paypaltest.top Open in urlscan Pro
2606:4700:3034::681b:91b8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://paypaltest.top/
Submission Tags: phishing malicious Search All
Submission: On November 05 via api (November 5th 2020, 6:29:09 am UTC) from US

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3034::681b:91b8, located in United States and belongs to CLOUDFLARENET, US. The main domain is paypaltest.top.

This is the only time paypaltest.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3034::681b:91b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
19	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	184.31.83.141 184.31.83.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
40	9

10 2606:4700:3034::681b:91b8 (United States)

ASN13335 (CLOUDFLARENET, US)

paypaltest.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.83.141 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-83-141.deploy.static.akamaitechnologies.com

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	paypalobjects.com www.paypalobjects.com	860 KB
10	paypaltest.top paypaltest.top	31 KB
8	paypal.com 1 redirects c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com	22 KB
1	google.de www.google.de	153 B
1	google.com www.google.com	153 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googleadservices.com www.googleadservices.com	12 KB
40	7

	Domain	Requested by
19	www.paypalobjects.com	paypaltest.top www.paypalobjects.com
10	paypaltest.top	paypaltest.top www.paypalobjects.com
3	t.paypal.com	paypaltest.top
3	c.paypal.com	paypaltest.top c.paypal.com
1	dub.stats.paypal.com	paypaltest.top
1	b.stats.paypal.com	1 redirects
1	www.google.de	paypaltest.top
1	www.google.com	paypaltest.top
1	googleads.g.doubleclick.net	paypaltest.top
1	www.googleadservices.com	paypaltest.top
40	10

This site contains links to these domains. Also see Links.

Domain
shanondress.xyz

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-13`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh

This page contains 5 frames:

Primary Page: http://paypaltest.top/
Frame ID: AA1D0607ECF9EC83BFEE929D316B4EBA
Requests: 36 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Frame ID: C507908DAFAAA9F32BD5DF8FB938182D
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 68C1F0B6B0C24B36F891D39C5EB0A64D
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf
Frame ID: 05EF8D28574F6E2AB9A17677513D4F17
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 2FC607D05C6406FAA255DD6EC2236F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

40
Requests

75 %
HTTPS

44 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

927 kB
Transfer

3210 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://shanondress.xyz/index.php?route=checkout/checkout
Title: Cancel and return to gtu066@163.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://b.stats.paypal.com/v1/counter.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf HTTP 302
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
paypaltest.top/ 95 KB
24 KB 1779ms
1740ms Document
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: b31a02a91d0cd310775b0b5ece20a87cc3b4d0b3b622870eacf21b3f42b9cf5a

Request headers

Host: paypaltest.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d30b55d0741a3b843e9c22e44ea0b62971604557730; expires=Sat, 05-Dec-20 06:28:50 GMT; path=/; domain=.paypaltest.top; HttpOnly; SameSite=Lax
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 0638b10ba000003240d1b0c000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BMI4FZD%2BVrJC67F5t9L%2BdNDBdtMPc5ruhDXWHHQa1f51ompX83ouWh3Dk9GytO4p4sid2jHyAuYEYsIqbpFJ9Un4qCmAvaI5QnjZG%2BYROgt6XiLX1rxVDMrr9A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5ed484590d323240-FRA
Content-Encoding: gzip

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 32ms
29ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11472
x-xss-protection: 0
server: cafe
etag: 8286593240961886057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 06:28:52 GMT

GET
H2 200 analytics.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 44 KB
18 KB 126ms
28ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/analytics.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9003318
x-cache: HIT, HIT
status: 200
surrorage-key: /pa/mi/3p/gtag/analytics.js /pa/mi/3p/gtag/analytics.js /pa/mi/3p/gtag/analytics.js /pa/mi/3p/gtag/analytics.js /pa/mi/3p/gtag/analytics.js /pa/mi/3p/gtag /pa/mi/3p /pa/mi /pa
vary: Accept-Encoding
content-length: 17873
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8632-LAX, cache-fra19151-FRA
last-modified: Mon, 14 Oct 2019 03:26:24 GMT
server: Apache
x-timer: S1604557733.581969,VS0,VE0
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 264, 1493

GET
H2 200 gtag.js Show response
www.paypalobjects.com/pa/mi/3p/gtag/ 79 KB
34 KB 122ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: http://paypaltest.top
Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3608064
x-cache: HIT, HIT
status: 200
paypal-debug-id: 6eaf858cac079
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 34212
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10068-SJC, cache-fra19166-FRA
last-modified: Wed, 26 Aug 2020 18:33:55 GMT
x-timer: S1604557733.581564,VS0,VE0
etag: W/"5f46ab13-13bba"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 99770, 72668

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/pa/mi/ 104 KB
19 KB 141ms
44ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/miconfig.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5f6589a94082e1d8c9535cef9623ab9bd18be8d322a3645bd9e930cc1293853b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: http://paypaltest.top
Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2203
x-cache: HIT, HIT
status: 200
paypal-debug-id: 562b3f33d1749
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19194
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10071-SJC, cache-fra19166-FRA
last-modified: Thu, 05 Nov 2020 05:48:25 GMT
x-timer: S1604557733.581632,VS0,VE0
etag: W/"5fa39229-1a03e"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 221

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
6 KB 123ms
26ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15253617
x-cache: HIT, HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 6222
x-served-by: cache-dfw18622-DFW, cache-lax8638-LAX, cache-fra19151-FRA
last-modified: Mon, 11 May 2020 09:43:19 GMT
server: Apache
x-timer: S1604557733.581864,VS0,VE0
strict-transport-security: max-age=31557600
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 398729, 1341

GET
H2 200 contextualLogin.css
www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/ 98 KB
17 KB 138ms
41ms Stylesheet
text/css 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/contextualLogin.css

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

655790946659ad22d9cf3a6a53adaaeebde362fe3cd46701069299d87ae804ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917928
x-cache: HIT, HIT
status: 200
paypal-debug-id: a6c1b90c8452e
x-cache-hits: 1, 1
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 17105
x-served-by: cache-sjc10061-SJC, cache-fra19151-FRA
last-modified: Fri, 28 Aug 2020 03:37:54 GMT
x-timer: S1604557733.581732,VS0,VE1
etag: W/"5f487c12-187e7"
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Oct 2021 12:17:11 GMT

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/lib/ 4 KB
2 KB 142ms
45ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/lib/modernizr-2.6.1.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5970328
x-cache: HIT, HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 1788
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8626-LAX, cache-sjc10048-SJC, cache-fra19151-FRA
last-modified: Fri, 28 Aug 2020 03:37:55 GMT
server: Apache
x-timer: S1604557733.581862,VS0,VE1
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 3, 1, 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992191228/ 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992191228/?random=1599460705012&cv=9&fst=1599460705012&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=900&u_w=1440&u_ah=860&u_aw=1440&u_cd=24&u_his=9&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fwebapps%2Fhermes%3Ftoken%3D0C701232CT900351U%26useraction%3Dcommit%26rm%3D2%26mfid%3D1599460697537_00daa5d268f59&ref=https%3A%2F%2Fshanondress.xyz%2Findex.php%3Froute%3Dcheckout%2Fcheckout%26token%3Djmsn0QpLFip-8eZ5EsqkKlbH0SXWU&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50db5aab2f43a00afe142b6fb46553121fa691023b589811d0eb62dec1b230b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1186
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 2 KB
3 KB 29ms
27ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 19824918
x-cache: HIT, HIT
status: 200
surrorage-key: /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared/icon-PN-check.png /images/shared /images
content-length: 2236
x-served-by: cache-sjc10044-SJC, cache-fra19151-FRA
last-modified: Tue, 29 Mar 2016 00:23:32 GMT
server: Apache
x-timer: S1604557733.636879,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 890

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 6 KB
6 KB 30ms
27ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 19824916
x-cache: HIT, HIT
status: 200
surrorage-key: /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared/glyph_alert_critical_big-2x.png /images/shared /images
content-length: 5828
x-served-by: cache-sjc10026-SJC, cache-fra19151-FRA
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
server: Apache
x-timer: S1604557733.636988,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 930

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/lib/ 5 KB
3 KB 30ms
28ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/lib/fn-sync-telemetry-min.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45077
x-cache: MISS, HIT
status: 200
paypal-debug-id: 558a65a938253
x-cache-hits: 0, 1
dc: slc-b-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 2303
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10037-SJC, cache-fra19151-FRA
last-modified: Fri, 28 Aug 2020 03:37:55 GMT
x-timer: S1604557733.636664,VS0,VE1
etag: W/"5f487c13-159e"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 04 Nov 2021 11:07:13 GMT

GET
H2 200 checkout-split.js Show response
www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/ 158 KB
39 KB 299ms
297ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/js/checkout-split.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bcab8de1b7cd34e3529a57eab31170d93eed1efa23cd5fbfa86a8c6e3bb55e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS
status: 200
paypal-debug-id: c8587e3bdec25
x-cache-hits: 0, 0
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 39685
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10051-SJC, cache-fra19151-FRA
last-modified: Fri, 28 Aug 2020 03:37:55 GMT
x-timer: S1604557733.636773,VS0,VE272
etag: W/"5f487c13-276f7"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Fri, 05 Nov 2021 02:21:55 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 49 KB
19 KB 26ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03ae159c0204607558d629a6ee98705be5e1894ba0b553309987513e72f67d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1838
x-cache: HIT, HIT
status: 200
paypal-debug-id: 260fbccfb06f6
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 18991
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10083-SJC, cache-fra19151-FRA
last-modified: Thu, 05 Nov 2020 05:48:25 GMT
x-timer: S1604557733.636781,VS0,VE0
etag: W/"5fa39229-c474"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 227

GET
H/1.1 404
Not Found recaptchav3.js
paypaltest.top/auth/createchallenge/0c96f0a91d5ea21c/ 0
0 332ms
331ms Script
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/auth/createchallenge/0c96f0a91d5ea21c/recaptchav3.js?_sessionID=obCwgzz1J7_DaAVKoOr-mAS2UC-BeZuT
Requested by: Host: paypaltest.top
URL: http://paypaltest.top/
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v0Nv%2BTdunM7DTapWMybmehYGGTEHSmWxZjo9e%2B4fVYeonWJjeiO4gcE45PLg%2BPrcx9jJ4YBGCbwTQhe%2BI0F%2Fu%2B6dKUftAyqXhcsHwRSo500dLj72C2p7Vp2V1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ed48464e94c3240-FRA
cf-request-id: 0638b1131400003240b23ad000000001

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 122 KB
42 KB 26ms
25ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: http://paypaltest.top
Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8687139
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 42770
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8634-LAX, cache-fra19166-FRA
last-modified: Mon, 27 Jul 2020 16:45:51 GMT
server: Apache
x-timer: S1604557733.637111,VS0,VE0
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 1022, 108689

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 9 KB
3 KB 26ms
24ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Origin: http://paypaltest.top
Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8687312
x-cache: HIT, HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 3212
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8626-LAX, cache-sjc10034-SJC, cache-fra19166-FRA
last-modified: Mon, 27 Jul 2020 16:45:51 GMT
server: Apache
x-timer: S1604557733.637090,VS0,VE0
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 170583, 147528, 108412

GET
H/1.1 200
OK fb.js Show response
c.paypal.com/da/r/ 59 KB
21 KB 88ms
33ms Script
application/x-javascript 184.31.83.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: paypaltest.top
URL: http://paypaltest.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.83.141 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-31-83-141.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 017fc6b1bdc17a8b54da3cc15394703b6bd62387fe053d0390c6ca263cc051e8

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:52 GMT
X-Pad: avoid browser bug
Vary: Accept-Encoding
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20664
Last-Modified: Tue, 13 Oct 2020 19:14:02 GMT
Server: Apache
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Expires: Fri, 06 Nov 2020 06:28:52 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/992191228/ 42 B
153 B 21ms
20ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992191228/?random=1599460705012&cv=9&fst=1599458400000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1440&u_ah=860&u_aw=1440&u_cd=24&u_his=9&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fwebapps%2Fhermes%3Ftoken%3D0C701232CT900351U%26useraction%3Dcommit%26rm%3D2%26mfid%3D1599460697537_00daa5d268f59&ref=https%3A%2F%2Fshanondress.xyz%2Findex.php%3Froute%3Dcheckout%2Fcheckout%26token%3Djmsn0QpLFip-8eZ5EsqkKlbH0SXWU&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=3623421705&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 06:28:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992191228/ 42 B
153 B 25ms
25ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992191228/?random=1599460705012&cv=9&fst=1599458400000&num=1&bg=ffffff&guid=ON&u_h=900&u_w=1440&u_ah=860&u_aw=1440&u_cd=24&u_his=9&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fwebapps%2Fhermes%3Ftoken%3D0C701232CT900351U%26useraction%3Dcommit%26rm%3D2%26mfid%3D1599460697537_00daa5d268f59&ref=https%3A%2F%2Fshanondress.xyz%2Findex.php%3Froute%3Dcheckout%2Fcheckout%26token%3Djmsn0QpLFip-8eZ5EsqkKlbH0SXWU&tiba=Log%20in%20to%20your%20PayPal%20account&async=1&fmt=3&is_vtc=1&random=3623421705&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 06:28:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 5 KB
2 KB 25ms
24ms Image
image/svg+xml 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/contextualLogin.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/contextualLogin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19824915
x-cache: HIT, HIT
status: 200
surrorage-key: /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared/paypal-logo-129x32.svg /images/shared /images
vary: Accept-Encoding
content-length: 1929
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10023-SJC, cache-fra19151-FRA
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
server: Apache
x-timer: S1604557733.653216,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 55199, 817

GET
H2 200 hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/ 23 KB
23 KB 25ms
25ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/contextualLogin.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/9f8/63537dfb66a2aba807d60707592aa/css/contextualLogin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 19824896
x-cache: HIT, HIT
status: 200
surrorage-key: /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes/hermes_window_sprite_v16.png /images/checkout/hermes /images/checkout /images
content-length: 23268
x-served-by: cache-sjc10065-SJC, cache-fra19151-FRA
last-modified: Tue, 16 Aug 2016 23:54:42 GMT
server: Apache
x-timer: S1604557733.653304,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 226, 43

GET
H2 200 sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ 108 KB
108 KB 26ms
24ms Image
image/png 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 19824919
x-cache: HIT, HIT
status: 200
surrorage-key: /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons/sprite_countries_flag4.png /webstatic/mktg/icons /webstatic/mktg /webstatic
content-length: 110177
x-served-by: cache-lax8638-LAX, cache-fra19151-FRA
last-modified: Tue, 22 Oct 2019 20:58:28 GMT
server: Apache
x-timer: S1604557733.663445,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 404

GET
H2 200 grcenterprise_v3.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame C507 0
0 25ms
24ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://paypaltest.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paypaltest.top/

Response headers

status: 200
server: Apache
last-modified: Fri, 04 Sep 2020 17:40:56 GMT
content-type: text/html
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 05 Nov 2020 06:28:52 GMT
age: 5258091
x-served-by: cache-lax8630-LAX, cache-fra19151-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 417
x-timer: S1604557733.949032,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
strict-transport-security: max-age=31557600
content-length: 1547

GET
H/1.1 200
OK i
c.paypal.com/v1/r/d/ Frame 68C1 0
0 207ms
206ms Document
text/html 184.31.83.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.83.141 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-31-83-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: c.paypal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paypaltest.top/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paypaltest.top/

Response headers

CORRELATION-ID: f1bf2051eff4b
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Content-Length: 160
Content-Security-Policy-Report-Only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type: text/html;charset=UTF-8
Paypal-Debug-Id: f1bf2051eff4b
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Thu, 05 Nov 2020 06:28:53 GMT
Connection: keep-alive

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v1/ Frame 05EF
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf

42 B
299 B

146ms
47ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf
Requested by: Host: paypaltest.top
URL: http://paypaltest.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:52 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wQzcwMTIzMkNUOTAwMzUxVSZpPTE4NS4yMTEuNDguMjQmdD0xNTk5NDYwNjk5LjM4NyZhPTIxJnM9VU5JRklFRF9MT0dJTogJ-DTUXGtuElM5S2A7tzwpXxqf
Date: Thu, 05 Nov 2020 06:28:52 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 ts
t.paypal.com/ 42 B
666 B 216ms
178ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.23&t=1604557732963&g=-60&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=ReferenceError%3A%20data%20is%20not%20defined%0A%20%20%20%20at%20_%2Fpaypaltest.top%2F%3A1058%3A17804%0A%20%20%20%20at%20_0x2cca07%20(_%2Fpaypaltest.top%2F%3A1058%3A14032)%0A%20%20%20%20at%20_0x413d5e%20(_%2Fpaypaltest.top%2F%3A1058%3A17838)%0A%20%20%20%20at%20_%2Fpaypaltest.top%2F%3A1058%3A19208%0A%20%20%20%20at%20_%2Fpaypaltest.top%2F%3A1058%3A19782&error_source=http%3A%2F%2Fpaypaltest.top%2F%201058%3A17804&3p_vid=2747b368b086ea3&3p_fpti=5c6892fe35c89667
Requested by: Host: paypaltest.top
URL: http://paypaltest.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:53 GMT
via: 1.1 varnish, 1.1 varnish
age: 0, 0
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
http_x_pp_az_locator: slca.slc
x-cache-hits: 0, 0
content-length: 42
x-served-by: cache-lhr7371-LHR, cache-ams21079-AMS
pragma: no-cache
server: akka-http/10.1.11
x-timer: S1604557733.010354,VS0,VE160
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, no-transform
accept-ranges: bytes, bytes
expires: Thu, 05 Nov 2020 06:28:53 GMT

GET
H/1.1 200
OK i
c.paypal.com/v1/r/d/ Frame 2FC6 0
0 242ms
202ms Document
text/html 184.31.83.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: paypaltest.top
URL: http://paypaltest.top/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.31.83.141 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-31-83-141.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: c.paypal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://paypaltest.top/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://paypaltest.top/

Response headers

CORRELATION-ID: f4bdb69ded554
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Content-Length: 160
Content-Security-Policy-Report-Only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type: text/html;charset=UTF-8
Paypal-Debug-Id: f4bdb69ded554
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Thu, 05 Nov 2020 06:28:53 GMT
Connection: keep-alive

POST
H/1.1 404
Not Found tealeaftarget Show response
paypaltest.top/platform/ 284 B
848 B 349ms
348ms Fetch
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/platform/tealeaftarget
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7fb93b1c5ed2ceb41486e3f0135539d48f96eb9f23c9beb782b85dc5afbb91e

Request headers

Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/5.6.0.1875
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,5,12
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
Referer: http://paypaltest.top/
X-PageId: P.HQA2UQG2ZHSY3KZH3WXCDGJHG825
X-Requested-With: fetch
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KFcKFmTPrKaefPAWdB48PxsK8eKs%2F1XrfEOgoOanE2HkfyfvuQQ6XxIp%2Fwhqb9LEBW7vwCDAN6TlHxKiQvWbl0Sk0qPCGUBPlFXLOV7LWRvEcqOWNirdWmy7uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed48468681d3240-FRA
cf-request-id: 0638b1153d00003240e7b34000000001

GET
H/1.1 404
Not Found challenge.js Show response
paypaltest.top/auth/createchallenge/e08b3f1f264d2f8e/ 312 B
910 B 369ms
363ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/auth/createchallenge/e08b3f1f264d2f8e/challenge.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2ce7dba037839538cccd3d1fa4291f9fb50b15a48b7b76848dff308ab95786

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DIShkZEj91wyiiJ1KMj9VZSrcjRYSNVwh0aH3DP3LTGIpw85KpeCDVunIiad7QVg0l6L%2BUUP7RHwdIPmUOSOBx95fPc8eM%2FqMTVGOpr47t6m4NCDRyUl4atdgA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ed48468b83597c6-FRA
cf-request-id: 0638b11578000097c6a7bf6000000001

GET
H2 200 main.js Show response
www.paypalobjects.com/web/res/c44/a8c34cc96a48b850dc38839b147c6/js/ 2 MB
396 KB 44ms
43ms XHR
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/c44/a8c34cc96a48b850dc38839b147c6/js/main.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

7fce85dd76dc54868df949eed9c40be211e4b2881090fa065e8e81c0d631b458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5656114
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
content-length: 405098
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8628-LAX, cache-fra19166-FRA
last-modified: Mon, 31 Aug 2020 18:41:47 GMT
server: Apache
x-timer: S1604557733.240521,VS0,VE2
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 1

GET
H2 200 framework.js Show response
www.paypalobjects.com/js/xo/hermes/1.9.0/ 353 KB
120 KB 25ms
25ms XHR
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/js/xo/hermes/1.9.0/framework.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

d7360f2684a0399a30edd737e96f60e3dd9e7622c892a8421740efcc689bd7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:53 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
age: 19824894
x-cache: HIT, HIT
status: 200
surrorage-key: /js/xo/hermes/1.9.0/framework.js /js/xo/hermes/1.9.0/framework.js /js/xo/hermes/1.9.0/framework.js /js/xo/hermes/1.9.0/framework.js /js/xo/hermes/1.9.0/framework.js /js/xo/hermes/1.9.0 /js/xo/hermes /js/xo /js
content-encoding: gzip
vary: Accept-Encoding
content-length: 122811
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-lax8643-LAX, cache-fra19166-FRA
last-modified: Mon, 15 Oct 2018 18:02:25 GMT
server: Apache
x-timer: S1604557733.240508,VS0,VE0
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 21166

POST
H/1.1 404
Not Found client-log Show response
paypaltest.top/signin/ 279 B
849 B 367ms
362ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/client-log
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd54fb557ffc29935116e724837c3456f150dda8ec5efe4cd5838d1826e0873

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FZymnyVgBc3cQBo5gANcYji8j4n%2B13KonohaEYxI43j8dDvowNNHBdwimLzTarOCtRxxOSblnmHcp6B2U%2BSV9yURmQoQvMLAIXOyBKA8St5rTwdgkDLmgAkCmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed48468baacc27c-FRA
cf-request-id: 0638b115740000c27cbb998000000001

GET
H/1.1 404
Not Found cookie-banner Show response
paypaltest.top/signin/ 282 B
857 B 351ms
345ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/cookie-banner?flowId=0C701232CT900351U
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e236478a0863a2b186b833e3ab207f50aea37f56e33be3ea49e2e56f575194aa

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRAABA4CS5gNDrpbnz0TJKPs0%2BhDPgitkCGdLY81%2BJrTrJX5JvjDNtr2DEJ%2B1jW34bbHxdeKQb%2BtRLya8C6fVhGElDk9yMnnHJVw7%2FT0G99un95x3psBBaNP%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed48468ba15176a-FRA
cf-request-id: 0638b115750000176acebf8000000001

POST
H/1.1 404
Not Found load-resource Show response
paypaltest.top/signin/ 282 B
854 B 344ms
338ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/load-resource
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db9b8d5c9864277eac7d3911c1012f92e6bb07b328044caadfeffdb4802eaa5

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frwZfcKUiBw3P7U8Pk72PB%2BXLBlWKTZfsUuKuc5R9D5UjR0JTZpIpcoex6a5%2Bd%2FCAKzAoCKoWacu1XCT3YhG2M8OCK%2Fuae3S05UJDXNtK3f%2Fb1fyMdTXazCDJw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed48468bc5b175e-FRA
cf-request-id: 0638b115750000175e5ea19000000001

POST
H/1.1 404
Not Found client-log Show response
paypaltest.top/signin/ 279 B
851 B 358ms
352ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/client-log
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd54fb557ffc29935116e724837c3456f150dda8ec5efe4cd5838d1826e0873

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gW3FbD58XEviqiv%2Bjt69xawcIRLwrM4Zh%2BUV%2B5AfbFGZ6x4mZGLuRx3mpxwZhY%2F1w1Cq9qKpKNskWKDXacI58mqfvwPqtr07Zka9UClmxTNcgVmGsVdwwkWQKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed48468cce50621-FRA
cf-request-id: 0638b11579000006215b864000000001

GET
H2 200 ts
t.paypal.com/ 42 B
135 B 178ms
177ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.23&t=1604557733236&g=-60&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0&3p_vid=2747b368b086ea3&3p_fpti=5c6892fe35c89667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:53 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
http_x_pp_az_locator: slca.slc
x-cache-hits: 0, 0
content-length: 42
x-served-by: cache-lhr7326-LHR, cache-ams21079-AMS
pragma: no-cache
server: akka-http/10.1.11
x-timer: S1604557733.245252,VS0,VE160
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, no-transform
accept-ranges: bytes
expires: Thu, 05 Nov 2020 06:28:53 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
135 B 181ms
181ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.23&t=1604557733511&g=-60&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1599460699337&calc=8ca7cd30d2f63&nsid=obCwgzz1J7_DaAVKoOr-mAS2UC-BeZuT&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=4e1e7e25e25047e691a244c24b50944c&comp=unifiedloginnodeweb&tsrce=xorouternodeweb&cu=0&gacook=568200204.1597124552&ef_policy=ccpa&c_prefs=T%3D1%2CP%3D1%2CF%3D1%2Ctype%3Dexplicit_banner&transition_name=ss_prepare_pwd_ot&fltk=0C701232CT900351U&flid=0C701232CT900351U&xe=101736%2C101216%2C101270%2C100364%2C101305%2C100855%2C101214&xt=105858%2C103864%2C106405%2C103733%2C104249%2C104199%2C103847&ctx_login_ot_content=0&obex=checkout&landing_page=login&state_name=begin_pwd&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_onetouch=shown&ctx_login_signup_btn=shown%7CpayWithCard&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&e=im&imsrc=setup&view=%7B%22t10%22%3A38%2C%22t11%22%3A2605%2C%22tcp%22%3A1822%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A51%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=38&t1c=38&t1d=31&t1s=0&t2=1740&t3=159&t4d=754&t4=766&t4e=3&tt=2554&rdc=0&res=%7B%7D&rtt=178&3p_vid=2747b368b086ea3&3p_fpti=5c6892fe35c89667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: http://paypaltest.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 06:28:53 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status: 200
http_x_pp_az_locator: slca.slc
x-cache-hits: 0, 0
content-length: 42
x-served-by: cache-lhr7373-LHR, cache-ams21079-AMS
pragma: no-cache
server: akka-http/10.1.11
x-timer: S1604557734.520058,VS0,VE163
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, no-transform
accept-ranges: bytes
expires: Thu, 05 Nov 2020 06:28:53 GMT

POST
H/1.1 404
Not Found load-resource Show response
paypaltest.top/signin/ 282 B
852 B 336ms
336ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/load-resource
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db9b8d5c9864277eac7d3911c1012f92e6bb07b328044caadfeffdb4802eaa5

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pmkDMrdDwQts883h%2BqqNKucOBZPxKMmtzRRDvvyxo9ejehBy%2B89%2BQQUUiPVCpUX%2F9k0iTFwF0AF3eQChQyMq2VigaW4cwI7MXIjjBz1XGdDjkGXfshp8ykBZrg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed4846ad881175e-FRA
cf-request-id: 0638b116c90000175e87967000000001

POST
H/1.1 404
Not Found load-resource Show response
paypaltest.top/signin/ 282 B
846 B 329ms
329ms XHR
text/html 2606:4700:3034::681b:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://paypaltest.top/signin/load-resource
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3034::681b:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db9b8d5c9864277eac7d3911c1012f92e6bb07b328044caadfeffdb4802eaa5

Request headers

Accept: application/json
Referer: http://paypaltest.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 05 Nov 2020 06:28:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F6I2D1i6eqXylb1YICZKXd0qDSPSIfc1zTk7bwS70puMOw3qRIpqFMm7UDAfv0WmBCWwKPkHvqojnuArR%2F0FC0Y44ykQob96EyvNAm7CkFneXYTQl6KFjuso3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 5ed4846adc393240-FRA
cf-request-id: 0638b116ca00003240a489b000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 15:59:22	Name: ts_c Value: vr%3D5c6892fe35c89667%26vt%3D2747b368b086ea3
.paypal.com/	1970-01-20 15:59:22	Name: ts Value: vreXpYrS%3D1699162133%26vteXpYrS%3D1604559533%26vr%3D5c6892fe35c89667%26vt%3D2747b368b086ea3
.paypaltest.top/	1970-01-19 14:25:49	Name: __cfduid Value: d30b55d0741a3b843e9c22e44ea0b62971604557730

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
dub.stats.paypal.com
googleads.g.doubleclick.net
paypaltest.top
t.paypal.com
www.google.com
www.google.de
www.googleadservices.com
www.paypalobjects.com
151.101.14.133
151.101.193.35
172.217.23.98
184.31.83.141
2606:4700:3034::681b:91b8
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:820::2004
64.4.245.84
017fc6b1bdc17a8b54da3cc15394703b6bd62387fe053d0390c6ca263cc051e8
03ae159c0204607558d629a6ee98705be5e1894ba0b553309987513e72f67d69
0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1cd54fb557ffc29935116e724837c3456f150dda8ec5efe4cd5838d1826e0873
219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
3bcab8de1b7cd34e3529a57eab31170d93eed1efa23cd5fbfa86a8c6e3bb55e6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
4db9b8d5c9864277eac7d3911c1012f92e6bb07b328044caadfeffdb4802eaa5
50db5aab2f43a00afe142b6fb46553121fa691023b589811d0eb62dec1b230b6
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
5a2ce7dba037839538cccd3d1fa4291f9fb50b15a48b7b76848dff308ab95786
5f6589a94082e1d8c9535cef9623ab9bd18be8d322a3645bd9e930cc1293853b
61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
655790946659ad22d9cf3a6a53adaaeebde362fe3cd46701069299d87ae804ef
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7fce85dd76dc54868df949eed9c40be211e4b2881090fa065e8e81c0d631b458
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b31a02a91d0cd310775b0b5ece20a87cc3b4d0b3b622870eacf21b3f42b9cf5a
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
b7fb93b1c5ed2ceb41486e3f0135539d48f96eb9f23c9beb782b85dc5afbb91e
d7360f2684a0399a30edd737e96f60e3dd9e7622c892a8421740efcc689bd7a3
e236478a0863a2b186b833e3ab207f50aea37f56e33be3ea49e2e56f575194aa
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1

paypaltest.top Open in urlscan Pro 2606:4700:3034::681b:91b8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

75 %HTTPS

44 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

927 kBTransfer

3210 kBSize

3 Cookies

1 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paypaltest.top Open in urlscan Pro
2606:4700:3034::681b:91b8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

75 %
HTTPS

44 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

927 kB
Transfer

3210 kB
Size

3
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!