urlscan.io logo urlscan.io
SecurityTrails logo

helpdlogin.org Open in urlscan Pro
94.177.235.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url.sg/fsPEz
Effective URL: https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_
Submission: On April 18 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 4 HTTP transactions. The main IP is 94.177.235.202, located in Paris, France and belongs to ARUBAFR-AS, FR. The main domain is helpdlogin.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 16th 2018. Valid for: 3 months.
This is the only time helpdlogin.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.27.168.53 13335 (CLOUDFLAR...)
1 41.77.112.230 36666 (GTCOMM)
1 1 54.93.37.149 16509 (AMAZON-02)
1 1 104.16.157.157 13335 (CLOUDFLAR...)
1 104.16.153.157 13335 (CLOUDFLAR...)
1 192.229.133.41 15133 (EDGECAST)
5 6 94.177.235.202 199653 (ARUBAFR-AS)
4 4
1    104.27.168.53 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
url.sg
1    41.77.112.230 (Morocco)

ASN36666 (GTCOMM - GloboTech Communications, CA)
PTR: taha2.genious.net
gdtcgroup.net
1    54.93.37.149 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-37-149.eu-central-1.compute.amazonaws.com
www.devopsdays.org
1    104.16.157.157 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
legacy.devopsdays.org
1    104.16.153.157 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
legacy.devopsdays.org
1    192.229.133.41 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
www.bac-assets.com
6    94.177.235.202 (Paris, France)

ASN199653 (ARUBAFR-AS, FR)
PTR: host202-235-177-94.static.arubacloud.fr
helpdlogin.org
Apex Domain
Subdomains		 Transfer
6 helpdlogin.org
helpdlogin.org
2 KB
3 devopsdays.org
www.devopsdays.org
legacy.devopsdays.org
39 KB
1 bac-assets.com
www.bac-assets.com
149 KB
1 gdtcgroup.net
gdtcgroup.net
962 B
1 url.sg
url.sg
766 B
4 5
Domain Requested by
6 helpdlogin.org 5 redirects
2 legacy.devopsdays.org 1 redirects gdtcgroup.net
1 www.bac-assets.com gdtcgroup.net
1 www.devopsdays.org 1 redirects
1 gdtcgroup.net
1 url.sg 1 redirects
4 6

This site contains no links.

Subject Issuer Validity Valid
helpdlogin.org
cPanel, Inc. Certification Authority		 2018-04-16 -
2018-07-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_
Frame ID: 623435D731CC5340714E0E612D786CC2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://url.sg/fsPEz HTTP 301
    http://gdtcgroup.net/main/dir2/reid.php Page URL
  2. https://helpdlogin.org/v2/PayPal/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin HTTP 301
    https://helpdlogin.org/v2/PayPal/signin/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin/Security HTTP 301
    https://helpdlogin.org/v2/PayPal/signin/Security/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

189 kB
Transfer

188 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url.sg/fsPEz HTTP 301
    http://gdtcgroup.net/main/dir2/reid.php Page URL
  2. https://helpdlogin.org/v2/PayPal/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin HTTP 301
    https://helpdlogin.org/v2/PayPal/signin/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin/Security HTTP 301
    https://helpdlogin.org/v2/PayPal/signin/Security/ HTTP 302
    https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://url.sg/fsPEz HTTP 301
  • http://gdtcgroup.net/main/dir2/reid.php
Request Chain 1
  • http://www.devopsdays.org/events/2015-singapore/logos/paypal.png HTTP 301
  • http://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png HTTP 301
  • https://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
reid.php
gdtcgroup.net/main/dir2/
Redirect Chain
  • http://url.sg/fsPEz
  • http://gdtcgroup.net/main/dir2/reid.php
1 KB
962 B 		Document
General
Check archive.org
Download Go to
Full URL
http://gdtcgroup.net/main/dir2/reid.php
Protocol
HTTP/1.1
Server
41.77.112.230 , Morocco, ASN36666 (GTCOMM - GloboTech Communications, CA),
Reverse DNS
taha2.genious.net
Software
LiteSpeed / PHP/7.0.29
Resource Hash
39b468049f936566274196520ad5a9729345b22cb1c3df04aa8b74557a0a3ba6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gdtcgroup.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 18 Apr 2018 14:22:14 GMT
Content-Encoding
gzip
Server
LiteSpeed
X-Powered-By
PHP/7.0.29
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
712

Redirect headers

Pragma
no-cache
Date
Wed, 18 Apr 2018 14:22:14 GMT
Server
cloudflare
X-Powered-By
PHP/5.6.31 ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Location
http://gdtcgroup.net/main/dir2/reid.php
Set-Cookie
__cfduid=d8678b64b166d1b00fecfa0861422be2c1524061334; expires=Thu, 18-Apr-19 14:22:14 GMT; path=/; domain=.url.sg; HttpOnly PHPSESSID=od8rc86j1ht9nbho0hbfrjtm03; path=/ short_fsPEz=1; expires=Wed, 18-Apr-2018 14:52:15 GMT; Max-Age=1800; path=/; httponly
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
40d7c849c75e9ab2-FRA
Expires
Thu, 19 Nov 1981 08:52:00 GMT
paypal.png
legacy.devopsdays.org/events/2015-singapore/logos/
Redirect Chain
  • http://www.devopsdays.org/events/2015-singapore/logos/paypal.png
  • http://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png
  • https://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png
38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png
Requested by
Host: gdtcgroup.net
URL: http://gdtcgroup.net/main/dir2/reid.php
Protocol
SPDY
Server
104.16.153.157 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c2f6e0d4c450e7fa931a6443babf3c885d20908cadd0a08c4aeba5f9ec9c46

Request headers

Referer
http://gdtcgroup.net/main/dir2/reid.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 18 Apr 2018 14:22:15 GMT
cf-cache-status
MISS
server
cloudflare
etag
"3a95edf1530e517f9d0535be5e357d40-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
40d7c84fd9bb63f7-FRA
content-length
38888
expires
Thu, 26 Apr 2018 14:22:15 GMT

Redirect headers

Date
Wed, 18 Apr 2018 14:22:14 GMT
Server
cloudflare
Transfer-Encoding
chunked
Location
https://legacy.devopsdays.org/events/2015-singapore/logos/paypal.png
Cache-Control
max-age=3600
Connection
keep-alive
CF-RAY
40d7c84f90479768-FRA
Expires
Wed, 18 Apr 2018 15:22:14 GMT
assets-images-site-hp-assets-mastheads-online-banking-OLB_Masthead_ARNVGB4K_1440.webp
www.bac-assets.com/hp-assets/spa-assets/images/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-online-banking-OLB_Masthead_ARNVGB4K_1440.webp
Requested by
Host: gdtcgroup.net
URL: http://gdtcgroup.net/main/dir2/reid.php
Protocol
SPDY
Server
192.229.133.41 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D9) /
Resource Hash
d7743c29c33db47ed1ebe012fe4a97c14a5819af2f9346cd7e24b4ca97c30e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://gdtcgroup.net/main/dir2/reid.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 18 Apr 2018 14:22:14 GMT
last-modified
Sat, 19 Aug 2017 18:39:47 GMT
server
ECS (fcn/41D9)
etag
"252d0-5571f91ee778a"
x-boa-requestid
tJRb56dGYhwAARqypVkAAADv
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/plain
status
200
cache-control
max-age=26920000, public
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
152272
expires
Wed, 18 Apr 2018 14:22:15 GMT
Primary Request /
helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/
Redirect Chain
  • https://helpdlogin.org/v2/PayPal/
  • https://helpdlogin.org/v2/PayPal/signin
  • https://helpdlogin.org/v2/PayPal/signin/
  • https://helpdlogin.org/v2/PayPal/signin/Security
  • https://helpdlogin.org/v2/PayPal/signin/Security/
  • https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_
36 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://helpdlogin.org/v2/PayPal/signin/Security/myaccount/signin/?country.x=&locale.x=en_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.177.235.202 Paris, France, ASN199653 (ARUBAFR-AS, FR),
Reverse DNS
host202-235-177-94.static.arubacloud.fr
Software
Apache /
Resource Hash
95f0903bf70d69b38c2c7c63df230e1aed371cbc1df1e17edb83a66597b6a3b6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
helpdlogin.org
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://gdtcgroup.net/main/dir2/reid.php
Cookie
PHPSESSID=d2r3gss1l2tpihjvv7h9635q40
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gdtcgroup.net/main/dir2/reid.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Apr 2018 14:22:18 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
36
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Apr 2018 14:22:18 GMT
Server
Apache
Content-Type
text/html; charset=UTF-8
LOCATION
myaccount/signin/?country.x=&locale.x=en_
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
helpdlogin.org/ Name: PHPSESSID
Value: d2r3gss1l2tpihjvv7h9635q40