www.secplicity.org Open in urlscan Pro
2606:4700:20::6819:fa0f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/35j8sC8
Effective URL:
https://www.secplicity.org/2020/05/04/paypal-phishing/
Submission: On October 23 via api (October 23rd 2020, 4:39:22 pm UTC) from US

Summary HTTP 47 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 47 HTTP transactions. The main IP is 2606:4700:20::6819:fa0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.secplicity.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time www.secplicity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
25	2606:4700:20:... 2606:4700:20::6819:fa0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	209.197.3.24 209.197.3.24	20446 (HIGHWINDS3) (HIGHWINDS3)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
4	68.232.35.12 68.232.35.12	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
47	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:20::6819:fa0f (United States)

ASN13335 (CLOUDFLARENET, US)

www.secplicity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.24 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.12 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	secplicity.org www.secplicity.org	564 KB
3	bizible.com cdn.bizible.com	34 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	google.com www.google.com	911 B
2	twitter.com platform.twitter.com	29 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	cookielaw.org cdn.cookielaw.org	21 KB
1	google.de www.google.de	106 B
1	doubleclick.net stats.g.doubleclick.net	90 B
1	bizibly.com cdn.bizibly.com	205 B
1	gstatic.com www.gstatic.com	134 KB
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	bit.ly 1 redirects bit.ly	271 B
47	15

	Domain	Requested by
25	www.secplicity.org	www.secplicity.org ajax.cloudflare.com cdn.bizible.com
3	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.bizible.com
3	www.google.com	ajax.cloudflare.com www.gstatic.com
2	platform.twitter.com	www.secplicity.org platform.twitter.com
2	cdn.cookielaw.org	www.secplicity.org cdn.cookielaw.org
1	www.google.de
1	stats.g.doubleclick.net	cdn.bizible.com
1	cdn.bizibly.com
1	pixel.wp.com
1	www.gstatic.com	www.google.com
1	stats.wp.com	ajax.cloudflare.com
1	code.jquery.com	cdn.cookielaw.org
1	www.googletagmanager.com	www.secplicity.org
1	ajax.cloudflare.com	www.secplicity.org
1	bit.ly	1 redirects
47	16

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
www.linkedin.com
www.facebook.com
twitter.com
www.youtube.com
eepurl.com
en.wikipedia.org
www.watchguard.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
io.bizible.com DigiCert SHA2 Secure Server CA	`2020-10-07` - `2021-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.secplicity.org/2020/05/04/paypal-phishing/
Frame ID: 86BD9169A3526095E71ACB5DABAA0A58
Requests: 46 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.secplicity.org
Frame ID: DAE9C8916B3A78BF2A6590506CD85553
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=invisible&cb=vsxw639eyh38
Frame ID: 0D591B0647DF526A17505925B12B7A45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/35j8sC8 HTTP 301
https://www.secplicity.org/2020/05/04/paypal-phishing/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

47
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

16
Subdomains

14
IPs

3
Countries

893 kB
Transfer

1807 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/watchguard-technologies

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watchguardtechnologies

Search URL Search Domain Scan URL

URL: https://twitter.com/watchguard

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CoreyNachDIR/feed/

Search URL Search Domain Scan URL

URL: http://eepurl.com/b9iUbr

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Luhn_algorithm
Title: Luhn algorithm

Search URL Search Domain Scan URL

URL: https://www.watchguard.com/
Title: WatchGuard Technologies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/35j8sC8 HTTP 301
https://www.secplicity.org/2020/05/04/paypal-phishing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.secplicity.org/2020/05/04/paypal-phishing/
Redirect Chain

https://bit.ly/35j8sC8
https://www.secplicity.org/2020/05/04/paypal-phishing/

57 KB
13 KB

1741ms
1690ms

Document
text/html

2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb6ed152c8a0c90264bad1a2162b5b548c6db1c97315ef3e3f7f36b02124f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.secplicity.org
:scheme: https
:path: /2020/05/04/paypal-phishing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 23 Oct 2020 16:38:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0f28fe805657b9342b4b4546f7b12b0e1603471123; expires=Sun, 22-Nov-20 16:38:43 GMT; path=/; domain=.secplicity.org; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=600
link: <https://www.secplicity.org/wp-json/>; rel="https://api.w.org/" <https://www.secplicity.org/wp-json/wp/v2/posts/17799>; rel="alternate"; type="application/json" <https://www.secplicity.org/?p=17799>; rel=shortlink
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-ct4b7
x-pingback: https://www.secplicity.org/xmlrpc.php
x-styx-req-id: 36c0c90b-154e-11eb-b22b-ae96c617c498
x-served-by: cache-mdw17320-MDW, cache-fra19180-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1603471123.456844,VS0,VE1619
vary: Accept-Encoding, Cookie, Cookie
age: 0
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
cf-request-id: 05f7ecbbd10000641360946000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5e6ce3d948496413-FRA
content-encoding: br

Redirect headers

status: 301
server: nginx
date: Fri, 23 Oct 2020 16:38:43 GMT
content-type: text/html; charset=utf-8
content-length: 141
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.secplicity.org/2020/05/04/paypal-phishing/
referrer-policy: unsafe-url
set-cookie: _bit=k9ngCH-fbe75f3b9e635f759f-00T; Domain=bit.ly; Expires=Wed, 21 Apr 2021 16:38:43 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 autoptimize_b0f3e35b009dccfbc836d44f786e0cd1.css
www.secplicity.org/wp-content/uploads/autoptimize/css/ 168 KB
27 KB 40ms
38ms Stylesheet
text/css 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/css/autoptimize_b0f3e35b009dccfbc836d44f786e0cd1.css

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1603143a6258d6ac386e92a5cd0362d16cd91304208afa7400ac5812f58df0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2540178
cf-polished: origSize=172188
x-pantheon-styx-hostname: styx-fe3-a-857f974764-6bzgv
x-cache: HIT, MISS
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc2880000641341113000000001
x-served-by: cache-mdw17362-MDW, cache-fra19180-FRA
last-modified: Thu, 24 Sep 2020 04:14:04 GMT
server: cloudflare
x-timer: S1600930947.018448,VS0,VE115
etag: W/"5f6c1d0c-2a09c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: a4aee13a-fe1c-11ea-aa06-7ae2cf59cc15
expires: Sat, 25 Sep 2021 04:15:56 GMT
cache-control: max-age=31622400
cf-ray: 5e6ce3e40c2a6413-FRA
x-cache-hits: 1, 0

GET
H2 200 dashicons.min.css
www.secplicity.org/wp-includes/css/ 58 KB
35 KB 29ms
27ms Stylesheet
text/css 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/css/dashicons.min.css?ver=5.5.1

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2535693
x-pantheon-styx-hostname: styx-fe3-b-5f5d494784-lpw5d
x-cache: HIT, HIT
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc2890000641372275000000001
x-served-by: cache-mdw17320-MDW, cache-fra19136-FRA
last-modified: Thu, 24 Sep 2020 04:13:22 GMT
server: cloudflare
x-timer: S1600935432.394534,VS0,VE1
etag: W/"5f6c1ce2-e681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 8e8625fa-fe1c-11ea-993f-2e22ef25110c
expires: Sat, 25 Sep 2021 04:15:19 GMT
cache-control: max-age=31622400
cf-ray: 5e6ce3e40c2b6413-FRA
x-cache-hits: 2, 1

GET
H2 200 1315c70e-a0fc-495b-8fd6-80f24210d56e.js Show response
cdn.cookielaw.org/consent/ 65 KB
15 KB 139ms
121ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1315c70e-a0fc-495b-8fd6-80f24210d56e.js

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cd8100701c441ba0becc953d7198016c2f32972d42f34c47e24b54bcd186e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: PX0H+20m0aI9PTsUwIpXSw==
status: 200
vary: Accept-Encoding
content-length: 15032
cf-request-id: 05f7ecc29300002b71c4003000000001
x-ms-lease-status: unlocked
last-modified: Tue, 31 Dec 2019 22:10:58 GMT
server: cloudflare
etag: 0x8D78E3E5086B659
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6a92e182-001e-00de-1ad9-77884f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5e6ce3e41cab2b71-FRA

GET
H2 200 /
www.secplicity.org/ 15 KB
4 KB 83ms
81ms Stylesheet
text/css 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/?custom-css=03b924c23b

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444d4512fc207927ba2fc35ef3e532ffaab4de3c19779970a60c14596db4259d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 12148686
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-d5nck
x-cache: HIT, HIT
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc289000064134388d000000001
x-served-by: cache-mdw17340-MDW, cache-fra19131-FRA
server: cloudflare
x-timer: S1603471125.187693,VS0,VE2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
x-styx-req-id: 948ba2a7-73ca-11ea-b0df-de3269d091fb
expires: Thu, 01 Apr 2021 03:40:50 GMT
cf-ray: 5e6ce3e40c2c6413-FRA
x-cache-hits: 1, 1

GET
H2 200 secplicity-logo-white.png
www.secplicity.org/wp-content/uploads/2018/06/ 4 KB
4 KB 22ms
22ms Image
image/webp 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/secplicity-logo-white.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8993fafc069c4a2ef7d7dd122eb844f6b9f1457ef5e928d08f86a5c5400de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 159800
cf-polished: origFmt=png, origSize=4283
x-cache: HIT, HIT
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
x-cache-hits: 1, 1
content-disposition: inline; filename="secplicity-logo-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 3922
cf-request-id: 05f7ecc2d70000641372278000000001
x-served-by: cache-mdw17345-MDW, cache-fra19173-FRA
last-modified: Sat, 29 Dec 2018 08:55:32 GMT
server: cloudflare
x-timer: S1603311326.825457,VS0,VE1
etag: "5c273684-10bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
x-styx-req-id: 0f953551-2ba8-11ea-968c-96f42a6af28b
expires: Thu, 31 Dec 2020 08:32:20 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e48c4d6413-FRA
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-q92t2

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 26ms
10ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05f7ecc2fd00002bf6dab64000000001
last-modified: Wed, 21 Oct 2020 15:36:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f90556f-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uE4Nq9gIlvVHgvn5G%2F3L3IBChSPtTNDW4HzqtTRTIDd27LZiP0u0KrVLexeghF%2BWm%2BuEeuBcumgwLyoa7%2B%2BiQd%2BTanNvgjNDSLann632ZGA6kRkJ6dcYjcW3%2FfUtnBsw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5e6ce3e4cda32bf6-FRA
expires: Sun, 25 Oct 2020 16:38:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
54 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9131faeb18153328f4466b9a52463517831d58fe60650452b72a0f28b9f81b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55273
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Oct 2020 16:38:45 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 32ms
32ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/5.9.0/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/1315c70e-a0fc-495b-8fd6-80f24210d56e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 61wqGaw/P7AsPsxidppxpw==
age: 3300
status: 200
vary: Accept-Encoding
content-length: 5561
cf-request-id: 05f7ecc31300002b7100168000000001
x-ms-lease-status: unlocked
last-modified: Tue, 17 Dec 2019 20:41:23 GMT
server: cloudflare
etag: 0x8D783317AC1DF03
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a9e04e31-801e-0161-5bd9-77da6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5e6ce3e4ef092b71-FRA

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 414ms
40ms Script
application/javascript 209.197.3.24
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/1315c70e-a0fc-495b-8fd6-80f24210d56e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.197.3.24 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x018.map2.ssl.hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.secplicity.org
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
status: 200
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1603471125.dop038.pa1.t,1603471125.cds207.pa1.hc,1603471125.cds210.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 circuit-bg.png
www.secplicity.org/wp-content/uploads/2018/06/ 32 KB
32 KB 22ms
22ms Image
image/webp 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/circuit-bg.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=03b924c23b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d20b4879f128324c74fe3d1512f85e91504ffc9edf5afdf845ae9f0239a6d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/?custom-css=03b924c23b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 147095
cf-polished: origFmt=png, origSize=32665
x-cache: HIT, MISS
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
x-cache-hits: 1, 0
content-disposition: inline; filename="circuit-bg.webp"
cf-bgj: imgq:100,h2pri
content-length: 32292
cf-request-id: 05f7ecc32300006413752c9000000001
x-served-by: cache-mdw17353-MDW, cache-fra19172-FRA
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1603324030.297934,VS0,VE117
etag: "5df416e5-7f99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
x-styx-req-id: d7ce3bfd-10fd-11eb-b01e-0601e0c6002c
expires: Tue, 19 Oct 2021 04:53:19 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e50c736413-FRA
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-6gnc5

GET
H2 200 secplicity-logo-red-white.png
www.secplicity.org/wp-content/uploads/2019/03/ 9 KB
9 KB 24ms
24ms Image
image/webp 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2019/03/secplicity-logo-red-white.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=03b924c23b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb55da04a722e9cc7c01fd0d7e3914423d8eb70fcfdf4439c4de8e4fc158cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/?custom-css=03b924c23b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 147095
cf-polished: origFmt=png, origSize=10667
x-cache: HIT, MISS
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
x-cache-hits: 1, 0
content-disposition: inline; filename="secplicity-logo-red-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 8728
cf-request-id: 05f7ecc324000064137227a000000001
x-served-by: cache-mdw17356-MDW, cache-fra19179-FRA
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1603324030.304247,VS0,VE108
etag: "5df416e5-29ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
x-styx-req-id: d7ddeedb-0471-11eb-879b-0a2df894a46a
expires: Sun, 03 Oct 2021 05:40:56 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e50c746413-FRA
x-pantheon-styx-hostname: styx-fe3-b-5f5d494784-lxfdb

GET
H2 200 social-sprite.png
www.secplicity.org/wp-content/uploads/2016/09/ 5 KB
6 KB 35ms
35ms Image
image/webp 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2016/09/social-sprite.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=03b924c23b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6660d4b890f4716ac342d8f2d08bdea14cad2e5d583b45165f433fda645af04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/?custom-css=03b924c23b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2659077
cf-polished: origFmt=png, origSize=7009
x-cache: HIT, HIT
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
x-cache-hits: 1, 1
content-disposition: inline; filename="social-sprite.webp"
cf-bgj: imgq:100,h2pri
content-length: 5594
cf-request-id: 05f7ecc325000064137d311000000001
x-served-by: cache-mdw17352-MDW, cache-fra19123-FRA
last-modified: Fri, 13 Dec 2019 22:55:31 GMT
server: cloudflare
x-timer: S1600812048.074929,VS0,VE1
etag: "5df416e3-1b61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
x-styx-req-id: 780358de-e83f-11ea-a099-824fe7a30f67
expires: Sat, 28 Aug 2021 08:29:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e50c756413-FRA
x-pantheon-styx-hostname: styx-fe3-b-5f5d494784-sd7mq

GET
H2 200 checkbox.png
www.secplicity.org/wp-content/uploads/2016/09/ 162 B
798 B 32ms
32ms Image
image/webp 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2016/09/checkbox.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/?custom-css=03b924c23b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4165ddaa08f9021325910c5059ae8190203294c07c16adeaed5127901d21f021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/?custom-css=03b924c23b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 147095
cf-polished: origFmt=png, origSize=262
x-cache: HIT, HIT
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
x-cache-hits: 1, 1
content-disposition: inline; filename="checkbox.webp"
cf-bgj: imgq:100,h2pri
content-length: 162
cf-request-id: 05f7ecc327000064137b306000000001
x-served-by: cache-mdw17380-MDW, cache-fra19157-FRA
last-modified: Fri, 13 Dec 2019 22:55:31 GMT
server: cloudflare
x-timer: S1603324030.309755,VS0,VE2
etag: "5df416e3-106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
x-styx-req-id: 56832ca4-8f6e-11ea-871a-e6da94cc292b
expires: Fri, 07 May 2021 07:51:04 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e50c796413-FRA
x-pantheon-styx-hostname: styx-fe3-b-c8f8fbbbb-bjn8m

GET
H2 200 Phishing_Paypal-960x504.jpg
www.secplicity.org/wp-content/uploads/2020/05/ 51 KB
52 KB 398ms
395ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Phishing_Paypal-960x504.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb85e58dc516338f15e8398e04fb10813e0c3f73fd0ac1af32ef44e0b4806279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-ct4b7
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 52735
cf-request-id: 05f7ecc3a30000641366195000000001
x-served-by: cache-mdw17371-MDW, cache-fra19182-FRA
last-modified: Mon, 04 May 2020 23:39:13 GMT
server: cloudflare
x-timer: S1603471126.789199,VS0,VE2
etag: "5eb0a7a1-cdff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471126"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: dcee2697-0eed-11eb-b22b-ae96c617c498
expires: Sat, 16 Oct 2021 13:53:54 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcbc6413-FRA
x-cache-hits: 1, 1

GET
H2 200 PayPal1-960x599.png
www.secplicity.org/wp-content/uploads/2020/05/ 60 KB
60 KB 43ms
40ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/PayPal1-960x599.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463b59a97148036f75d3fce308510ed4a22bf07a94414598e5683322dd3616a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-857f974764-rlbqs
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 61133
cf-request-id: 05f7ecc3a30000641358097000000001
x-served-by: cache-mdw17342-MDW, cache-fra19131-FRA
last-modified: Mon, 04 May 2020 22:08:16 GMT
server: cloudflare
x-timer: S1603471125.437813,VS0,VE2
etag: "5eb09250-eecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 30609f36-06a4-11eb-9c66-66dfdfd9a45b
expires: Wed, 06 Oct 2021 00:46:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcbd6413-FRA
x-cache-hits: 1, 1

GET
H2 200 Screen-Shot-2020-05-04-at-2.05.04-PM-960x52.png
www.secplicity.org/wp-content/uploads/2020/05/ 11 KB
11 KB 54ms
51ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Screen-Shot-2020-05-04-at-2.05.04-PM-960x52.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ece1911b975c993abce006fd69b6405c47db096ceb6f71e67c56adb661a4dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-6575cbd6cb-mvzmb
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 11113
cf-request-id: 05f7ecc3a4000064137b30a000000001
x-served-by: cache-mdw17368-MDW, cache-fra19170-FRA
last-modified: Mon, 04 May 2020 22:10:02 GMT
server: cloudflare
x-timer: S1603471125.451831,VS0,VE2
etag: "5eb092ba-2b69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: bc93b5e9-09b8-11eb-9f18-ceddbf9954a4
expires: Sat, 09 Oct 2021 22:51:00 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcbe6413-FRA
x-cache-hits: 1, 1

GET
H2 200 Screen-Shot-2020-05-04-at-2.06.10-PM.png
www.secplicity.org/wp-content/uploads/2020/05/ 64 KB
64 KB 49ms
47ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Screen-Shot-2020-05-04-at-2.06.10-PM.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbef57da86d33b2f602eb99c390c6b9dc17f1b554549ca81dd52eec3a22abd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-ct4b7
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 65248
cf-request-id: 05f7ecc3a50000641378832000000001
x-served-by: cache-mdw17383-MDW, cache-fra19129-FRA
last-modified: Mon, 04 May 2020 22:10:41 GMT
server: cloudflare
x-timer: S1603471125.441628,VS0,VE2
etag: "5eb092e1-fee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: c60bde29-0f1f-11eb-b22b-ae96c617c498
expires: Sat, 16 Oct 2021 19:51:10 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcbf6413-FRA
x-cache-hits: 1, 1

GET
H2 200 Screen-Shot-2020-04-15-at-11.20.40-AM-960x617.png
www.secplicity.org/wp-content/uploads/2020/05/ 27 KB
28 KB 46ms
44ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Screen-Shot-2020-04-15-at-11.20.40-AM-960x617.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f2507c8c42d260553a6247938cb3e93e0d0b5318212504ebc64442e9811e343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-6gnc5
x-cache: MISS, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 28047
cf-request-id: 05f7ecc3a50000641342b53000000001
x-served-by: cache-mdw17374-MDW, cache-fra19178-FRA
last-modified: Mon, 04 May 2020 22:11:46 GMT
server: cloudflare
x-timer: S1603471125.441027,VS0,VE2
etag: "5eb09322-6d8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 0b8d28bf-0fbc-11eb-b01e-0601e0c6002c
expires: Sun, 17 Oct 2021 14:29:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc06413-FRA
x-cache-hits: 0, 1

GET
H2 200 Screen-Shot-2020-04-15-at-11.23.19-AM-960x735.png
www.secplicity.org/wp-content/uploads/2020/05/ 40 KB
40 KB 50ms
47ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Screen-Shot-2020-04-15-at-11.23.19-AM-960x735.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e1810273a4cef80f0d94b5b32af18d232d9e0fefcc356159153a39dc062ec9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-6j5jb
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 40709
cf-request-id: 05f7ecc3a70000641342b54000000001
x-served-by: cache-mdw17370-MDW, cache-fra19174-FRA
last-modified: Mon, 04 May 2020 22:13:06 GMT
server: cloudflare
x-timer: S1603471125.445553,VS0,VE3
etag: "5eb09372-9f05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 901b4b85-11c9-11eb-bd65-8a04a199118e
expires: Wed, 20 Oct 2021 05:11:36 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc26413-FRA
x-cache-hits: 1, 1

GET
H2 200 Screen-Shot-2020-04-15-at-11.23.33-AM-960x735.png
www.secplicity.org/wp-content/uploads/2020/05/ 57 KB
57 KB 164ms
162ms Image
image/png 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2020/05/Screen-Shot-2020-04-15-at-11.23.33-AM-960x735.png

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847237709382d0a022fcc87721cadcff77d7f6e69ccb92f143b4d60f651d3c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-ct4b7
x-cache: HIT, MISS
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 58189
cf-request-id: 05f7ecc3a5000064135d8c8000000001
x-served-by: cache-mdw17356-MDW, cache-fra19144-FRA
last-modified: Mon, 04 May 2020 22:13:07 GMT
server: cloudflare
x-timer: S1603471125.440333,VS0,VE113
etag: "5eb09373-e34d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471126"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 4bd18016-1283-11eb-b22b-ae96c617c498
expires: Thu, 21 Oct 2021 03:21:08 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc36413-FRA
x-cache-hits: 1, 0

GET
H2 200 podcast-cover.jpg
www.secplicity.org/wp-content/uploads/2018/06/ 19 KB
19 KB 27ms
26ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/podcast-cover.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d3791343bc3fd5dd88e8940f85431da73ec5340335c6ca621a4953e1835a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11824088
cf-polished: status=not_needed
x-pantheon-styx-hostname: styx-fe3-a-6578c47759-nn97k
x-cache: HIT, HIT
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
content-length: 19417
cf-request-id: 05f7ecc3a6000064134111c000000001
x-served-by: cache-mdw17337-MDW, cache-fra19177-FRA
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1591647038.844395,VS0,VE2
etag: "5df416e5-4bd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: a54edfaf-4764-11ea-8c5d-1e2bd2440c8e
expires: Thu, 04 Feb 2021 15:40:18 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc46413-FRA
x-cache-hits: 1, 1

GET
H2 200 threat-landscape-screenshot.jpg
www.secplicity.org/wp-content/uploads/2018/06/ 38 KB
39 KB 39ms
38ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/2018/06/threat-landscape-screenshot.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

305170a9b60864dde1e2f512feabc0f75a31388154e798e52310ea07db6461e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3841514
cf-polished: status=not_needed
x-pantheon-styx-hostname: styx-fe3-a-857f974764-sxp7b
x-cache: MISS, HIT
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
content-length: 38813
cf-request-id: 05f7ecc3a6000064136098f000000001
x-served-by: cache-mdw17334-MDW, cache-fra19136-FRA
last-modified: Fri, 13 Dec 2019 22:55:33 GMT
server: cloudflare
x-timer: S1599629611.180904,VS0,VE1
etag: "5df416e5-979d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: ae0fb0dd-eacd-11ea-aa2e-2e3c83a662d4
expires: Tue, 31 Aug 2021 14:32:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc66413-FRA
x-cache-hits: 0, 1

GET
H2 200 18209-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 39ms
37ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/18209-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58f1520d0900c470d8c953cc1c4e0c247a9e202ec8f4b6d663c5480aed33e2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1587667
cf-polished: origSize=17865, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-b-5f5d494784-lpw5d
x-cache: HIT, MISS
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
content-length: 5153
cf-request-id: 05f7ecc3a70000641341b5e000000001
x-served-by: cache-mdw17335-MDW, cache-fra19147-FRA
last-modified: Mon, 05 Oct 2020 07:01:30 GMT
server: cloudflare
x-timer: S1601883458.960047,VS0,VE106
etag: "5f7ac4ca-45c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: f9e32384-06d8-11eb-993f-2e22ef25110c
expires: Wed, 06 Oct 2021 07:04:14 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcc86413-FRA
x-cache-hits: 1, 0

GET
H2 200 18236-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 40ms
39ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/18236-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042d51d5aed52ef3d721e766cd51bc53ba9d4cba00479003bd696430e10a15f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13821
cf-polished: origSize=11623, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-2mqj6
x-cache: HIT, MISS
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
content-length: 3060
cf-request-id: 05f7ecc3ae00006413752cf000000001
x-served-by: cache-mdw17321-MDW, cache-fra19140-FRA
last-modified: Fri, 23 Oct 2020 12:43:00 GMT
server: cloudflare
x-timer: S1603457304.297279,VS0,VE103
etag: "5f92cfd4-2d67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: 4f493023-152d-11eb-b605-56226c185009
expires: Sun, 24 Oct 2021 12:43:11 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dcca6413-FRA
x-cache-hits: 1, 0

GET
H2 200 18194-featured-150x80.jpg
www.secplicity.org/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 41ms
39ms Image
image/jpeg 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/uploads/wordpress-popular-posts/18194-featured-150x80.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b399596d5cb3f4a7d03f65a855156f3acc5d7a6646e2366d285ab88e3377cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 924886
cf-polished: origSize=20044, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-6575cbd6cb-592cf
x-cache: HIT, MISS
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
cf-bgj: imgq:100,h2pri
content-length: 5063
cf-request-id: 05f7ecc3af000064137227d000000001
x-served-by: cache-mdw17380-MDW, cache-hhn4053-HHN
last-modified: Mon, 12 Oct 2020 23:41:45 GMT
server: cloudflare
x-timer: S1602546240.758991,VS0,VE109
etag: "5f84e9b9-4e4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: 7ee0e1cf-0ce4-11eb-a77d-9e977a1614cb
expires: Wed, 13 Oct 2021 23:41:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 5e6ce3e5dccb6413-FRA
x-cache-hits: 1, 0

GET
H2 404 no_thumb.jpg
www.secplicity.org/wp-content/plugins/wordpress-popular-posts/ 2 KB
2 KB 598ms
597ms Image
text/html 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secplicity.org/wp-content/plugins/wordpress-popular-posts/no_thumb.jpg

Requested by

Host: www.secplicity.org
URL: https://www.secplicity.org/2020/05/04/paypal-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6773b5631d2b3913d2605f4c981f40a1a3ad511566e73616d4ae56afb7527267

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:46 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-2mqj6
x-cache: MISS, MISS
status: 404
content-encoding: br
vary: Accept-Encoding, Cookie, Cookie
cf-request-id: 05f7ecc3af000064136b1ce000000001
x-served-by: cache-mdw17363-MDW, cache-fra19176-FRA
server: cloudflare
x-timer: S1603471125.449757,VS0,VE539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471126"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-styx-req-id: 37f0c35d-154e-11eb-b605-56226c185009
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
cf-ray: 5e6ce3e5dccd6413-FRA
link: <https://www.secplicity.org/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 0, 0

GET
H2 200 autoptimize_64a4651f1f5f2bef735dd063902a83a1.js Show response
www.secplicity.org/wp-content/uploads/autoptimize/js/ 46 KB
15 KB 40ms
39ms Script
application/x-javascript 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_64a4651f1f5f2bef735dd063902a83a1.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3c6e8cbbf57babe0cf9dd1873ca0898d8bee331b12229dff9852ee084f3b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2539200
cf-polished: origSize=47581
x-pantheon-styx-hostname: styx-fe3-b-5f5d494784-6zzbb
x-cache: HIT, HIT
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc3b000006413659fa000000001
x-served-by: cache-mdw17374-MDW, cache-fra19160-FRA
last-modified: Thu, 24 Sep 2020 04:14:41 GMT
server: cloudflare
x-timer: S1600931926.603047,VS0,VE1
etag: W/"5f6c1d31-b9dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: a4b08891-fe1c-11ea-8e3e-1eb3d9755c03
expires: Sat, 25 Sep 2021 04:15:56 GMT
cache-control: max-age=31622400
cf-ray: 5e6ce3e5dcce6413-FRA
x-cache-hits: 1, 1

GET
H2 200 e-202043.js Show response
stats.wp.com/ 9 KB
3 KB 77ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202043.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra
date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 17 Oct 2021 21:31:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
824 B 51ms
50ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&ver=3.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9a58e1f421648eae6d9343519d194cf38332ec380c6ec0070fd6817c12b27fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 23 Oct 2020 16:38:45 GMT

GET
H2 200 jquery.js Show response
www.secplicity.org/wp-includes/js/jquery/ 95 KB
32 KB 50ms
50ms Script
application/x-javascript 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 293517
cf-polished: origSize=96873
x-pantheon-styx-hostname: styx-fe3-a-6575cbd6cb-592cf
x-cache: HIT, HIT
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc3b00000641366196000000001
x-served-by: cache-mdw17355-MDW, cache-fra19153-FRA
last-modified: Thu, 08 Oct 2020 17:23:06 GMT
server: cloudflare
x-timer: S1603177608.488713,VS0,VE2
etag: W/"5f7f4afa-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471125"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 6e5c07cc-09ba-11eb-a77d-9e977a1614cb
expires: Sat, 09 Oct 2021 23:03:08 GMT
cache-control: max-age=31622400
cf-ray: 5e6ce3e5eccf6413-FRA
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4977
date: Fri, 23 Oct 2020 15:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 23 Oct 2020 17:15:48 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 114ms
27ms Script
application/x-javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2CTSV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEF) /
Resource Hash: 4c77b84665a1e6bfb24ec928a1ed9045818099f6a6f2e26e2bb22a560067183f

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
last-modified: Thu, 22 Oct 2020 23:42:39 GMT
server: ECS (mil/6CEF)
age: 3525
etag: "8d42567cda8d61:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 33769

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=204276075&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2020%2F05%2F04%2Fpaypal-phishing%2F&ul=en-us&de=UTF-8&dt=PayPal%20Phishing%20%7C%20Secplicity%20-%20Security%20Simplified&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=360676189&gjid=1539530628&cid=241986077.1603471125&tid=UA-701459-22&_gid=938297877.1603471125&_r=1&gtm=2wgae1N2CTSV&z=421304184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/ 341 KB
134 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.secplicity.org
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3820
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136962
x-xss-protection: 0
last-modified: Mon, 12 Oct 2020 04:11:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 15:35:05 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 24ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.9.1&blog=181419019&post=17799&tz=-7&srv=www.secplicity.org&host=www.secplicity.org&ref=&fcp=2273&rand=0.5615016373058166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 23 Oct 2020 16:38:45 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
www.secplicity.org/2020/05/04/paypal-phishing/ 138 B
370 B 550ms
550ms XHR
application/json 2606:4700:20::6819:fa0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secplicity.org/2020/05/04/paypal-phishing/?relatedposts=1

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:fa0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b92dec648dadf019b8cd594371b19e8873b4b817b2ca35115bdf6f062ba44eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:46 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
x-pingback: https://www.secplicity.org/xmlrpc.php
x-cache: MISS, MISS
status: 200
x-cache-hits: 0, 0
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05f7ecc4eb0000641377aef000000001
x-served-by: cache-mdw17346-MDW, cache-fra19180-FRA
server: cloudflare
x-timer: S1603471126.765264,VS0,VE514
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603471126"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
x-styx-req-id: 3820bf68-154e-11eb-b605-56226c185009
cache-control: public, max-age=600
cf-ray: 5e6ce3e7dd796413-FRA
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-2mqj6

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.secplicity.org
URL: https://www.secplicity.org/wp-content/uploads/autoptimize/js/autoptimize_64a4651f1f5f2bef735dd063902a83a1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 16:38:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40B0)
Age: 1112
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
303 B 28ms
27ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=d850aeceb40e48c8eed4ba35308ad07e&_biz_s=45eccc&_biz_l=https%3A%2F%2Fwww.secplicity.org%2F2020%2F05%2F04%2Fpaypal-phishing%2F&_biz_t=1603471125590&_biz_i=PayPal%20Phishing%20%7C%20Secplicity%20-%20Security%20Simplified&_biz_n=0&rnd=526278&cdn_o=a&_biz_z=1603471125726
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
last-modified: Sat, 17 Oct 2020 20:21:22 GMT
server: ECS (mil/6CE5)
age: 505043
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 34ms
27ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=d850aeceb40e48c8eed4ba35308ad07e&_biz_s=45eccc&_biz_l=https%3A%2F%2Fwww.secplicity.org%2F2020%2F05%2F04%2Fpaypal-phishing%2F&_biz_t=1603471125730&_biz_i=PayPal%20Phishing%20%7C%20Secplicity%20-%20Security%20Simplified&rnd=5552&cdn_o=a&_biz_z=1603471125730
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEB) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
last-modified: Mon, 19 Oct 2020 02:18:50 GMT
server: ECS (mil/6CEB)
age: 397195
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=204276075&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.secplicity.org%2F2020%2F05%2F04%2Fpaypal-phishing%2F&ul=en-us&de=UTF-8&dt=PayPal%20Phishing%20%7C%20Secplicity%20-%20Security%20Simplified&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Load%20Time&ea=%2F2020%2F05%2F04%2Fpaypal-phishing%2F&el=2.6&ev=3&_u=aEDAAEABAAAAAC~&jid=2073486874&gjid=633464509&cid=241986077.1603471125&tid=UA-701459-12&_gid=938297877.1603471125&_r=1&gtm=2wgae1N2CTSV&cg1=editorial-articles%2Cresearch&cg2=Marc%20Laliberte&cg3=phishing&cg4=2020&cg5=500-800&cd2=post&cd3=editorial-articles%2Cresearch&cd4=phishing&cd5=18&cd6=Marc%20Laliberte&cd7=May%204%2C%202020&cd8=2020&cd9=05&cd10=Monday&z=1883820050

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame DAE9 0
0 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.secplicity.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 729565
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Oct 2020 16:38:45 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A9)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-701459-12&cid=241986077.1603471125&jid=2073486874&gjid=633464509&_gid=938297877.1603471125&_u=aEDAAEABAAAAAC~&z=191666346

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Oct 2020 16:38:45 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.secplicity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 0D59 0
0 73ms
73ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=invisible&cb=vsxw639eyh38

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dPlg1Abc0h8jaV90jlWT6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LewipEUAAAAAEZ5kj5owPPOPMCiJY6hQdzAsd5w&co=aHR0cHM6Ly93d3cuc2VjcGxpY2l0eS5vcmc6NDQz&hl=en&v=T9w1ROdplctW2nVKvNJYXH8o&size=invisible&cb=vsxw639eyh38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Oct 2020 16:38:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-dPlg1Abc0h8jaV90jlWT6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9927
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
409 B 152ms
152ms Script
text/javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=d850aeceb40e48c8eed4ba35308ad07e&_biz_h=-1906410348&cdn_o=a&jsVer=4.20.08.28
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE0) /
Resource Hash: 68c3af7c141858a04ad9beefd76b1368c4629dfcd41f303e78f225d6a9396a9a

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 16:38:45 GMT
content-encoding: gzip
server: ECS (mil/6CE0)
etag: B76E363A
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 216

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 31ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-701459-12&cid=241986077.1603471125&jid=2073486874&_u=aEDAAEABAAAAAC~&z=1582961889

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 30ms
30ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-701459-12&cid=241986077.1603471125&jid=2073486874&_u=aEDAAEABAAAAAC~&z=1582961889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.secplicity.org/2020/05/04/paypal-phishing/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 16:38:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secplicity.org/	1970-01-19 22:10:07	Name: _biz_pendingA Value: %5B%5D
.secplicity.org/	1970-01-19 13:24:31	Name: _gat_UA-701459-12 Value: 1
.secplicity.org/	1970-01-19 22:10:07	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.www.secplicity.org/	1970-01-19 22:10:07	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Oct+23+2020+18%3A38%3A45+GMT%2B0200+(Central+European+Summer+Time)&version=5.9.0&landingPath=https%3A%2F%2Fwww.secplicity.org%2F2020%2F05%2F04%2Fpaypal-phishing%2F&groups=1%3A1%2C3%3A0%2C4%3A0%2C0_110910%3A1%2C0_85905%3A0%2C0_86255%3A0%2C0_110276%3A0%2C0_110280%3A0%2C0_110279%3A0%2C8%3A0%2C101%3A0%2C102%3A1%2C103%3A0%2C104%3A0%2C105%3A0%2C106%3A0
.secplicity.org/	1970-01-19 22:10:07	Name: _biz_nA Value: 1
.secplicity.org/	1970-01-19 22:10:07	Name: _biz_uid Value: d850aeceb40e48c8eed4ba35308ad07e
.secplicity.org/	1970-01-19 14:07:43	Name: __cfduid Value: d0f28fe805657b9342b4b4546f7b12b0e1603471123
.secplicity.org/	1970-01-19 13:24:31	Name: _gat_UA-701459-22 Value: 1
.secplicity.org/	1970-01-20 06:55:43	Name: _ga Value: GA1.2.241986077.1603471125
.secplicity.org/	1970-01-19 13:24:32	Name: _biz_sid Value: 45eccc
.secplicity.org/	1970-01-19 13:25:57	Name: _gid Value: GA1.2.938297877.1603471125

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
bit.ly
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
code.jquery.com
pixel.wp.com
platform.twitter.com
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.secplicity.org
192.0.76.3
209.197.3.24
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:fa0f
2606:4700::6810:9540
2606:4700::6810:a723
2a00:1450:4001:803::2004
2a00:1450:4001:816::2003
2a00:1450:4001:818::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c06::9c
67.199.248.10
68.232.35.12
042d51d5aed52ef3d721e766cd51bc53ba9d4cba00479003bd696430e10a15f2
0d20b4879f128324c74fe3d1512f85e91504ffc9edf5afdf845ae9f0239a6d83
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
1603143a6258d6ac386e92a5cd0362d16cd91304208afa7400ac5812f58df0f8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e8993fafc069c4a2ef7d7dd122eb844f6b9f1457ef5e928d08f86a5c5400de7
23b399596d5cb3f4a7d03f65a855156f3acc5d7a6646e2366d285ab88e3377cc
24cd8100701c441ba0becc953d7198016c2f32972d42f34c47e24b54bcd186e7
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c3c6e8cbbf57babe0cf9dd1873ca0898d8bee331b12229dff9852ee084f3b77
2e1810273a4cef80f0d94b5b32af18d232d9e0fefcc356159153a39dc062ec9c
2f2507c8c42d260553a6247938cb3e93e0d0b5318212504ebc64442e9811e343
305170a9b60864dde1e2f512feabc0f75a31388154e798e52310ea07db6461e0
3ece1911b975c993abce006fd69b6405c47db096ceb6f71e67c56adb661a4dde
4165ddaa08f9021325910c5059ae8190203294c07c16adeaed5127901d21f021
444d4512fc207927ba2fc35ef3e532ffaab4de3c19779970a60c14596db4259d
463b59a97148036f75d3fce308510ed4a22bf07a94414598e5683322dd3616a8
4c77b84665a1e6bfb24ec928a1ed9045818099f6a6f2e26e2bb22a560067183f
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
58f1520d0900c470d8c953cc1c4e0c247a9e202ec8f4b6d663c5480aed33e2bc
5b92dec648dadf019b8cd594371b19e8873b4b817b2ca35115bdf6f062ba44eb
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6773b5631d2b3913d2605f4c981f40a1a3ad511566e73616d4ae56afb7527267
68c3af7c141858a04ad9beefd76b1368c4629dfcd41f303e78f225d6a9396a9a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
847237709382d0a022fcc87721cadcff77d7f6e69ccb92f143b4d60f651d3c0c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
9fb6ed152c8a0c90264bad1a2162b5b548c6db1c97315ef3e3f7f36b02124f2a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b5d3791343bc3fd5dd88e8940f85431da73ec5340335c6ca621a4953e1835a16
b6660d4b890f4716ac342d8f2d08bdea14cad2e5d583b45165f433fda645af04
b9131faeb18153328f4466b9a52463517831d58fe60650452b72a0f28b9f81b7
ccb55da04a722e9cc7c01fd0d7e3914423d8eb70fcfdf4439c4de8e4fc158cc7
dbef57da86d33b2f602eb99c390c6b9dc17f1b554549ca81dd52eec3a22abd9d
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e9a58e1f421648eae6d9343519d194cf38332ec380c6ec0070fd6817c12b27fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fb85e58dc516338f15e8398e04fb10813e0c3f73fd0ac1af32ef44e0b4806279

www.secplicity.org Open in urlscan Pro 2606:4700:20::6819:fa0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

71 %IPv6

15 Domains

16 Subdomains

14 IPs

3 Countries

893 kBTransfer

1807 kBSize

11 Cookies

9 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.secplicity.org Open in urlscan Pro
2606:4700:20::6819:fa0f Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

16
Subdomains

14
IPs

3
Countries

893 kB
Transfer

1807 kB
Size

11
Cookies

47 HTTP transactions
1 data transactions