urlscan.io logo urlscan.io
SecurityTrails logo

lucid-twilight-seaside-996.com Open in urlscan Pro
104.238.101.86  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Submission: On November 10 via api from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 40 HTTP transactions. The main IP is 104.238.101.86, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is lucid-twilight-seaside-996.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 28th 2019. Valid for: 3 months.
This is the only time lucid-twilight-seaside-996.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
27 104.238.101.86 26496 (AS-26496-...)
9 2.18.232.222 16625 (AKAMAI-AS)
1 2 64.4.245.84 17012 (PAYPAL)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 5
27    104.238.101.86 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-104-238-101-86.ip.secureserver.net
lucid-twilight-seaside-996.com
9    2.18.232.222 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-222.deploy.static.akamaitechnologies.com
www.paypalobjects.com
c.paypal.com
t.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL - PayPal, Inc., US)
b.stats.paypal.com
dub.stats.paypal.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
Domain Requested by
27 lucid-twilight-seaside-996.com lucid-twilight-seaside-996.com
4 c.paypal.com lucid-twilight-seaside-996.com
3 t.paypal.com
2 www.google.com www.gstatic.com
lucid-twilight-seaside-996.com
2 www.paypalobjects.com lucid-twilight-seaside-996.com
1 www.gstatic.com lucid-twilight-seaside-996.com
1 dub.stats.paypal.com lucid-twilight-seaside-996.com
1 b.stats.paypal.com 1 redirects
40 8

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
Subject Issuer Validity Valid
lucid-twilight-seaside-996.com
cPanel, Inc. Certification Authority		 2019-09-28 -
2019-12-27		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-10 -
2020-08-18		 a year crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA		 2018-02-16 -
2020-04-29		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Frame ID: 81ABB0F16C63AEE3CD03755306454E0F
Requests: 28 HTTP requests in this frame

Frame: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Frame ID: 635D5A0CD31B9E89ADC4462CC0907460
Requests: 4 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi
Frame ID: 06C947DBA08D840880B44BC298867691
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: 273AB9F42520418F0E28A4039793352F
Requests: 1 HTTP requests in this frame

Frame: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
Frame ID: 868E3407F9FBB9AE7969C2BA1DD3E70D
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCZXkUAAAAAPJkOCgwA5t4l2JhzXGkroDdqyqt&co=aHR0cHM6Ly9sdWNpZC10d2lsaWdodC1zZWFzaWRlLTk5Ni5jb206NDQz&hl=en&v=v1566858990656&size=invisible&cb=1hwmxjuk3gw0
Frame ID: 70E93A87AF55F54ED30AB4EF1D4180BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

40
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

8
Subdomains

5
IPs

3
Countries

1728 kB
Transfer

1975 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1mZWIzNTIxNWEwMWE0YmVlYTIxNmFmOTFjODg5NGVhMyZpPTY4LjEwLjM4Ljg3JnQ9MTU2ODg2MjM0NS44NTcmYT0yMSZzPVVOSUZJRURfTE9HSU45bsqv8z9XKX9DUNGX3aDcN0RrsQ HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request paypal.html
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/ 		177 KB
178 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
52c25fd1f7b78b5ca8422419477e250fdd3e4fa1c32c8e40ea6953d8de35654a

Request headers

Host
lucid-twilight-seaside-996.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Sun, 10 Nov 2019 13:56:52 GMT
Server
Apache
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Accept-Ranges
bytes
Content-Length
181563
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
analytics.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/analytics.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44470
xhr-ads.min.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21544
contextualLogin.css
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		89 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/contextualLogin.css
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
3f12121219a2836e29d06bdfc72c8e29ce64b96fb3b1a752e380519b5f54a8aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
91509
icon-PN-check.png
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/icon-PN-check.png
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2236
glyph_alert_critical_big-2x.png
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/glyph_alert_critical_big-2x.png
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5828
pa.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/pa.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
8bf480afffb8c41d083d3a0d46ec513f6607f5fe16fd43795b1417cd43914e9f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
42056
recaptchav3.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
29c8ad67688be6e60ecb255f32f85296aea4854548bd1a3a1705b2ec3f1f14df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10332
fb-all-prod.pp2.min.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		58 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/fb-all-prod.pp2.min.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
eda0a3b80b9a6c146817151721cb4e4c38bb88bae41419df26f5f67156fa14b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
58963
tealeaf-ul-prod_domcap.min.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		110 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/tealeaf-ul-prod_domcap.min.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
112702
miconfig.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		41 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/miconfig.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
1740df9933ea11b8989f6e11e4c9f57bafdc974a0e5aca94b1712c3439360349

Request headers

Sec-Fetch-Mode
cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Origin
https://lucid-twilight-seaside-996.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
42253
analytics(1).js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/analytics(1).js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214

Request headers

Sec-Fetch-Mode
cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Origin
https://lucid-twilight-seaside-996.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
27822
gtag.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ 		63 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/gtag.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
62e7d1d3345eac1f9badc6e642515fbaf718d94c376fa03edb1b1fefdf3b1ffe

Request headers

Sec-Fetch-Mode
cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Origin
https://lucid-twilight-seaside-996.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
64020
paypal.html
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
181563
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/contextualLogin.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 13:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Oct 2014 22:52:57 GMT
server
Apache
status
200
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1929
expires
Tue, 10 Dec 2019 13:56:53 GMT
recaptchav3_v3.html
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 635D 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
559c1725e896cbe117bc32e38f90341de8ae3cf2b51e949c4af83fe993e1934d

Request headers

Host
lucid-twilight-seaside-996.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Server
Apache
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Accept-Ranges
bytes
Content-Length
4986
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html
counter2.cgi
dub.stats.paypal.com/ Frame 06C9
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1mZWIzNTIxNWEwMWE0YmVlYTIxNmFmOTFjODg5NGVhMyZpPTY4LjEwLjM4Ljg3JnQ9MTU2ODg2MjM0NS44NTcmYT0yMSZzPVVOSUZJRURfTE9HSU45bsqv8z9XKX9DUNGX3aDcN0RrsQ
  • https://dub.stats.paypal.com/counter2.cgi
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Cache-Control
private, must-revalidate, proxy-revalidate
Server
Connection
close
ETag
"a884cced40d54190b3b6"
Content-Length
42
Content-type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi
Date
Sun, 10 Nov 2019 13:56:53 GMT
Server
Connection
close
Content-Length
289
Content-Type
text/html; charset=utf-8
i
c.paypal.com/v1/r/d/ Frame 273A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
c.paypal.com
:scheme
https
:path
/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html

Response headers

status
200
correlation-id
130e328d13cb5
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
130e328d13cb5
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Accept-Encoding
content-encoding
gzip
content-length
160
cache-control
no-cache, no-store, must-revalidate
date
Sun, 10 Nov 2019 13:56:53 GMT
recaptcha__en.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 635D 		264 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptcha__en.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:53 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
269924
api.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 635D 		748 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/api.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
3b89f01a0ccdbeaa181c50a40492d821ac7c4e606931a93b26dc639fc9323cca

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
748
anchor.html
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 868E 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
b286f5c0190ea2d70263dc9e89c623d1c798785e577774d3525b7fe4bdf930cf

Request headers

Host
lucid-twilight-seaside-996.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Server
Apache
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Accept-Ranges
bytes
Content-Length
19940
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Content-Type
text/html
e
c.paypal.com/v1/r/d/b/ 		18 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=Uncaught%20ReferenceError%3A%20data%20is%20not%20defined20171003&ep=abhiklmnj
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 13:56:54 GMT
correlation-id
8ff123d979538
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
application/json
status
200
x-n
S
paypal-debug-id
8ff123d979538
content-length
18
tealeaftarget
lucid-twilight-seaside-996.com/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/tealeaftarget
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Sec-Fetch-Mode
cors
Content-Encoding
gzip
X-Tealeaf
device (UIC) Lib/5.1.0.1731
X-Tealeaf-MessageTypes
1,12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
X-Requested-With
XMLHttpRequest
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/paypalpaypalpaypalusers/paypal.html

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
styles__ltr.css
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 868E 		137 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/styles__ltr.css
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
176bbb41978c9c19e9704b9e95f66ff61066a1726666bc035b59d85f4fac82ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
140176
recaptcha__en.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 868E 		264 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptcha__en.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
269924
c1F4Hq24elnWz-us-mF98EyMJIH4R-cgLADoWVEZ97w.js
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/ Frame 868E 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/c1F4Hq24elnWz-us-mF98EyMJIH4R-cgLADoWVEZ97w.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
7351781eadb87a59d6cfebacfa617df04c8c2481f847e7202c00e8595119f7bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
12258
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1566858990656/ Frame 635D 		264 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 07:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 23:45:00 GMT
server
sffe
age
888316
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94196
x-xss-protection
0
expires
Fri, 30 Oct 2020 07:11:38 GMT
anchor
www.google.com/recaptcha/api2/ Frame 70E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCZXkUAAAAAPJkOCgwA5t4l2JhzXGkroDdqyqt&co=aHR0cHM6Ly9sdWNpZC10d2lsaWdodC1zZWFzaWRlLTk5Ni5jb206NDQz&hl=en&v=v1566858990656&size=invisible&cb=1hwmxjuk3gw0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WwOHl93z17IgSxTnuB6AyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcCZXkUAAAAAPJkOCgwA5t4l2JhzXGkroDdqyqt&co=aHR0cHM6Ly9sdWNpZC10d2lsaWdodC1zZWFzaWRlLTk5Ni5jb206NDQz&hl=en&v=v1566858990656&size=invisible&cb=1hwmxjuk3gw0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptchav3_v3.html

Response headers

status
200
content-security-policy
script-src 'report-sample' 'nonce-WwOHl93z17IgSxTnuB6AyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sun, 10 Nov 2019 13:56:54 GMT
expires
Sun, 10 Nov 2019 13:56:54 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1071
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
c1F4Hq24elnWz-us-mF98EyMJIH4R-cgLADoWVEZ97w.js
www.google.com/js/bg/ Frame 868E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/c1F4Hq24elnWz-us-mF98EyMJIH4R-cgLADoWVEZ97w.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7351781eadb87a59d6cfebacfa617df04c8c2481f847e7202c00e8595119f7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/anchor.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 04:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Sep 2019 11:00:00 GMT
server
sffe
age
898305
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5245
x-xss-protection
0
expires
Fri, 30 Oct 2020 04:25:09 GMT
challenge.js
lucid-twilight-seaside-996.com/auth/createchallenge/3996ab0eb9c0abf3/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/auth/createchallenge/3996ab0eb9c0abf3/challenge.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
application/json
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
paypal.html
lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/ 		177 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
52c25fd1f7b78b5ca8422419477e250fdd3e4fa1c32c8e40ea6953d8de35654a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Last-Modified
Thu, 19 Sep 2019 03:38:08 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
181563
client-log
lucid-twilight-seaside-996.com/signin/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/signin/client-log
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
application/json
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
load-resource
lucid-twilight-seaside-996.com/signin/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/signin/load-resource
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
application/json
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 10 Nov 2019 13:56:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
tealeaf-ul-prod_domcap.min.js
www.paypalobjects.com/web/res/c2f/b33b232032df2cde23cb6476a10ca/js/lib/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/c2f/b33b232032df2cde23cb6476a10ca/js/lib/tealeaf-ul-prod_domcap.min.js
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 13:56:54 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
content-encoding
gzip
vary
Accept-Encoding
content-length
35705
last-modified
Mon, 16 Sep 2019 20:42:41 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Sat, 08 Feb 2020 13:56:54 GMT
e
c.paypal.com/v1/r/d/b/ 		18 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=Script%20error.20171003&ep=abhiklmnj
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 13:56:55 GMT
correlation-id
ee88a44d967e0
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
application/json
status
200
x-n
S
paypal-debug-id
ee88a44d967e0
content-length
18
ts
t.paypal.com/ 		42 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.3.22&t=1573394214919&g=-60&e=err&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&comp=unifiedloginnodeweb&erpg=Script%20error&error_type=WINDOW_ONERROR&error_source=-%200%3A0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Nov 2019 13:56:55 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
http_x_pp_az_locator
slca.slc
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Sun, 10 Nov 2019 13:56:55 GMT
load-resource
lucid-twilight-seaside-996.com/signin/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lucid-twilight-seaside-996.com/signin/load-resource
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/xhr-ads.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.101.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-101-86.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept
application/json
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sun, 10 Nov 2019 13:56:55 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
ts
t.paypal.com/ 		42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.3.22&t=1573394215302&g=-60&e=im&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1568862345838&calc=1b1ec8b2bb093&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=228ddabcb4074e4cb301d5fe186d0b8c&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=0&gacook=1566005474.1568696578&xe=100885%2C3197%2C3862%2C100363&xt=102543%2C7627%2C9226%2C100912&transition_name=ss_prepare_email&ctx_login_ot_content=1&obex=signin&landing_page=login&browser_client_type=Browser&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&view=%7B%22t10%22%3A575%2C%22t11%22%3A3414%2C%22tcp%22%3A1701%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A425%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=575&t1c=575&t1d=283&t1s=278&t2=148&t3=653&t4d=2259&t4=2264&t4e=1&tt=2989&res=%7B%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Nov 2019 13:56:55 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Sun, 10 Nov 2019 13:56:55 GMT
e
c.paypal.com/v1/r/d/b/ 		18 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e?e=Uncaught%20SyntaxError%3A%20Unexpected%20token%20%27%3C%2720171003&ep=abhiklmnj
Requested by
Host: lucid-twilight-seaside-996.com
URL: https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal_files/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 13:56:55 GMT
correlation-id
2f27354969a45
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
application/json
status
200
x-n
S
paypal-debug-id
2f27354969a45
content-length
18
ts
t.paypal.com/ 		42 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.3.22&t=1573394215386&g=-60&e=err&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&comp=unifiedloginnodeweb&erpg=Unexpected%20token%20%27%3C%27&error_type=WINDOW_ONERROR&error_description=SyntaxError%3A%20Unexpected%20token%20%27%3C%27&error_source=https%3A%2F%2Flucid-twilight-seaside-996.com%2Fpaypalpaypalpaypalusers%2Fpaypal.html%201%3A1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.232.222 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-222.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lucid-twilight-seaside-996.com/paypalpaypalpaypalusers/paypal.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Nov 2019 13:56:55 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Sun, 10 Nov 2019 13:56:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| paypalADSInterceptorInjected object| google_tag_data function| ga object| gaplugins object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| _ifpti function| AjaxRequest string| PP_SERVICE_URL string| BASE_SWF_URL string| BEACON_BASE_URL string| PP_IFRAME_JS_URL string| PP_NEW_SERVICE_URL string| PP_VERSION object| Configuration object| PFB_4732Config object| PFB_4732 object| dataCollector object| fp undefined| runFb function| initTsFb object| jstz function| SwfStore function| SlvtStore object| pako object| TLT object| miconfig object| google_tag_manager object| gDataLayer object| _0x43a9 function| _0x597f object| d function| dcfaacebeffdbaffedb object| err object| _0xd880 function| _0x55d1 boolean| error

2 Cookies

Domain/Path Name / Value
.c.paypal.com/ Name: sc_f
Value: 6isGcRt7SrMkGBiRq30UR-phaPQEBN9OdI2vypg4irLeckH_HIlZbsF0C1qfyukpHa5NOsTfMWAKeJPPHyouXc39LxknvA7j7Zps4m
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: 3sWxRhSrVAbv9rFPoL5nIiJZGME73NTmN6xX2TUmJ43L6VfQEMuccKcqWwMZ_fE4D3CG2DturzcR0QcG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
dub.stats.paypal.com
lucid-twilight-seaside-996.com
t.paypal.com
www.google.com
www.gstatic.com
www.paypalobjects.com
104.238.101.86
2.18.232.222
2a00:1450:4001:817::2004
2a00:1450:4001:819::2003
64.4.245.84
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1740df9933ea11b8989f6e11e4c9f57bafdc974a0e5aca94b1712c3439360349
176bbb41978c9c19e9704b9e95f66ff61066a1726666bc035b59d85f4fac82ef
22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466
29c8ad67688be6e60ecb255f32f85296aea4854548bd1a3a1705b2ec3f1f14df
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc
3b89f01a0ccdbeaa181c50a40492d821ac7c4e606931a93b26dc639fc9323cca
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
3f12121219a2836e29d06bdfc72c8e29ce64b96fb3b1a752e380519b5f54a8aa
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
52c25fd1f7b78b5ca8422419477e250fdd3e4fa1c32c8e40ea6953d8de35654a
559c1725e896cbe117bc32e38f90341de8ae3cf2b51e949c4af83fe993e1934d
62e7d1d3345eac1f9badc6e642515fbaf718d94c376fa03edb1b1fefdf3b1ffe
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7351781eadb87a59d6cfebacfa617df04c8c2481f847e7202c00e8595119f7bc
8bf480afffb8c41d083d3a0d46ec513f6607f5fe16fd43795b1417cd43914e9f
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
b286f5c0190ea2d70263dc9e89c623d1c798785e577774d3525b7fe4bdf930cf
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda0a3b80b9a6c146817151721cb4e4c38bb88bae41419df26f5f67156fa14b3