urlscan.io logo urlscan.io
SecurityTrails logo

actuallogin.netlify.app Open in urlscan Pro
2a05:d014:275:cb01:1f85:932b:b797:22f9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Submission: On April 08 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2a05:d014:275:cb01:1f85:932b:b797:22f9, located in Ireland and belongs to AMAZON-02, US. The main domain is actuallogin.netlify.app.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on February 15th 2022. Valid for: a year.
This is the only time actuallogin.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

9    2a05:d014:275:cb01:1f85:932b:b797:22f9 (Ireland)

ASN16509 (AMAZON-02, US)
actuallogin.netlify.app
9    69.192.160.160 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-160.deploy.static.akamaitechnologies.com
www.paypalobjects.com
4    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
cdn.statically.io
statically.io
1    194.113.72.127 (New York, United States)

ASN25697 (UPCLOUDUSA, US)
PTR: 194-113-72-127.us-nyc1.upcloud.host
ejs.my.id
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
harmlesstacticalhonorable.com
1    192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
sstatic1.histats.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
t.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)
c6.paypal.com
Apex Domain
Subdomains		 Transfer
12 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5906
b.stats.paypal.com — Cisco Umbrella Rank: 4652
dub.stats.paypal.com — Cisco Umbrella Rank: 17957
t.paypal.com — Cisco Umbrella Rank: 3392
c6.paypal.com — Cisco Umbrella Rank: 6738
43 KB
9 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1886
168 KB
9 netlify.app
actuallogin.netlify.app
27 KB
4 statically.io
cdn.statically.io — Cisco Umbrella Rank: 12968
statically.io — Cisco Umbrella Rank: 12543
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
75 KB
1 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 73184
163 B
1 harmlesstacticalhonorable.com
harmlesstacticalhonorable.com
1 ejs.my.id
ejs.my.id
2 KB
39 9
Domain Requested by
9 www.paypalobjects.com actuallogin.netlify.app
9 actuallogin.netlify.app actuallogin.netlify.app
www.paypalobjects.com
5 c.paypal.com www.paypalobjects.com
c.paypal.com
4 t.paypal.com
3 cdn.statically.io 1 redirects actuallogin.netlify.app
2 www.google-analytics.com www.googletagmanager.com
www.paypalobjects.com
2 www.googletagmanager.com ejs.my.id
www.googletagmanager.com
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 sstatic1.histats.com actuallogin.netlify.app
1 harmlesstacticalhonorable.com ejs.my.id
1 ejs.my.id actuallogin.netlify.app
1 statically.io actuallogin.netlify.app
39 14

This site contains no links.

Subject Issuer Validity Valid
*.netlify.app
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-15 -
2023-03-02		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-02-04 -
2022-10-31		 9 months crt.sh
statically.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-18 -
2023-03-22		 a year crt.sh
ejs.my.id
R3		 2022-02-16 -
2022-05-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
harmlesstacticalhonorable.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Frame ID: 407386F95A3059200E3A870E7A7D5832
Requests: 33 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: E6CE28F68C9F9DFF0837F4D354D09823
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8
Frame ID: 5F0DF39099B81A1B9995C024F26E31C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.netlify\.(?:com|app)/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

39
Requests

95 %
HTTPS

45 %
IPv6

9
Domains

14
Subdomains

11
IPs

4
Countries

343 kB
Transfer

875 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cdn.statically.io/img/www.paypal.com/ HTTP 301
  • https://statically.io/?ref=imgext0
Request Chain 29
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8 HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
actuallogin.netlify.app/host-https-www.paypal.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
d6fcfbeb9191ef50152cb5e63c62b7838f6a688aafeeb65e54bd620630a62680

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 08 Apr 2022 14:03:05 GMT
server
Netlify
x-nf-request-id
01G04QRMTYMJN8GZ8T1WZ7GMSE
x-powered-by
Express
recaptchav3.js
actuallogin.netlify.app/auth/createchallenge/fe9c60d71e11ef56/ 		3 B
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/auth/createchallenge/fe9c60d71e11ef56/recaptchav3.js?_sessionID=zG-doKzltj5k1Nug0wPc3V0U-SeyoXYO
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nf-request-id
01G04QRNF4NVKKFQPN05ANA1GD
date
Fri, 08 Apr 2022 14:03:05 GMT
server
Netlify
age
0
x-powered-by
Express
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
3
ngrlCaptcha.min.js
www.paypalobjects.com/webcaptcha/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Apr 2022 10:20:48 GMT
etag
W/"624d6980-5940"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
f3d56fbe9466f
cache-control
s-maxage=31536000, public,max-age=3600
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
6711
contextualLoginElementalUIv2.css
actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/ 		125 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/contextualLoginElementalUIv2.css
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
dbacfd18d53ad9f27853e322be2d1eec7364669caeaa094315370a0e6057ed1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nf-request-id
01G04QRNF4XMH15BKMYS86SR9Y
date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
br
etag
W/"62462efe-1f223"
last-modified
Thu, 31 Mar 2022 22:45:18 GMT
server
Netlify
age
0
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, s-maxage=31536000
modernizr-2.6.1.js
www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/lib/modernizr-2.6.1.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
44695cf4cb1ca
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
1788
last-modified
Thu, 31 Mar 2022 22:45:19 GMT
etag
W/"62462eff-edf"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 08 Apr 2023 14:03:05 GMT
/
statically.io/
Redirect Chain
  • https://cdn.statically.io/img/www.paypal.com/
  • https://statically.io/?ref=imgext0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statically.io/?ref=imgext0
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
server
statically
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
location
https://statically.io/?ref=imgext0
access-control-expose-headers
*
cache-control
public, max-age=5
timing-allow-origin
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
x-served-by
cache-mxp6943-MXP
icon-PN-check.png
cdn.statically.io/img/www.paypalobjects.com/images/shared/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.statically.io/img/www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
x-cache
HIT, MISS
paypal-debug-id
42e2a8b8a39ff
dc
ccg11-origin-www-1.paypal.com
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2236
x-served-by
cache-mxp6943-MXP
server
statically
etag
"60271b47-8bc"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
glyph_alert_critical_big-2x.png
cdn.statically.io/img/www.paypalobjects.com/images/shared/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.statically.io/img/www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
x-cache
HIT, MISS
paypal-debug-id
d1e8f59f24b7
dc
ccg11-origin-www-1.paypal.com
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5828
x-served-by
cache-mxp6943-MXP
server
statically
etag
"54130c54-16c4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
accept-ch
DPR, Viewport-Width, Width, ECT, Downlink
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
access-control-expose-headers
*
fn-sync-telemetry-min.js
www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/lib/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/lib/fn-sync-telemetry-min.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
a673bc950d681
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
2303
last-modified
Thu, 31 Mar 2022 22:45:19 GMT
etag
W/"62462eff-159e"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 08 Apr 2023 14:03:05 GMT
signin-split.js
www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/ 		179 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/signin-split.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0e847edd01c6516c3ee0d71b74516429d6d856a7da43fcabbe8e548e97e0573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
d138f56158541
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
43970
last-modified
Thu, 31 Mar 2022 22:45:19 GMT
etag
W/"62462eff-2ca4c"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 08 Apr 2023 14:03:05 GMT
pa.js
www.paypalobjects.com/pa/js/min/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
f2108a7e8f1c
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
21236
last-modified
Tue, 05 Apr 2022 03:09:40 GMT
etag
W/"624bb2f4-d8fc"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
inject.js
ejs.my.id/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ejs.my.id/js/inject.js
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.113.72.127 New York, United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS
194-113-72-127.us-nyc1.upcloud.host
Software
nginx-rc /
Resource Hash
7e2aa4f23dede39e7def13362b1974703c9304bc55e408f1a186dbd1777fd542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 Jan 2022 18:43:27 GMT
server
nginx-rc
etag
W/"61d343cf-1b92"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000, public
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Sun, 08 May 2022 14:03:06 GMT
momgram@2x.png
www.paypalobjects.com/images/shared/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/momgram@2x.png
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f6fb7057e3dca4e52b4cf3f347ae06716bdd850cfa1d981f0d3894326c040f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Feb 2022 08:27:43 GMT
server
Akamai Image Manager
etag
"n1eiFwTHQZT8r7LMVF4RJSE9QNnoZS4jSUvEYSZDtgw"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
1386
expires
Sat, 09 Apr 2022 02:03:05 GMT
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://actuallogin.netlify.app/
Origin
https://actuallogin.netlify.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
cache-control
public,max-age=3600
etag
"560b6e70-b8eb"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
paypal-debug-id
bdbd126cb2b2d
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
slc-b-origin-www-1.paypal.com
content-length
47339
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://actuallogin.netlify.app/
Origin
https://actuallogin.netlify.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
cache-control
s-maxage=31536000, public,max-age=3600
etag
"60271cda-6318"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
6c14069732044
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
25368
PayPalSansBig-Medium.woff2
www.paypalobjects.com/paypal-ui/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/css/contextualLoginElementalUIv2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.160 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://actuallogin.netlify.app/
Origin
https://actuallogin.netlify.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
date
Fri, 08 Apr 2022 14:03:05 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
cache-control
s-maxage=31536000, public,max-age=3600
etag
"60271cda-484c"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
paypal-debug-id
8904e5ec4f7dc
strict-transport-security
max-age=31536000
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
18508
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162747486-10
Requested by
Host: ejs.my.id
URL: https://ejs.my.id/js/inject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73c40de51c3c2b9aa9598ad85488a0d88ef0749719e11d06abc766f2589dd95c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38066
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Apr 2022 14:03:06 GMT
invoke.js
harmlesstacticalhonorable.com/446dfe399a4841bcd734e0cd8a94e530/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://harmlesstacticalhonorable.com/446dfe399a4841bcd734e0cd8a94e530/invoke.js
Requested by
Host: ejs.my.id
URL: https://ejs.my.id/js/inject.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 08 Apr 2022 14:03:07 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
0.gif
sstatic1.histats.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4605750&101
Requested by
Host: actuallogin.netlify.app
URL: https://actuallogin.netlify.app/host-https-www.paypal.com/signin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 08 Apr 2022 14:03:06 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162747486-12&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162747486-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28868c1c868c82814721bf699b54b9f144457d3acb155ce963dbd2de459601ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38058
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Apr 2022 14:03:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162747486-12&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7100
date
Fri, 08 Apr 2022 12:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 08 Apr 2022 14:04:46 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=184305540&t=pageview&_s=1&dl=https%3A%2F%2Factuallogin.netlify.app%2Fhost-https-www.paypal.com%2Fsignin&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20PayPal%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1236379974&gjid=1638419525&cid=562561501.1649426587&tid=UA-162747486-12&_gid=1789842633.1649426587&_r=1&gtm=2ou3u0&z=1952807834
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://actuallogin.netlify.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 14:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://actuallogin.netlify.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
client-log
actuallogin.netlify.app/signin/ 		3 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-nf-request-id
01G04QRRFZXTY6PHSVX3HRE56N
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
etag
W/"3-w1qfxSu1Vsefj6VA31h6K/RluUA"
content-type
text/html; charset=utf-8
cache-control
no-cache
content-length
3
fb.js
c.paypal.com/da/r/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/937/4dbb233e72033d9b6c4a5492bfa03/js/signin-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25711
x-cache
HIT, HIT, HIT
paypal-debug-id
d4bfa873b27ed
x-cache-hits
1, 2, 28337
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19339
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10026-SJC, cache-hhn4046-HHN, cache-hhn4036-HHN
last-modified
Mon, 28 Mar 2022 22:49:15 GMT
x-timer
S1649426588.259182,VS0,VE2
etag
W/"62423b6b-de68"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 14:03:08 GMT
client-log
actuallogin.netlify.app/signin/ 		3 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-nf-request-id
01G04QRRG3DZP7VHT7AR0WKQGR
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
etag
W/"3-w1qfxSu1Vsefj6VA31h6K/RluUA"
content-type
text/html; charset=utf-8
cache-control
no-cache
content-length
3
challenge.js
actuallogin.netlify.app/auth/createchallenge/092bcf3be92322fa/ 		3 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/auth/createchallenge/092bcf3be92322fa/challenge.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nf-request-id
01G04QRRG4YB223WFQRWB0RDY5
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
3
client-log
actuallogin.netlify.app/signin/ 		3 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/signin/client-log
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-nf-request-id
01G04QRRG6RG79ASH71GDWJKAS
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
etag
W/"3-w1qfxSu1Vsefj6VA31h6K/RluUA"
content-type
text/html; charset=utf-8
cache-control
no-cache
content-length
3
cookie-banner
actuallogin.netlify.app/signin/ 		3 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/signin/cookie-banner?
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nf-request-id
01G04QRRG79TNXXRKR7DPKJQ8N
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
3
load-resource
actuallogin.netlify.app/signin/ 		3 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actuallogin.netlify.app/signin/load-resource
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb01:1f85:932b:b797:22f9 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify / Express
Resource Hash
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Request headers

Accept
application/json
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-nf-request-id
01G04QRRG77CS8J04R8NFEAA1D
date
Fri, 08 Apr 2022 14:03:08 GMT
server
Netlify
age
0
x-powered-by
Express
etag
W/"3-w1qfxSu1Vsefj6VA31h6K/RluUA"
content-type
text/html; charset=utf-8
cache-control
no-cache
content-length
3
i
c.paypal.com/v1/r/d/ Frame E6CE 		160 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://actuallogin.netlify.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
d6b3a176b2335
date
Fri, 08 Apr 2022 14:03:08 GMT
paypal-debug-id
d6b3a176b2335
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4036-HHN
x-timer
S1649426588.339241,VS0,VE155
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/v1/ Frame 5F0D
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 08 Apr 2022 14:03:08 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wNDEwNjIyYjhhNzY0NDY3ODNjZDZiZDFjNTFmMjA3YiZpPTMuMjI5LjEzOC4yMjEmdD0xNjQ5NDI2NTg0LjgyJmE9MjEmcz1VTklGSUVEX0xPR0lOV3xISNNQe2i0anqynZxGWCEZuH8
Date
Fri, 08 Apr 2022 14:03:08 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
ts
t.paypal.com/ 		42 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.3&t=1649426588449&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1649426584766&calc=f80192577ec1f&nsid=zG-doKzltj5k1Nug0wPc3V0U-SeyoXYO&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=0410622b8a76446783cd6bd1c51f207b&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=104200%2C104458%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200%2C105124&xt=121070%2C119355%2C109630%2C104577%2C117999%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C121070%2C122483&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&gacook=562561501.1649426587&imsrc=setup&view=%7B%22t10%22%3A29%2C%22t11%22%3A3847%2C%22tcp%22%3A947%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=29&t1c=29&t1d=9&t1s=11&t2=628&t3=1&t4d=0&t4=0&t4e=8&tt=3796&rdc=0&protocol=h2&res=%7B%7D&3p_vid=72bf8aa8366684ad&3p_fpti=1c4a5171758dd3b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
244ecaaee2bc
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4036-HHN
pragma
no-cache
x-timer
S1649426588.464357,VS0,VE163
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 14:03:08 GMT
ts
t.paypal.com/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.3&t=1649426588546&g=0&e=err&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&comp=unifiedloginnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0&3p_vid=72bf8aa8366684ad&3p_fpti=1c4a5171758dd3b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
80ebb3d5403b0
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4036-HHN
pragma
no-cache
x-timer
S1649426589.560264,VS0,VE160
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 14:03:08 GMT
fb.js
c.paypal.com/da/r/ Frame E6CE 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25711
x-cache
HIT, HIT, HIT
paypal-debug-id
d4bfa873b27ed
x-cache-hits
1, 2, 28338
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19339
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10026-SJC, cache-hhn4046-HHN, cache-hhn4036-HHN
last-modified
Mon, 28 Mar 2022 22:49:15 GMT
x-timer
S1649426589.568415,VS0,VE2
etag
W/"62423b6b-de68"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 14:03:08 GMT
p1
c.paypal.com/v1/r/d/b/ Frame E6CE 		125 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5dc311018b9dac775f96b8dd446a6801f924eee6ad3645b956d476f8c758ef5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Fri, 08 Apr 2022 14:03:08 GMT
via
1.1 varnish
correlation-id
ee96a242cbad0
x-served-by
cache-hhn4036-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
ee96a242cbad0
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0
e
c.paypal.com/v1/r/d/b/ Frame E6CE 		15 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Apr 2022 14:03:08 GMT
via
1.1 varnish
correlation-id
68df56ffb620b
x-served-by
cache-hhn4036-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
content-type
application/json
paypal-debug-id
68df56ffb620b
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0
p3
c6.paypal.com/v1/r/d/b/ Frame E6CE 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=0410622b8a76446783cd6bd1c51f207b&s=UNIFIED_LOGIN_INPUT_EMAIL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F48) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:09 GMT
content-encoding
gzip
correlation-id
af08edca783ec
server
ECAcc (frc/8F48)
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
af08edca783ec
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=555
timing-allow-origin
*
vary
Accept-Encoding
content-length
20
ts
t.paypal.com/ 		42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.3&t=1649426589451&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1649426584766&calc=f80192577ec1f&nsid=zG-doKzltj5k1Nug0wPc3V0U-SeyoXYO&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=0410622b8a76446783cd6bd1c51f207b&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=104200%2C104458%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200%2C105124&xt=121070%2C119355%2C109630%2C104577%2C117999%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C121070%2C122483&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=t_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=191&t3=1&tt=193&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A193%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=72bf8aa8366684ad&3p_fpti=1c4a5171758dd3b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:09 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
a98a354288c2a
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4036-HHN
pragma
no-cache
x-timer
S1649426589.468867,VS0,VE164
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 14:03:09 GMT
ts
t.paypal.com/ 		42 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.6.3&t=1649426589451&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1649426584766&calc=f80192577ec1f&nsid=zG-doKzltj5k1Nug0wPc3V0U-SeyoXYO&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=0410622b8a76446783cd6bd1c51f207b&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&xe=104200%2C104458%2C102557%2C101408%2C104227%2C104039%2C104038%2C102390%2C104571%2C101216%2C103648%2C104200%2C105124&xt=121070%2C119355%2C109630%2C104577%2C117999%2C120731%2C120735%2C108797%2C121328%2C103864%2C114559%2C121070%2C122483&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=c_paypal_cpl&t1=4&t1c=0&t1d=0&t1s=0&t2=198&t3=1&tt=203&protocol=h2&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A4%2C%22t11%22%3A203%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=72bf8aa8366684ad&3p_fpti=1c4a5171758dd3b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://actuallogin.netlify.app/host-https-www.paypal.com/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:03:09 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f7a33de561a02
x-cache-hits
0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4036-HHN
pragma
no-cache
x-timer
S1649426589.474677,VS0,VE154
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 14:03:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL boolean| paypalADSInterceptorInjected function| $ object| fpti string| fptiserverurl object| _ifpti function| isUrl function| urlParse function| maketextnumber function| removeImg function| gtag object| dataLayer object| atOptions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.actuallogin.netlify.app/ Name: _ga
Value: GA1.3.562561501.1649426587
.actuallogin.netlify.app/ Name: _gid
Value: GA1.3.1789842633.1649426587
.actuallogin.netlify.app/ Name: _gat_gtag_UA_162747486_12
Value: 1
.paypal.com/ Name: ts_c
Value: vr%3D1c4a5171758dd3b8%26vt%3D72bf8aa8366684ad
.c.paypal.com/ Name: sc_f
Value: IHoqfA82InYSUucjd2unXmJ16DQ-ZzCuR7AW7FthdRTApoR--s7OGT3I-YlEnIiOYHMN9pYLfOvV-pbMppw-qNPBYiiagedz6Am13m
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: sEWFzvZDNqEGZs9cJcErP5dfOqqJiNnMj4xOf_XgfpW61BawcCaLV5rVJtBkGrqP5RxH7kZrh7_N-yN3
.paypal.com/ Name: ts
Value: vreXpYrS%3D1744120989%26vteXpYrS%3D1649428389%26vr%3D1c4a5171758dd3b8%26vt%3D72bf8aa8366684ad

1 Console Messages

Source Level URL
Text
network error URL: https://harmlesstacticalhonorable.com/446dfe399a4841bcd734e0cd8a94e530/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actuallogin.netlify.app
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.statically.io
dub.stats.paypal.com
ejs.my.id
harmlesstacticalhonorable.com
sstatic1.histats.com
statically.io
t.paypal.com
www.google-analytics.com
www.googletagmanager.com
www.paypalobjects.com
151.101.1.35
192.243.59.20
192.99.8.28
194.113.72.127
2606:2800:233:ce53:4396:b914:64c2:638e
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a04:4e42:600::649
2a05:d014:275:cb01:1f85:932b:b797:22f9
64.4.245.84
69.192.160.160
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
28868c1c868c82814721bf699b54b9f144457d3acb155ce963dbd2de459601ea
2acb55daa0947fda779bd06d9f51ff4aa6d14edfa3e57cc512e2f8a1b5399c21
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
5dc311018b9dac775f96b8dd446a6801f924eee6ad3645b956d476f8c758ef5e
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
73c40de51c3c2b9aa9598ad85488a0d88ef0749719e11d06abc766f2589dd95c
7e2aa4f23dede39e7def13362b1974703c9304bc55e408f1a186dbd1777fd542
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
ae60ff45bc479531d50270d0bfda156c30a8b5bcf544dc916b04f63f13e46e1e
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
c0e847edd01c6516c3ee0d71b74516429d6d856a7da43fcabbe8e548e97e0573
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d6fcfbeb9191ef50152cb5e63c62b7838f6a688aafeeb65e54bd620630a62680
dbacfd18d53ad9f27853e322be2d1eec7364669caeaa094315370a0e6057ed1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6fb7057e3dca4e52b4cf3f347ae06716bdd850cfa1d981f0d3894326c040f3a