paxxfull-acc1e.web.app Open in urlscan Pro
2620:0:890::100  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request log.html Show response paxxfull-acc1e.web.app/	30 KB 7 KB	458ms 37ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb70dee8873fc12a897479b3a19630f10f2b79c3f26e2f7bf4c8a70636787325 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 7287 content-type text/html; charset=utf-8 date Wed, 25 Oct 2023 20:45:00 GMT etag "4e3124b6a201ba5086e16fcd50f64b5133c3db2c2782115f709f12963f31200d-br" last-modified Tue, 17 Oct 2023 09:03:11 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 1 x-served-by cache-fra-eddf8230030-FRA x-timer S1698266701.904792,VS0,VE1
GET H2	200	vendors.chunk.css paxxfull-acc1e.web.app/ass/	38 KB 6 KB	35ms 33ms	Stylesheet text/css	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/ass/vendors.chunk.css?c=6d4312572de9d33c9855 Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230030-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Wed, 25 Oct 2023 20:45:00 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.942821,VS0,VE2 etag "bc8584532c417bd83a175da39332887835986f6e59a9e860f914c1de90fd0194-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/css; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 5943 x-cache-hits 1
GET H2	200	main.593036ead6f2ace2ad4b.css paxxfull-acc1e.web.app/ass/	4 MB 111 KB	37ms 35ms	Stylesheet text/css	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/ass/main.593036ead6f2ace2ad4b.css Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fb2ff6c10e1dc15df29c153466f364c9a9bee1e44bacf593d33bc7970e0b12af Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230030-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Wed, 25 Oct 2023 20:45:00 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.943455,VS0,VE2 etag "101cae52657f2e6c99a48edb2bc044fbc34f82282f9450396358e507b46da6ca-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/css; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113686 x-cache-hits 1
GET H2	200	css fonts.googleapis.com/	14 KB 1 KB	111ms 40ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aaeb83eee283cff3261ac6d239481731fc85bbcbf58bd525cad3742dfbb4dc21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 25 Oct 2023 20:45:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 25 Oct 2023 20:45:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 25 Oct 2023 20:45:01 GMT
GET H2	404	https-label-91194ad43fc85d71e34a467282e95f23.png paxxfull-acc1e.web.app/static/dist/assets/images/	2 KB 2 KB	36ms 35ms	Image text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://paxxfull-acc1e.web.app/static/dist/assets/images/https-label-91194ad43fc85d71e34a467282e95f23.png Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230030-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip date Wed, 25 Oct 2023 20:45:00 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.943742,VS0,VE2 etag "daa499dd96d8229e73235345702ba32f0793f0c8e5c0d30e40e37a5872be57aa" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/html; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 853 x-cache-hits 1
GET H2	200	embed2.js Show response static.ada.support/	17 KB 6 KB	148ms 42ms	Script text/javascript	18.66.147.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed2.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-60.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-amz-version-id BsrqbP3U2hb.a17svKLV3bCW0fRkIy.o content-encoding gzip via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) date Wed, 25 Oct 2023 07:21:22 GMT strict-transport-security max-age=63072000; includeSubdomains; preload age 54893 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 04 Jan 2023 22:06:00 GMT server AmazonS3 etag W/"318258ae2fd2aaa16faa799f071935d1" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control max-age: 300 vary Accept-Encoding x-amz-cf-id DKxnZFotR8r0nFTUJXxDXJsu7JD5T2jir851q-6biG6UNElEhzMsdA==
GET H2	200	v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	177ms 91ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Request headers Referer https://paxxfull-acc1e.web.app/ Origin https://paxxfull-acc1e.web.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 20:45:01 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.7.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 81bd4d02fc2a30e4-FRA
GET H2	200	7d42e07cff174831a33c9b41dd34c9e2.png static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/	1 KB 2 KB	260ms 36ms	Image image/png	2600:9000:2250:1200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/7d42e07cff174831a33c9b41dd34c9e2.png Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:1200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash af41a268cf047919c84748b819032f77c9e5ddcb46e8db7718a4d6e90225e40b Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 06:23:26 GMT via 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 05:06:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 138266 x-amz-server-side-encryption AES256 etag "bc6f4efc9a2c60f58b11a96061f5586d" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 1320 x-amz-cf-id GT4-b9D10P_WtQxkYvSTcJPGAe57nPSmKr5QYxa9Fc16o-j9Xb8sDQ== x-amz-meta-mtime 1680064163
GET H2	200	1b2a5c1082cd4815a0c63829703d26e1.png static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/	2 KB 3 KB	223ms 37ms	Image image/png	2600:9000:2250:1200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/1b2a5c1082cd4815a0c63829703d26e1.png Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:1200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9e8c4daa6630ae62372de026af12492552eebe57f744495259fc2ba5bf1b267b Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 04:20:28 GMT via 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 05:06:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 145579 x-amz-server-side-encryption AES256 etag "7a63b6ea0253e87db3ace41fa727d2e9" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2381 x-amz-cf-id mV5fG-2ih4xh4XueODMNLZk-W1bCMAQinCq7w0bkYDFP480d9V0V-Q== x-amz-meta-mtime 1680064162
GET H2	200	3ef182b0e3a4406593dace4f09183b04.png static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/	2 KB 2 KB	39ms 37ms	Image image/png	2600:9000:2250:1200:1:fa24:cf00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/captcha_v4/original_icon_pic/icon_20230329/3ef182b0e3a4406593dace4f09183b04.png Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:1200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4c7fcc8c7151483a4a8603014b2551326cf5f78d7692cac92b493d10365ee904 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 00:25:28 GMT via 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront) last-modified Wed, 29 Mar 2023 05:06:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 159574 x-amz-server-side-encryption AES256 etag "813567142d858ded6f854e517cf1e06b" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2123 x-amz-cf-id ryxvd-9qjNlI8nURgZorVdVft64cmzjsHEj5QFgwN3dlxE0cfX8jew== x-amz-meta-mtime 1680064163
GET H3	200	jquery.min.js Show response paxxfull-acc1e.web.app/ass/	85 KB 27 KB	62ms 60ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/ass/jquery.min.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H3 Security QUIC, , AES_256_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230128-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Wed, 25 Oct 2023 20:45:01 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.198103,VS0,VE27 etag "ffc2b6f836b0cacdbb9d35757e48d2437202c7df9f09157d34d5ff9f6b040760-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 27431 x-cache-hits 1
GET H3	200	bootstrap.min.js Show response paxxfull-acc1e.web.app/ass/	35 KB 8 KB	37ms 35ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/ass/bootstrap.min.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H3 Security QUIC, , AES_256_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/log.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230128-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Wed, 25 Oct 2023 20:45:01 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.198200,VS0,VE1 etag "a5f08dfc3ef547abbe6b452974600d620dd43281125841542af61ae4ad335921-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 8318 x-cache-hits 1
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.1.1/	20 KB 7 KB	113ms 30ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-app.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75e44068da4d508132edf26d1ff802128910a826b8fe6460146a0af0ce64d18c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 24 Oct 2023 11:00:56 GMT content-encoding gzip x-content-type-options nosniff age 121445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6546 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:23 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 23 Oct 2024 11:00:56 GMT
GET H2	200	firebase-database.js Show response www.gstatic.com/firebasejs/8.1.1/	188 KB 50 KB	174ms 92ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-database.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85f31d2a79cdcf5841a299c101cda4cce64222ae42b85951e44d7dc45f73d0e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 22 Oct 2023 01:37:23 GMT content-encoding gzip x-content-type-options nosniff age 328058 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51261 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:39 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 21 Oct 2024 01:37:23 GMT
GET H2	200	firebase-firestore.js Show response www.gstatic.com/firebasejs/8.1.1/	287 KB 83 KB	151ms 69ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-firestore.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f5424b04d8b7bdd306bf72b6d09c9e092088266b8956807a9f4ea0afa5cac7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sat, 21 Oct 2023 21:00:35 GMT content-encoding gzip x-content-type-options nosniff age 344666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 84720 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:23 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 20 Oct 2024 21:00:35 GMT
GET H2	200	firebase-auth.js Show response www.gstatic.com/firebasejs/8.1.1/	172 KB 55 KB	116ms 33ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-auth.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb35c70938a6c57c2daa01ecdf52611b0617bfaa915d99af3cac0cb9ddb5687c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Sun, 22 Oct 2023 14:47:00 GMT content-encoding gzip x-content-type-options nosniff age 280681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56505 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:31 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 21 Oct 2024 14:47:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	186 KB 67 KB	129ms 45ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-57BRSLP Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e4d4ef9248c161c654325353262ef5a0fbd219dee944dcca07911cd917c6b8f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 20:45:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 68570 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 25 Oct 2023 20:45:01 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	156ms 71ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paxxfull-acc1e.web.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Thu, 19 Oct 2023 18:17:53 GMT x-content-type-options nosniff age 527228 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Oct 2024 18:17:53 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	113ms 33ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Open+Sans:400,600,700&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paxxfull-acc1e.web.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Thu, 19 Oct 2023 18:17:59 GMT x-content-type-options nosniff age 527222 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Oct 2024 18:17:59 GMT
GET H2	403	log-in@1x-66ff6d4608ab29a6710651bfd9e6171c.png accounts.paxful.com/static/dist/assets/images/	0 0	176ms 85ms	Image text/html	2606:4700::6810:6970 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.paxful.com/static/dist/assets/images/log-in@1x-66ff6d4608ab29a6710651bfd9e6171c.png Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6970 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers
GET H2	200	embed-manifest.json Show response static.ada.support/	136 B 706 B	149ms 56ms	Fetch application/json	18.66.147.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed-manifest.json Requested by Host: static.ada.support URL: https://static.ada.support/embed2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-60.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 480b49fa9e8c14a10479dd63c7672ecf36b489659e458fad02f3f25035113523 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-amz-version-id WGMfJ11bxCGo.L2cl1dIcQ_6nGCeGndV date Wed, 25 Oct 2023 05:46:45 GMT via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubdomains; preload age 53908 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 136 last-modified Thu, 13 Jul 2023 20:28:30 GMT server AmazonS3 etag "ddcc3ba92c013f12daec3d54f2383cf3" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Accept-Encoding accept-ranges bytes x-amz-cf-id VkqcZIQcYpx6FcKqpWyGfEsSjiaYuCDQn1v3-1ZvKrdPJx8t_s9gVA==
GET H2	200	js Show response www.googletagmanager.com/gtag/	256 KB 87 KB	59ms 55ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-N8ZVYK8W8L&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BRSLP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a70539a6d1420802ff6b189f5dbe4ec0c72ee440130552594771cca799440b37 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 20:45:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89301 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 25 Oct 2023 20:45:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	129ms 38ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-57BRSLP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 25 Oct 2023 19:51:33 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 3208 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 25 Oct 2023 21:51:33 GMT
GET H3	404	main.js paxxfull-acc1e.web.app/cdn-cgi/challenge-platform/scripts/jsd/ Frame 579A	0 0	37ms 37ms	Script text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/cdn-cgi/challenge-platform/scripts/jsd/main.js Requested by Host: paxxfull-acc1e.web.app URL: https://paxxfull-acc1e.web.app/log.html Protocol H3 Security QUIC, , AES_256_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-served-by cache-fra-eddf8230128-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip date Wed, 25 Oct 2023 20:45:01 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266701.499976,VS0,VE2 etag "daa499dd96d8229e73235345702ba32f0793f0c8e5c0d30e40e37a5872be57aa" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/html; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 853 x-cache-hits 1
GET H2	200	embed2.3681e6c.js Show response static.ada.support/	182 KB 55 KB	60ms 60ms	Script text/javascript	18.66.147.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/embed2.3681e6c.js Requested by Host: static.ada.support URL: https://static.ada.support/embed2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-60.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash debf95c4aa93cbde7264db340a91c1479d5a2ef0f5a173010dbf07e5e96877bf Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-amz-version-id ShniEngUFVh_CVKzYWDOWsqxVCOV21RR content-encoding gzip via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) date Wed, 25 Oct 2023 08:16:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload age 44951 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 13 Jul 2023 20:21:11 GMT server AmazonS3 etag W/"7617e772e7f840a26dc751d39f3d205f" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control 172800 vary Accept-Encoding x-amz-cf-id uPzvkbWZ2WqDRsFuSxGxqd7v-ffzKhzOTVvwT01OA25XkVc1wXXrVQ==
POST H2	204	collect region1.google-analytics.com/g/	0 259 B	134ms 45ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-N8ZVYK8W8L&gtm=45je3an0v889776646z8889759196&_p=743098189&gcd=11l1l1l1l1&cid=1169534151.1698266702&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698266701&sct=1&seg=0&dl=https%3A%2F%2Fpaxxfull-acc1e.web.app%2Flog.html&dt=Log%20In%20to%20Your%20Account%20%7C%20Paxful&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-N8ZVYK8W8L&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers pragma no-cache date Wed, 25 Oct 2023 20:45:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://paxxfull-acc1e.web.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 226 B	46ms 45ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=743098189&t=pageview&_s=1&dl=https%3A%2F%2Fpaxxfull-acc1e.web.app%2Flog.html&ul=en-us&de=UTF-8&dt=Log%20In%20to%20Your%20Account%20%7C%20Paxful&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1810218525&gjid=1785966994&cid=1169534151.1698266702&tid=UA-47678361-28&_gid=1084397327.1698266702&_r=1&_slc=1&gtm=45He3an0n8157BRSLPv889759196&z=432326438 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 75e4b0166c000538a200f3d202bf1f2cfe185176afac49ba7b42b7e54aefb574 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://paxxfull-acc1e.web.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Oct 2023 20:45:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://paxxfull-acc1e.web.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	client.json Show response rollout.ada.support/paxful/	7 KB 8 KB	605ms 432ms	XHR application/json	18.165.242.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rollout.ada.support/paxful/client.json?ada_request_origin=embed Requested by Host: static.ada.support URL: https://static.ada.support/embed2.3681e6c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.242.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-242-82.lhr61.r.cloudfront.net Software AmazonS3 / Resource Hash e10c8039c21d623a57a12ffcbb8b0eec642eea42063aca1bde6d98371354e4fa Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 20:45:03 GMT via 1.1 a3f6a09ce0b2cec8cd66e141dd4234ba.cloudfront.net (CloudFront) x-amz-cf-pop LHR61-P6 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 7580 last-modified Mon, 18 Sep 2023 13:16:50 GMT server AmazonS3 etag "4287e7b43442576652805471780ec5b1" access-control-max-age 300 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers ETag cache-control no-cache vary Origin accept-ranges bytes x-amz-cf-id FKtg5ByIPTfST66GBaB4kGuykSkP7oj83uh044YfKb01cNkVYkR_UQ==
GET H2	200	chat-manifest.json Show response static.ada.support/	136 B 706 B	59ms 58ms	Fetch application/json	18.66.147.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.ada.support/chat-manifest.json Requested by Host: static.ada.support URL: https://static.ada.support/embed2.3681e6c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-60.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9cdac533b6fb2099df51ff6a3087d1c4986bbd892ef62612a63025b9e1507eb9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers x-amz-version-id U4qV._nlhZy1tSd59T40wWZTzA8RmVc3 date Wed, 25 Oct 2023 18:35:02 GMT via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubdomains; preload age 7801 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 136 last-modified Tue, 24 Oct 2023 18:34:55 GMT server AmazonS3 etag "bac0cd4608dd377d16bd41999746d040" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Accept-Encoding accept-ranges bytes x-amz-cf-id TsZIZt_KJ2pRKggxCUvbpUfpmMzIOi8Wg19j1GsuNiMD4bgcYTOhrQ==
POST H3	404	rum Show response paxxfull-acc1e.web.app/cdn-cgi/	2 KB 1 KB	68ms 68ms	XHR text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://paxxfull-acc1e.web.app/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Protocol H3 Security QUIC, , AES_256_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://paxxfull-acc1e.web.app/log.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 content-type application/json Response headers x-served-by cache-fra-eddf8230128-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip date Wed, 25 Oct 2023 20:45:01 GMT last-modified Tue, 17 Oct 2023 09:03:11 GMT x-timer S1698266702.647116,VS0,VE31 etag "daa499dd96d8229e73235345702ba32f0793f0c8e5c0d30e40e37a5872be57aa" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/html; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache-hits 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	260 KB 89 KB	56ms 56ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-N8ZVYK8W8L&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0f1456b10a8f2d137737874ea17cf62c458bf53de455eac9983b0949065e9fc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paxxfull-acc1e.web.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 25 Oct 2023 20:45:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91045 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 25 Oct 2023 20:45:01 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paxful (Crypto Exchange)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| dataLayer object| paxful function| $ function| jQuery object| firebase object| regeneratorRuntime string| __AdaEmbedLoaderVersion boolean| __AdaEmbedLoaderScriptLoaded object| adaEmbed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| send object| __cfBeacon function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __SENTRY__ boolean| __AdaEmbedLoaded

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paxful.com/	1970-01-20 15:44:28	Name: __cf_bm Value: ou7iGmYTdni5__YpCbP6if.BOuatm6D8lTLyeB4Mzpo-1698266701-0-AVqrQT9oVRqAV2NqSpglQPcPiIjUlsIZx9RjIAPbqGJ9h2kilb+oidlPl0EmySVK6ba9bXn93+tt1uDdSMLrdLo=
			.paxxfull-acc1e.web.app/	1970-01-21 01:20:26	Name: _ga_N8ZVYK8W8L Value: GS1.1.1698266701.1.0.1698266701.0.0.0
			.paxxfull-acc1e.web.app/	1970-01-21 01:20:26	Name: _ga Value: GA1.3.1169534151.1698266702
			.paxxfull-acc1e.web.app/	1970-01-20 15:45:53	Name: _gid Value: GA1.3.1084397327.1698266702
			.paxxfull-acc1e.web.app/	1970-01-20 15:44:26	Name: _gat_UA-47678361-28 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://paxxfull-acc1e.web.app/static/dist/assets/images/https-label-91194ad43fc85d71e34a467282e95f23.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.paxful.com/static/dist/assets/images/log-in@1x-66ff6d4608ab29a6710651bfd9e6171c.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://paxxfull-acc1e.web.app/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paxxfull-acc1e.web.app/cdn-cgi/rum? Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.paxful.com
fonts.googleapis.com
fonts.gstatic.com
paxxfull-acc1e.web.app
region1.google-analytics.com
rollout.ada.support
static.ada.support
static.cloudflareinsights.com
static.geetest.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
18.165.242.82
18.66.147.60
2001:4860:4802:34::36
2600:9000:2250:1200:1:fa24:cf00:93a1
2606:4700::6810:3965
2606:4700::6810:6970
2620:0:890::100
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
0f1456b10a8f2d137737874ea17cf62c458bf53de455eac9983b0949065e9fc7
480b49fa9e8c14a10479dd63c7672ecf36b489659e458fad02f3f25035113523
48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6
4c7fcc8c7151483a4a8603014b2551326cf5f78d7692cac92b493d10365ee904
5f5424b04d8b7bdd306bf72b6d09c9e092088266b8956807a9f4ea0afa5cac7e
75e44068da4d508132edf26d1ff802128910a826b8fe6460146a0af0ce64d18c
75e4b0166c000538a200f3d202bf1f2cfe185176afac49ba7b42b7e54aefb574
85f31d2a79cdcf5841a299c101cda4cce64222ae42b85951e44d7dc45f73d0e8
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9cdac533b6fb2099df51ff6a3087d1c4986bbd892ef62612a63025b9e1507eb9
9e8c4daa6630ae62372de026af12492552eebe57f744495259fc2ba5bf1b267b
a70539a6d1420802ff6b189f5dbe4ec0c72ee440130552594771cca799440b37
aaeb83eee283cff3261ac6d239481731fc85bbcbf58bd525cad3742dfbb4dc21
af41a268cf047919c84748b819032f77c9e5ddcb46e8db7718a4d6e90225e40b
b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb70dee8873fc12a897479b3a19630f10f2b79c3f26e2f7bf4c8a70636787325
bdf7e05f94f097739c98cd47aab973192291af18e2045f53d59750fc6ea0d4eb
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debf95c4aa93cbde7264db340a91c1479d5a2ef0f5a173010dbf07e5e96877bf
e10c8039c21d623a57a12ffcbb8b0eec642eea42063aca1bde6d98371354e4fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d4ef9248c161c654325353262ef5a0fbd219dee944dcca07911cd917c6b8f6
fb2ff6c10e1dc15df29c153466f364c9a9bee1e44bacf593d33bc7970e0b12af
fb35c70938a6c57c2daa01ecdf52611b0617bfaa915d99af3cac0cb9ddb5687c