urlscan.io logo urlscan.io
SecurityTrails logo

paypal-sicherheitsverfahren.com Open in urlscan Pro
2606:4700:3033::6815:317e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paypal-sicherheitsverfahren.com/
Effective URL: https://paypal-sicherheitsverfahren.com/steps/login.php
Submission Tags: @phishunt_io
Submission: On July 30 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 2606:4700:3033::6815:317e, located in United States and belongs to CLOUDFLARENET, US. The main domain is paypal-sicherheitsverfahren.com.
TLS certificate: Issued by WE1 on July 30th 2024. Valid for: 3 months.
This is the only time paypal-sicherheitsverfahren.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2
Apex Domain
Subdomains		 Transfer
2 paypal-sicherheitsverfahren.com
paypal-sicherheitsverfahren.com
693 B
1 1
Domain Requested by
2 paypal-sicherheitsverfahren.com 1 redirects
1 1

This site contains no links.

Subject Issuer Validity Valid
paypal-sicherheitsverfahren.com
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paypal-sicherheitsverfahren.com/steps/login.php
Frame ID: 7441F7D21D1D11A100E959463FF3D221
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Law Farm || Mrh Rifat

Page URL History Show full URLs

  1. https://paypal-sicherheitsverfahren.com/ HTTP 302
    https://paypal-sicherheitsverfahren.com/steps/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

419 kB
Transfer

3989 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paypal-sicherheitsverfahren.com/ HTTP 302
    https://paypal-sicherheitsverfahren.com/steps/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
paypal-sicherheitsverfahren.com/steps/
Redirect Chain
  • https://paypal-sicherheitsverfahren.com/
  • https://paypal-sicherheitsverfahren.com/steps/login.php
2 MB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://paypal-sicherheitsverfahren.com/steps/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:317e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ab6c5c51994383b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 16:37:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SRx2Ecs8BMgJhrKJqi3WFkvWeQGHRaSoedM%2BQDCk0RTfDJmb0PFhlwoAUaYN%2FcB7mWs5kQXWpWphnakjqsaWRlQ8QdGl6VmTHv02J2Ezbu5%2FQNvnrleR6NU4bJusvEXDBYnIo10K1MfqIOd%2FGEkH6Xk09M4RzzdIs23vhF7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ab6c5c4380a383b-FRA
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 16:37:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
steps/login.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
same-origin same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFXecB2AUhkChXMJIXvNw1XclXZeZ4HkiEwSK3t2g3TdoMUbaJO5nWqcJLW53nhop9PoxZAbBoYLBOFRkAVBUcyP6Qi%2BcGOoRUybybxBUuehNCOe7cYjue%2FHMvxIdjVdVb%2Fsr8ebhyOC3pgNn1hzSyJUf0wFjJdrpqCifXfI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
master-only master-only
x-xss-protection
1; mode=block 1; mode=block
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb48a6f06a6d673b12f0b898620901a2ba5c50e7058f13d90a3ce427a17ec96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66f52e1b3e577da074d9832a9ef231cc7f756be6db37a36e21514c7c3323969b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22bbc34cf3803e37892ffdebe03e6f8c2957daca6b0d40079e4e0a90065b562d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288323aa6da021f710a8d936289106d3b226fb60bd2afdd7cf9b8eda8358d045

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4949471428fa018bf6152d3c647f9c7574c277229be05daf68bb18c7272d9a0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		430 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8446d8668c55df134203ece3fbdd7d20ae1ffa499b835e5b2136fab666483e17

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f985432f039c8029193140cd3500407fa436bac74915f7057372c66564537ef

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		241 KB
241 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
add5e8f76879d0ea638ff180b50c14a85d93a5f4e1b1b7a7fed04c0448a51cb0

Request headers

Referer
Origin
https://paypal-sicherheitsverfahren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d24bdb0d9a3392d05f3b8b0b01681e8756c90c9cf05db5f4539ce00aa1583ff1

Request headers

Referer
Origin
https://paypal-sicherheitsverfahren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28341ae8ca01c89d4f6129545eef9e455dae010ad9f18076c12ad68bebf1231b

Request headers

Referer
Origin
https://paypal-sicherheitsverfahren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df09ba5e9d614ffab753bb2d6a4bc436faf609005692fd10229ee51e3fa65eb2

Request headers

Referer
Origin
https://paypal-sicherheitsverfahren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		135 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aa591ecc37f5ecc0ccaa08524558798e4e9423bfa2b43b668ac9b95bea43017

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		114 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cad37b3a027cb01c00575ac56dca37e44ef2ce083595231309633d3c27504dd1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		106 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c1a36576c663ddbe16c87a244563d90111aec195ead4a837142fdc37dec9e36

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		86 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd0dc6a603535c8c53f1750611fa3adea76c1dbb674984a390449b67996a3c83

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2fc4ae060ae6905c1ac57f61711de1b20f5fdc255a0ac06898966476bd48a46

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0388a43d1b1f644baf9be4001a9121cf67f0490aa5a436b51ac41f4319572b04

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		68 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb65426055301e376e30b248896dd4e7071c556c4b596765a483de1f173ab53a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		90 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c0da243de5e0208eb3ed368d8c277d9d261aea1278011bc01df849b5f65ac68

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		60 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64e62737322a4bfabb11999a7ed2ebefb5f48e5f20c236dba162318d771fb5f2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
paypal-sicherheitsverfahren.com/ Name: PHPSESSID
Value: 18pb7475fkvvg63579822j3civ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paypal-sicherheitsverfahren.com
2606:4700:3033::6815:317e
0388a43d1b1f644baf9be4001a9121cf67f0490aa5a436b51ac41f4319572b04
0aa591ecc37f5ecc0ccaa08524558798e4e9423bfa2b43b668ac9b95bea43017
1c0da243de5e0208eb3ed368d8c277d9d261aea1278011bc01df849b5f65ac68
22bbc34cf3803e37892ffdebe03e6f8c2957daca6b0d40079e4e0a90065b562d
28341ae8ca01c89d4f6129545eef9e455dae010ad9f18076c12ad68bebf1231b
288323aa6da021f710a8d936289106d3b226fb60bd2afdd7cf9b8eda8358d045
2cb48a6f06a6d673b12f0b898620901a2ba5c50e7058f13d90a3ce427a17ec96
5f985432f039c8029193140cd3500407fa436bac74915f7057372c66564537ef
64e62737322a4bfabb11999a7ed2ebefb5f48e5f20c236dba162318d771fb5f2
66f52e1b3e577da074d9832a9ef231cc7f756be6db37a36e21514c7c3323969b
6c1a36576c663ddbe16c87a244563d90111aec195ead4a837142fdc37dec9e36
8446d8668c55df134203ece3fbdd7d20ae1ffa499b835e5b2136fab666483e17
a2fc4ae060ae6905c1ac57f61711de1b20f5fdc255a0ac06898966476bd48a46
add5e8f76879d0ea638ff180b50c14a85d93a5f4e1b1b7a7fed04c0448a51cb0
c4949471428fa018bf6152d3c647f9c7574c277229be05daf68bb18c7272d9a0
cad37b3a027cb01c00575ac56dca37e44ef2ce083595231309633d3c27504dd1
d24bdb0d9a3392d05f3b8b0b01681e8756c90c9cf05db5f4539ce00aa1583ff1
df09ba5e9d614ffab753bb2d6a4bc436faf609005692fd10229ee51e3fa65eb2
fb65426055301e376e30b248896dd4e7071c556c4b596765a483de1f173ab53a
fd0dc6a603535c8c53f1750611fa3adea76c1dbb674984a390449b67996a3c83