me-l2Hrzt4A8ZD-qjG-0yrXn2M&eitems=ChEIgNPvugYQuqa99ty_yNGkARIdAMHsEI_i4FeraMoFRVYaMmCyzeH3LeaFFb7uaaw&random=1993582968 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&value=0&currency_code=%24&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&fmt=3&ct_cookie_present=false&eoid=CjEKEQiA0--6BhDS1uLApajW5IIBEhwAXcdlru59l0UF7RLlf0T4R2l15rmpK8m4tmid8P8HAQ&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAgjrzLECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIla7LwaamigMVK6XpBR1cPzpMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2JhbmsucGF5cGFyLm9ubGluZS9CV0NoRUlnTlB2dWdZUTNZVEppS0xNNUxXUUFSSXNBSTM1TFpjRGl3NGQ0OGh3QXRUd2xVeVlpTXZyOHJ0cTh6MnhyY3NFb01HRGpMTWk3LXhtQkkxUnhnaw&is_vtc=1&cid=CAQSKQCa7L7dXfPnFhGCoOGknXRz6S0nq6me-l2Hrzt4A8ZD-qjG-0yrXn2M&eitems=ChEIgNPvugYQuqa99ty_yNGkARIdAMHsEI_i4FeraMoFRVYaMmCyzeH3LeaFFb7uaaw&random=1993582968&ipr=y

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bank.paypar.online/ 59 KB
10 KB 942ms
128ms Document
text/html 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c7e4051e793d24fc749f2d71c1562844536c2ef8cefa8948e74986cd0173cf2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 10233
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 14 Dec 2024 03:18:52 GMT
etag: "eced-662368c8-3923392e9a334d81;br"
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 siteground-optimizer-assets-siteground-optimizer-combined-css-12bafd4db78b4ca63007875f82a448cf.css
bank.paypar.online/css/ 604 KB
81 KB 129ms
125ms Stylesheet
text/css 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/css/siteground-optimizer-assets-siteground-optimizer-combined-css-12bafd4db78b4ca63007875f82a448cf.css

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ccdfacacb9234f4cac92e8a263bb02711016f6b422ad7ffcaeb77e55e12b35da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "97152-662368c8-1baf0d16783a1cda;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 82450
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 6-uicore-global.css
bank.paypar.online/css/ 144 KB
21 KB 258ms
255ms Stylesheet
text/css 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/css/6-uicore-global.css

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

585c63b3a5894b2eb132d228a7a4c329822e539125ffa341f4c98eed757bb6b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "23f98-662368c8-fbef1aa071bdc272;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 21353
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1007 B 119ms
53ms Stylesheet
text/css 2404:6800:400a:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c47912216ec03efdd028ab7b476a9004def07608def21cec6d680dcf36cdd6c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 03:18:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 14 Dec 2024 03:18:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 fonts-themify-icons.css
bank.paypar.online/css/ 17 KB
3 KB 259ms
257ms Stylesheet
text/css 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/css/fonts-themify-icons.css

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5601bea3891e77da5469f5bb0f5d2e9d3ea53f0ec175028c8a86a220886b327c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "447b-662368c8-b4906253620e3bff;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 2684
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 jquery-jquery.min.js Show response
bank.paypar.online/js/ 85 KB
29 KB 259ms
257ms Script
application/x-javascript 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/js/jquery-jquery.min.js

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "155ba-662368c8-a6d548a6a41273f9;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 29502
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/x-javascript
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 20ms
12ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 99328
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8C%2B4tq5CTOGINoXz4drhG3Kh3fOYmTf0TXfNypn%2F6rKu%2F8FpfsYbP7eFMSQOVMhrmYnOTEaAMQpzbmjCo7t0Y2kKIf5n5g9w2OvcTpeElEKRR9FR8LI5xANcqCnbM7HBxQ%2Bv06w"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 03:18:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f1b0c91ac1980ef-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H2 200 01-level-logo-white.png
bank.paypar.online/images/ 34 KB
34 KB 261ms
260ms Image
image/png 2a02:4780:b:860:0:2e0b:5435:10
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.paypar.online/images/01-level-logo-white.png

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:860:0:2e0b:5435:10 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6f473f665a90e40c146afdfa984ffd4da38260af2b3e84bedb5fc1bb4bd39ad2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "878f-662368c8-f99e41c8bc7705d8;;;"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 34703
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 Digital-Banking-Hero-Image-1.webp
level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/ 220 KB
221 KB 291ms
259ms Image
image/webp 172.67.70.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/Digital-Banking-Hero-Image-1.webp
Requested by: Host: bank.paypar.online
URL: https://bank.paypar.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1989514ebda4cd8270bd256603afe1e1c9b0dce300c9276a9585aca52c75ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cf-cache-status: HIT
etag: "37186-5d0826c7556d4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlkgGgFjbGgy5%2FSQeTeBd1H2glxlIUqCGFl1csZGzdguXn84de34J5gAiZNIn9rpRLP0TFfmcodtvBQWC1EfKOEQWXmc6MfIApAUvLza9RnC6tW03cGZ2H1oxDWG6a1R9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1415&min_rtt=1179&rtt_var=434&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4327&recv_bytes=5751&delivery_rate=1036&cwnd=12000&unsent_bytes=0&cid=4ceab0cf8f871694&ts=263&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: image/webp
last-modified: Thu, 11 Nov 2021 12:24:27 GMT
vary: Accept-Encoding
priority: u=1,i
x-proxy-cache-info: 0 NC:000000 UP:
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f1b0c91cf6cf6cd-NRT
accept-ranges: bytes
content-length: 225670
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-httpd-modphp: 1
server: cloudflare

GET
H3 200 Digital-Banking-Hero-Image-2.webp
level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/ 311 KB
312 KB 252ms
252ms Image
image/webp 172.67.70.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/Digital-Banking-Hero-Image-2.webp
Requested by: Host: bank.paypar.online
URL: https://bank.paypar.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd403fea9facff1781da1d06d7d1c7160148cc98b1ac281f90378ff0fe394e2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cf-cache-status: HIT
etag: "4db9e-5d0826d26ff76"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBP9bSI1IkppgUm16BInzaGtcJ%2FN%2BPYsvpdW%2BBJaqmh%2FxWYr1O803ctRQux3zAdX29G%2BPya7Ml93U%2FNDIJBv%2BF4UjgD14ajo8pHCG0gau35hWc%2B%2B8lDP2bA7t4Vr%2Fg6Mqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2696&min_rtt=1179&rtt_var=378&sent=208&recv=70&lost=0&retrans=0&sent_bytes=235962&recv_bytes=9040&delivery_rate=32124272&cwnd=127200&unsent_bytes=0&cid=4ceab0cf8f871694&ts=630&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: image/webp
last-modified: Thu, 11 Nov 2021 12:24:39 GMT
vary: Accept-Encoding
priority: u=3,i
x-proxy-cache-info: 0 NC:000000 UP:
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f1b0c941923f6cd-NRT
accept-ranges: bytes
content-length: 318366
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-httpd-modphp: 1
server: cloudflare

GET
H3 200 Digital-Banking-Benefits-Image.webp
level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/ 21 KB
22 KB 251ms
250ms Image
image/webp 172.67.70.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://level.uicore.co/digital-banking/wp-content/uploads/sites/6/2021/11/Digital-Banking-Benefits-Image.webp
Requested by: Host: bank.paypar.online
URL: https://bank.paypar.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1adc3e1f82ee060bb11f771f70b0a84a9cdb108e9765c35e0e416da7d4c171

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cf-cache-status: HIT
etag: "5542-5d082854ca081"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbhVhUkoCjFFH6wHl6bs6cryha83aBjUuksLzFzthlC65NvSta3LVmKQgfv4i81e2bmkZHpzmH9CpmQ0lHT99ZuYwJ%2FvsqkG9KaNegwbghOURYzvdjCOaCVG4ZiSEXEBDw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2340&min_rtt=1179&rtt_var=366&sent=481&recv=98&lost=0&retrans=0&sent_bytes=562244&recv_bytes=10300&delivery_rate=31742258&cwnd=235200&unsent_bytes=0&cid=4ceab0cf8f871694&ts=653&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: image/webp
last-modified: Thu, 11 Nov 2021 12:31:24 GMT
vary: Accept-Encoding
priority: u=3,i
x-proxy-cache-info: 0 NC:000000 UP:
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f1b0c94494af6cd-NRT
accept-ranges: bytes
content-length: 21826
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-httpd-modphp: 1
server: cloudflare

GET
H3 200 11-testimonial-9.webp
bank.paypar.online/images/ 4 KB
5 KB 428ms
426ms Image
image/webp 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.paypar.online/images/11-testimonial-9.webp

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

dd840b814672e489019674993688d2f138772009d1213e99119b8f9fbbae03d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "119c-662368c8-4c4c05b68361672d;;;"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4508
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: image/webp
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 11-testimonial-3.webp
bank.paypar.online/images/ 12 KB
12 KB 357ms
356ms Image
image/webp 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.paypar.online/images/11-testimonial-3.webp

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a13a9dd97b0704ea6db8539de43cf5bbe590e81e085964095c8fe91c0dccd78d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "3186-662368c8-9b3d7bd7ff00687f;;;"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 12678
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: image/webp
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 11-testimonial-5.webp
bank.paypar.online/images/ 5 KB
5 KB 360ms
358ms Image
image/webp 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.paypar.online/images/11-testimonial-5.webp

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e1ed2d01d13e57076702a0f74af8fa0a43eb90630ca4aca00d8c98a0c5efa667

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "14ae-662368c8-739dbc74bd48a891;;;"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 5294
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: image/webp
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 siteground-optimizer-assets-siteground-optimizer-combined-js-98c07a748886776226aa36dccc344be2.js Show response
bank.paypar.online/js/ 312 KB
93 KB 133ms
131ms Script
application/x-javascript 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/js/siteground-optimizer-assets-siteground-optimizer-combined-js-98c07a748886776226aa36dccc344be2.js

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ac6437f1a84101a9b62dc134327997f5aa972aeae545fb90520595bc1edadf27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "4e02e-662368c8-bb2de87564bb58df;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 94722
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/x-javascript
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
114 KB 129ms
69ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4HRCJB

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c569376b4211fa0a0dd3faa7fec49c452e2335f0b8087ce4ef53fe1d196267a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 14 Dec 2024 03:18:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115937
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 f23xx9fxwppz.js Show response
js.driftt.com/include/1734146400000/ 221 KB
62 KB 696ms
630ms Script
application/javascript 13.249.160.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1734146400000/f23xx9fxwppz.js

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-68.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

471c1b4fbd0977167eab54f93a41628a35a4de0ff4851c54f0947995e8685275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: gzip
x-amz-version-id: EFTkUUeO68pFjlLRG1QVABD_PehtwC4Q
etag: W/"0b947e66289c24e0769bf3f717661c2c"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: _Hp0XlGUoLWEjnpfcdGzt62bxJf7nXWX2czmwMss0TqpdsPG_uRJXg==
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 05 Dec 2024 18:51:52 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 39
access-control-allow-credentials: true
via: 1.1 00e57612ea90b844bafde55ba310ccc8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT12-C3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H3 200 V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/ 22 KB
22 KB 44ms
4ms Font
font/woff2 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Space+Grotesk%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

sffe /

Resource Hash

7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bank.paypar.online
Referer: https://fonts.googleapis.com/

Response headers

age: 594151
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 06:16:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 06:16:21 GMT
last-modified: Wed, 13 Sep 2023 22:44:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22284
x-xss-protection: 0
server: sffe

GET
H3 200 fonts-uicore-icons.ttf
bank.paypar.online/fonts/ 13 KB
9 KB 137ms
135ms Font
application/x-font-ttf 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/fonts/fonts-uicore-icons.ttf

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/css/6-uicore-global.css

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5cf4fdb7a34351861b377d8c7b6509e670f817410c0a503314fbca09cc7a0b47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bank.paypar.online
Referer: https://bank.paypar.online/css/6-uicore-global.css

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "3550-662368c8-d3a85cfd8fd6d615;br"
expires: Sat, 21 Dec 2024 03:18:52 GMT
accept-ranges: bytes
content-length: 8630
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/x-font-ttf
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H3 200 fonts-themify.woff
bank.paypar.online/fonts/ 55 KB
55 KB 244ms
242ms Font
application/font-woff 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/fonts/fonts-themify.woff

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/css/siteground-optimizer-assets-siteground-optimizer-combined-css-12bafd4db78b4ca63007875f82a448cf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bank.paypar.online
Referer: https://bank.paypar.online/css/siteground-optimizer-assets-siteground-optimizer-combined-css-12bafd4db78b4ca63007875f82a448cf.css

Response headers

content-security-policy: upgrade-insecure-requests
etag: "db2c-662368c8-e61a4e071be1846b;;;"
accept-ranges: bytes
content-length: 56108
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/font-woff
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 14ms
12ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bank.paypar.online
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdc3-13174"
age: 1389887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiF7CjdQoFPct7g9tcdXTkJ%2FEiCqG2O2LZ%2B0oXTd7M9RAzpWfV6WMygRqNGnnPYnsa%2FioZksypSGX%2FKZSttCnaGvM4QTwn0CUHTtl6uxBPB5cu2C2THf1tz9iLaKhHmoPOe8RLTx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 03:18:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:23 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f1b0c947dadfcbe-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78196
server: cloudflare

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 13 KB
14 KB 11ms
10ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bank.paypar.online
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6599bdc0-33dc"
age: 1291653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JVwpLrhd%2B0%2FaQLGpI71xCeO%2FlinMLjv2zjXP%2Bz%2FPGmsEodzUA1XGzXkzhQ6k0mGhud%2FMLQ7waECL8yN3pguRXlCeMLCj8sijXVbXII79IDnrGp4bk8ishNsbZfnACtlp3zswum8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 04 Dec 2025 03:18:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 14 Dec 2024 03:18:52 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:53:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f1b0c947db5fcbe-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13276
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 78ms
39ms Ping
text/plain 172.217.175.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fbank.paypar.online%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1453460339.1734146333&dt=Paypar%20Bank&auid=609145118.1734146333&navt=n&npa=0&gtm=45He4cc1v890449762za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734146333096&tfd=1633&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4HRCJB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt20s21-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 414 KB
133 KB 72ms
71ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TT57F51E8&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4HRCJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3771bb26c25c7969a401718dd492866330fb3ec8779201abfff8b9bacfe346c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 14 Dec 2024 03:18:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135596
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 97ms
97ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11022721731&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4HRCJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

534788725eeaa79b6b19ac700247dfefa9061f5245eca95cdb0225ef95474527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 14 Dec 2024 03:18:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100225
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 9ms
3ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ETs5PwDO' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ETs5PwDO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4492, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: cBV6WNjXMgQj65NcND7jNl4Uym4Dl1isc3LCd366NFYZTswZqg67otD3iDkUUW5Bbctm5JYXD+q6ycc/viPagg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sa.js Show response
sibautomation.com/ 14 KB
4 KB 86ms
68ms Script
text/javascript 2606:4700:4400::ac40:9473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=0c711xxkv9vw7znyw8fwhs5l
Requested by: Host: bank.paypar.online
URL: https://bank.paypar.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: a9817fcc8c47c660cb1e81807de582da407dd5f52138f429b6acec3fe302f55b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3687-Ncss2E3+J0ix+og4f5dw0t1/Q1M"
cf-ray: 8f1b0c960d848a6c-NRT
expires: Sat, 14 Dec 2024 03:19:53 GMT
access-control-allow-origin: *
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Sails <sailsjs.com>
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7E3C 0
0 108ms
51ms Document
text/html 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fbank.paypar.online

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4HRCJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 03:18:53 GMT
expires: Sun, 14 Dec 2025 03:18:53 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3230656723846899 Show response
connect.facebook.net/signals/config/ 96 KB
20 KB 332ms
331ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3230656723846899?v=2.9.179&r=stable&domain=bank.paypar.online&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

0104b4c33606385d402e998c722e6016ac7e7f4f267fc8bb8dfb284855aa6914

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-OGlSohWK' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-OGlSohWK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=71, mss=1232, tbw=71273, tp=68, tpl=0, uplat=328, ullat=0
pragma: public
x-fb-debug: 61h7Zpb1wUy/3ln23IV+uTUI7dvgop8fV2UJw+Db5E0/b6gfYUhmmH3dciR7wmUzAYqJkxUYnpAtw/YwkF/9aQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 cm.html
sibautomation.com/ Frame 2B49 0
0 50ms
43ms Document
text/html 2606:4700:4400::ac40:9473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=0c711xxkv9vw7znyw8fwhs5l
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=0c711xxkv9vw7znyw8fwhs5l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer: https://bank.paypar.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 20202
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8f1b0c9689c380f0-NRT
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 14 Dec 2024 03:18:53 GMT
expires: Sat, 14 Dec 2024 05:18:53 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

POST
H2 204 collect
analytics.google.com/g/ 0
0 111ms
52ms Fetch
text/plain 2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7TT57F51E8&gtm=45je4cc1v884573526z8890449762za200zb890449762&_p=1734146332431&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=583837505.1734146333&ecid=91757109&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1734146333&sct=1&seg=0&dl=https%3A%2F%2Fbank.paypar.online%2F&dt=Paypar%20Bank&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1920
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TT57F51E8&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bank.paypar.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
547 B 107ms
36ms Ping
text/plain 2404:6800:4008:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7TT57F51E8&cid=583837505.1734146333&gtm=45je4cc1v884573526z8890449762za200zb890449762&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TT57F51E8&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c03::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://bank.paypar.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4393 0
0 115ms
57ms Document
text/html 2404:6800:400a:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-7TT57F51E8&gacid=583837505.1734146333&gtm=45je4cc1v884573526z8890449762za200zb890449762&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=811817499

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TT57F51E8&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.paypar.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 03:18:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 78ms
40ms Image
image/gif 172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TT57F51E8&cid=583837505.1734146333&gtm=45je4cc1v884573526z8890449762za200zb890449762&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=948104510

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 03:18:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
level.uicore.co/digital-banking/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 269ms
268ms Script
application/javascript 172.67.70.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://level.uicore.co/digital-banking/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: bank.paypar.online
URL: https://bank.paypar.online/js/siteground-optimizer-assets-siteground-optimizer-combined-js-98c07a748886776226aa36dccc344be2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197014a0f5a24e1e970a8af490a2932bc822d490d34e86d1dd23b930af2f564a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"550-627850930c3e3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTGE65ejTNjnywLSdRt9KqcYzJ37jE8OZJto%2FdbO7ws%2BSbtUFpvVijzelaFfgapJiqai5msXtkYRP2xxLzNxdSSUucEVXgXgsUaqYpPBFODZ24rS2s8gOPq%2FMW8WhQ5Sww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2117&min_rtt=1179&rtt_var=589&sent=502&recv=101&lost=0&retrans=0&sent_bytes=585366&recv_bytes=10719&delivery_rate=17094909&cwnd=235200&unsent_bytes=0&cid=4ceab0cf8f871694&ts=1256&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
x-proxy-cache-info: 0 NC:000000 UP:
last-modified: Fri, 22 Nov 2024 19:03:18 GMT
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f1b0c97ec91f6cd-NRT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-httpd-modphp: 1
server: cloudflare

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11022721731/ 5 KB
3 KB 90ms
47ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11022721731/?random=1734146333460&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&oid=-&value=0&currency_code=%24&bttype=purchase&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11022721731&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.2 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

34b6e63f84dcbd8f249f9a09cf63643c8ad5938a76fdd2920689348db884ec62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2699
date: Sat, 14 Dec 2024 03:18:53 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11022721731
td.doubleclick.net/td/rul/ Frame 59EF 0
0 60ms
58ms Document
text/html 2404:6800:400a:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11022721731?random=1734146333460&cv=11&fst=1734146333460&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&oid=-&value=0&currency_code=%24&bttype=purchase&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11022721731&l=dataLayer&cx=c&gtm=45He4cc1v890449762za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.paypar.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Dec 2024 03:18:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p Show response
in-automate.brevo.com/ 0
108 B 170ms
165ms XHR
text/plain 2606:4700:4400::6812:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=0c711xxkv9vw7znyw8fwhs5l&cuid=5842b4c0-bc4c-43b0-998c-976899755a08&ma_url=https%3A%2F%2Fbank.paypar.online%2F&sib_type=page&ma_title=Paypar%20Bank&sib_name=Paypar%20Bank&ma_referrer=&ma_path=%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=0c711xxkv9vw7znyw8fwhs5l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

via: 1.1 google
cf-ray: 8f1b0c984946e36d-NRT
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
date: Sat, 14 Dec 2024 03:18:53 GMT
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 9ms
3ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3230656723846899&ev=PageView&dl=https%3A%2F%2Fbank.paypar.online&rl=&if=false&ts=1734146333516&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734146333513.913116577599962980&cs_est=true&pm=1&hrl=1311ea&ler=empty&cdl=API_unavailable&it=1734146333152&coo=false&cs_cc=1&cas=7913555535363987%2C9154527791288349%2C8433317796740622%2C5465964233523674&rqm=GET

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4542, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 193ms
187ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3230656723846899&ev=PageView&dl=https%3A%2F%2Fbank.paypar.online&rl=&if=false&ts=1734146333516&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734146333513.913116577599962980&cs_est=true&pm=1&hrl=1311ea&ler=empty&cdl=API_unavailable&it=1734146333152&coo=false&cs_cc=1&cas=7913555535363987%2C9154527791288349%2C8433317796740622%2C5465964233523674&rqm=FGET

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448101788777774770"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 03:18:53 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: MjPQhKnnW/qOowebvo3YTrlCYv8wCj1IC2B+dd8F6J3iW1A6hPs0Dz9t1t14FlSEu4jOnxThfqUcQlsx+2ET4g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448101788777774770", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4910, tp=13, tpl=0, uplat=183, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/11022721731/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&g...
https://www.google.com/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t...
https://www.google.co.jp/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t...

42 B
64 B

46ms
45ms

Image
image/gif

172.217.26.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&value=0&currency_code=%24&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&fmt=3&ct_cookie_present=false&eoid=CjEKEQiA0--6BhDS1uLApajW5IIBEhwAXcdlru59l0UF7RLlf0T4R2l15rmpK8m4tmid8P8HAQ&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAgjrzLECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIla7LwaamigMVK6XpBR1cPzpMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2JhbmsucGF5cGFyLm9ubGluZS9CV0NoRUlnTlB2dWdZUTNZVEppS0xNNUxXUUFSSXNBSTM1TFpjRGl3NGQ0OGh3QXRUd2xVeVlpTXZyOHJ0cTh6MnhyY3NFb01HRGpMTWk3LXhtQkkxUnhnaw&is_vtc=1&cid=CAQSKQCa7L7dXfPnFhGCoOGknXRz6S0nq6me-l2Hrzt4A8ZD-qjG-0yrXn2M&eitems=ChEIgNPvugYQuqa99ty_yNGkARIdAMHsEI_i4FeraMoFRVYaMmCyzeH3LeaFFb7uaaw&random=1993582968&ipr=y

Requested by

Host: bank.paypar.online
URL: https://bank.paypar.online/

Protocol

Server

172.217.26.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 03:18:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/11022721731/?random=1978972160&cv=11&fst=1734146333460&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v897836602z8890449762za201zb890449762&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fbank.paypar.online%2F&label=myPurchase&hn=www.googleadservices.com&frm=0&tiba=Paypar%20Bank&value=0&currency_code=%24&npa=0&pscdl=noapi&auid=609145118.1734146333&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&em=tv.1&fmt=3&ct_cookie_present=false&eoid=CjEKEQiA0--6BhDS1uLApajW5IIBEhwAXcdlru59l0UF7RLlf0T4R2l15rmpK8m4tmid8P8HAQ&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAgjrzLECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIla7LwaamigMVK6XpBR1cPzpMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2JhbmsucGF5cGFyLm9ubGluZS9CV0NoRUlnTlB2dWdZUTNZVEppS0xNNUxXUUFSSXNBSTM1TFpjRGl3NGQ0OGh3QXRUd2xVeVlpTXZyOHJ0cTh6MnhyY3NFb01HRGpMTWk3LXhtQkkxUnhnaw&is_vtc=1&cid=CAQSKQCa7L7dXfPnFhGCoOGknXRz6S0nq6me-l2Hrzt4A8ZD-qjG-0yrXn2M&eitems=ChEIgNPvugYQuqa99ty_yNGkARIdAMHsEI_i4FeraMoFRVYaMmCyzeH3LeaFFb7uaaw&random=1993582968&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 14 Dec 2024 03:18:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 core
js.driftt.com/ Frame 8111 0
0 173ms
168ms Document
text/html 13.249.160.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=f23xx9fxwppz&eId=f23xx9fxwppz&region=US&forceShow=false&skipCampaigns=false&sessionId=19c5ae04-a275-426d-91c1-222d78472e28&sessionStarted=1734146333.993&campaignRefreshToken=e6d8041d-354c-4785-a38b-fa3b396ffd61&hideController=false&pageLoadStartTime=1734146332407&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fbank.paypar.online%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1734146400000/f23xx9fxwppz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-126.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bank.paypar.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 14 Dec 2024 03:18:54 GMT
etag: W/"060cad2a4a886e6d80da8ca18e49fa10"
last-modified: Thu, 05 Dec 2024 18:51:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 2402083883f8d7e887ab58fb56e109ac.cloudfront.net (CloudFront)
x-amz-cf-id: HG21ieaWnxwa1l0N78SJl5xCg5ZeNj7Ikw-MxY95fqCdDofbAMDTIA==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: 3PzfCNHi48k3_GzM0sXMR9t1ptyYwVRW
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 chat
js.driftt.com/core/ Frame 76E9 0
0 460ms
457ms Document
text/html 13.249.160.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1734146332407

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1734146400000/f23xx9fxwppz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-126.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bank.paypar.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 14 Dec 2024 03:18:54 GMT
etag: W/"060cad2a4a886e6d80da8ca18e49fa10"
last-modified: Thu, 05 Dec 2024 18:51:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 2402083883f8d7e887ab58fb56e109ac.cloudfront.net (CloudFront)
x-amz-cf-id: nNa3ace86NRpPVZM7BmmqJA0t2HPTdMUP0eRDfQPo8gniqdzcDO3qA==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: 3PzfCNHi48k3_GzM0sXMR9t1ptyYwVRW
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H3 200 01-level-favicon.png
bank.paypar.online/favicons/ 43 KB
43 KB 131ms
130ms Other
image/png 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/favicons/01-level-favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7794dd3d3549f2a4d99beb54167e63559461d1a5157c196e8b4d9e49085c09ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "ad0d-662368c8-fd716d0a93af2898;;;"
expires: Sat, 21 Dec 2024 03:18:54 GMT
accept-ranges: bytes
content-length: 44301
date: Sat, 14 Dec 2024 03:18:54 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 01-level-favicon.png
bank.paypar.online/favicons/ 43 KB
0 0ms
0ms Other
image/png 82.180.172.198
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.paypar.online/favicons/01-level-favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

82.180.172.198 Phoenix, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7794dd3d3549f2a4d99beb54167e63559461d1a5157c196e8b4d9e49085c09ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bank.paypar.online/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "ad0d-662368c8-fd716d0a93af2898;;;"
expires: Sat, 21 Dec 2024 03:18:54 GMT
accept-ranges: bytes
content-length: 44301
date: Sat, 14 Dec 2024 03:18:54 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 07:03:36 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypar.online/	1970-01-21 03:52:02	Name: _gcl_au Value: 1.1.609145118.1734146333
.bank.paypar.online/	1970-01-21 06:03:47	Name: sib_cuid Value: 5842b4c0-bc4c-43b0-998c-976899755a08
sibautomation.com/	1970-01-21 06:03:47	Name: uuid Value: 92c67e9d-720e-4634-b44e-2281c669db83
.paypar.online/	1970-01-21 11:18:26	Name: _ga_7TT57F51E8 Value: GS1.1.1734146333.1.0.1734146333.60.0.91757109
.paypar.online/	1970-01-21 11:18:26	Name: _ga Value: GA1.1.583837505.1734146333
.paypar.online/	1970-01-21 03:52:02	Name: _fbp Value: fb.1.1734146333513.913116577599962980
.doubleclick.net/	1970-01-21 11:18:26	Name: IDE Value: AHWqTUktjQzz6Y0p_GyGpNxZF-JmQqhifLFnQ-TI6SaJz2dliz50CdxsveWlmAJW
bank.paypar.online/	1970-01-21 01:42:28	Name: drift_campaign_refresh Value: e6d8041d-354c-4785-a38b-fa3b396ffd61
bank.paypar.online/	1970-01-21 11:18:26	Name: drift_aid Value: 9c007d0d-2a5e-4685-b316-8fed78be834d
bank.paypar.online/	1970-01-21 11:18:26	Name: driftt_aid Value: 9c007d0d-2a5e-4685-b316-8fed78be834d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bank.paypar.online
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in-automate.brevo.com
js.driftt.com
level.uicore.co
sibautomation.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.17.25.14
13.249.160.126
13.249.160.68
142.251.222.2
142.251.42.163
157.240.31.5
172.217.175.100
172.217.25.162
172.217.26.227
172.67.70.41
2404:6800:4008:c03::9d
2404:6800:400a:805::2002
2404:6800:400a:80a::200e
2404:6800:400a:80e::2008
2404:6800:400a:80e::200a
2606:4700:4400::6812:2528
2606:4700:4400::ac40:9473
2a02:4780:b:860:0:2e0b:5435:10
31.13.82.36
82.180.172.198
0104b4c33606385d402e998c722e6016ac7e7f4f267fc8bb8dfb284855aa6914
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
197014a0f5a24e1e970a8af490a2932bc822d490d34e86d1dd23b930af2f564a
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
34b6e63f84dcbd8f249f9a09cf63643c8ad5938a76fdd2920689348db884ec62
3771bb26c25c7969a401718dd492866330fb3ec8779201abfff8b9bacfe346c5
471c1b4fbd0977167eab54f93a41628a35a4de0ff4851c54f0947995e8685275
534788725eeaa79b6b19ac700247dfefa9061f5245eca95cdb0225ef95474527
5601bea3891e77da5469f5bb0f5d2e9d3ea53f0ec175028c8a86a220886b327c
585c63b3a5894b2eb132d228a7a4c329822e539125ffa341f4c98eed757bb6b7
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cf4fdb7a34351861b377d8c7b6509e670f817410c0a503314fbca09cc7a0b47
6f473f665a90e40c146afdfa984ffd4da38260af2b3e84bedb5fc1bb4bd39ad2
7794dd3d3549f2a4d99beb54167e63559461d1a5157c196e8b4d9e49085c09ad
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8e1989514ebda4cd8270bd256603afe1e1c9b0dce300c9276a9585aca52c75ee
8f1adc3e1f82ee060bb11f771f70b0a84a9cdb108e9765c35e0e416da7d4c171
9c569376b4211fa0a0dd3faa7fec49c452e2335f0b8087ce4ef53fe1d196267a
a13a9dd97b0704ea6db8539de43cf5bbe590e81e085964095c8fe91c0dccd78d
a9817fcc8c47c660cb1e81807de582da407dd5f52138f429b6acec3fe302f55b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac6437f1a84101a9b62dc134327997f5aa972aeae545fb90520595bc1edadf27
c47912216ec03efdd028ab7b476a9004def07608def21cec6d680dcf36cdd6c9
c7e4051e793d24fc749f2d71c1562844536c2ef8cefa8948e74986cd0173cf2c
ccdfacacb9234f4cac92e8a263bb02711016f6b422ad7ffcaeb77e55e12b35da
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dd403fea9facff1781da1d06d7d1c7160148cc98b1ac281f90378ff0fe394e2f
dd840b814672e489019674993688d2f138772009d1213e99119b8f9fbbae03d1
e1ed2d01d13e57076702a0f74af8fa0a43eb90630ca4aca00d8c98a0c5efa667
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

bank.paypar.online Open in urlscan Pro 2a02:4780:b:860:0:2e0b:5435:10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

40 %IPv6

15 Domains

18 Subdomains

19 IPs

4 Countries

1576 kBTransfer

3765 kBSize

10 Cookies

6 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bank.paypar.online Open in urlscan Pro
2a02:4780:b:860:0:2e0b:5435:10 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

40 %
IPv6

15
Domains

18
Subdomains

19
IPs

4
Countries

1576 kB
Transfer

3765 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions