urlscan.io logo urlscan.io
SecurityTrails logo

login.onboardingnewleads.xyz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.onboardingnewleads.xyz/
Submission: On May 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.onboardingnewleads.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 12th 2024. Valid for: 3 months.
This is the only time login.onboardingnewleads.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 99.86.7.170 16509 (AMAZON-02)
1 108.138.32.115 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2 34.147.177.40 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:a... 15169 (GOOGLE)
19 10
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
login.onboardingnewleads.xyz
c.onboardingnewleads.xyz
4    99.86.7.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-170.fra6.r.cloudfront.net
cdn.izettle.com
1    108.138.32.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-115.muc50.r.cloudfront.net
www.datadoghq-browser-agent.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
c.onboardingnewleads.xyz
2    34.147.177.40 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com
b.stats.paypal.com
lhr.stats.paypal.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:1901:0:a9f9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
browser-intake-datadoghq.eu
Apex Domain
Subdomains		 Transfer
5 onboardingnewleads.xyz
login.onboardingnewleads.xyz
c.onboardingnewleads.xyz
c6.onboardingnewleads.xyz Failed
68 KB
4 izettle.com
cdn.izettle.com — Cisco Umbrella Rank: 354915
13 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 654
www.google-analytics.com — Cisco Umbrella Rank: 32
18 KB
2 paypal.com
b.stats.paypal.com — Cisco Umbrella Rank: 6438
lhr.stats.paypal.com — Cisco Umbrella Rank: 31738
679 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
245 KB
1 browser-intake-datadoghq.eu
browser-intake-datadoghq.eu — Cisco Umbrella Rank: 8300
349 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1427
50 KB
19 7
Domain Requested by
4 cdn.izettle.com login.onboardingnewleads.xyz
3 login.onboardingnewleads.xyz login.onboardingnewleads.xyz
2 ssl.google-analytics.com login.onboardingnewleads.xyz
2 www.googletagmanager.com login.onboardingnewleads.xyz
www.googletagmanager.com
2 c.onboardingnewleads.xyz login.onboardingnewleads.xyz
c.onboardingnewleads.xyz
1 browser-intake-datadoghq.eu www.datadoghq-browser-agent.com
1 www.google-analytics.com ssl.google-analytics.com
1 lhr.stats.paypal.com login.onboardingnewleads.xyz
1 b.stats.paypal.com 1 redirects
1 www.datadoghq-browser-agent.com login.onboardingnewleads.xyz
0 c6.onboardingnewleads.xyz Failed login.onboardingnewleads.xyz
19 11

This site contains links to these domains. Also see Links.

Domain
register.zettle.com
Subject Issuer Validity Valid
onboardingnewleads.xyz
GTS CA 1P5		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.izettle.com
Amazon RSA 2048 M03		 2024-03-13 -
2025-04-10		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-14 -
2025-05-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://login.onboardingnewleads.xyz/
Frame ID: 2686FF316B00E5C11B29A3B8E1FB44AA
Requests: 17 HTTP requests in this frame

Frame: https://c.onboardingnewleads.xyz/v1/r/d/i?js_src=https://c.onboardingnewleads.xyz/da/r/fb.js
Frame ID: A035E7AF57881D1E5BF683A19F6F3A09
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/v2/counter2.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
Frame ID: B4007064F7713FD3382E2DA47028908C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loggen Sie sich in Ihr Zettle-Konto ein

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

56 %
IPv6

7
Domains

11
Subdomains

10
IPs

4
Countries

396 kB
Transfer

1305 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://b.stats.paypal.com/v2/counter.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN HTTP 302
  • https://lhr.stats.paypal.com/v2/counter2.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.onboardingnewleads.xyz/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e7291632c976f2d72c8164fad8420a192ba87aa68f1d2476a56e34fee51078

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88a0f681b9728c44-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 26 May 2024 21:47:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit
60
ratelimit-policy
60;w=240
ratelimit-remaining
59
ratelimit-reset
240
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNNRw3Ypv4eDeRAblrqLdf4scFo4PWgKjgNOuQ%2F1yVOdo3y7TDjXisA4NCY%2F2HTLxM8l8MoXDO3zx%2BI8hHd2g5W4dsH1xoPJfLBkoHA3Y%2B6rkmeGW8QIUGwlrMnRmp0J3w2z7dIY6ccLkCQpjvI8SJhDng7Pt%2Flo1TEO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-id
fEifw5kOqUEzEAcIR33ZMwePKLHLKnTMoR0-xZu1fDqnxoY3BApPYw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-ratelimit-limit
60
x-ratelimit-remaining
59
x-ratelimit-reset
1716760279
jquery.min.js
login.onboardingnewleads.xyz/assets/javascript/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.onboardingnewleads.xyz/assets/javascript/jquery.min.js
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:19 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 24 May 2024 06:49:58 GMT
server
cloudflare
etag
W/"155ed-18fa95d09f0"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5nFENTr%2BWPTpBPuis1fxEgxFocR8fMD99rfKm97%2BQCH05NiqTByfoLj3CX7qPqqQ7LydOb3iaiT1Gx1q1A70C3gCFCvCAXH93wruKjnNUDrZaoAjjtKginSxYS6h0P7bvpJWqtuhjcGuWWh2LSkkCtmykUyNC18X1Rq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
88a0f682daee8c44-FRA
x-amz-cf-id
G-DY5El0RwDT4Y5x3LIOZuM2WQ9xprN0OpCkgqvCBg-mxHboEnG4DQ==
main.css
login.onboardingnewleads.xyz/assets/styles/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.onboardingnewleads.xyz/assets/styles/main.css
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f8707e3d33c002c0196fc959f3036bc709eaab3876f2e1fa19108d9896a852

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:19 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
last-modified
Fri, 24 May 2024 06:50:31 GMT
server
cloudflare
etag
W/"c1f0-18fa95d8ad8"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dD2X%2FFmtGP6bdQc%2FrwP79j3ptPFIiCyZgkYxLJa%2FkcXsJX76wWbi%2BPTeNQeiuvzVQb9WF32DsoqGqiviOvcbkLltaOO9fJ0AKthahuQnQ50DdjDJGOrw8gv36GgYTCH%2BW%2Bw1IjNnG%2BFNBrN7FsMgM3X7ge7Sd2yGHws%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
cf-ray
88a0f682daf18c44-FRA
x-amz-cf-id
GO4ZzFTh9M760em-tT3EMizdcVZhbqTHd1JzSWefA6x5vDgAHOPX3w==
Zettle_Primary_Positive.svg
cdn.izettle.com/zettle-brand/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.izettle.com/zettle-brand/Zettle_Primary_Positive.svg
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-170.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
713bc902f029fd781a25e5cc72c9c160931ed1f5b6480168966d075e1ecacf48

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 05:13:00 GMT
x-amz-version-id
tBs1Opa4f4WmQaSHNIS41pylSKKKcDAJ
Content-Encoding
gzip
Last-Modified
Wed, 20 Jan 2021 09:55:34 GMT
Server
AmazonS3
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
ETag
W/"a463b7f56e2a5923ee457664fc18b532"
Age
318859
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
1qkdKoLP5vuyzkiCIAfiE5SXoYibsvFfhvzKRfjDKL3eLJdQiMU9rg==
fb.js
c.onboardingnewleads.xyz/da/r/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.onboardingnewleads.xyz/da/r/fb.js
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04805b6e45bf75e971640dec4944da2726068231bce61abff3ff7d1856946194

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
paypal-debug-id
b65ca04577c40
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 May 2024 00:23:12 GMT
server
cloudflare
traceparent
00-0000000000000000000b65ca04577c40-2677068b49461c9e-01
etag
W/"66318b70-10bfa"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUhWgqllvd2%2B24osencOWitkks%2B2eyQFrVJcaLYpAziwTWRauCOyeL9HkRvVepL7KsNEh4vPCdOlxEOh3k7zK9COb6bKk%2Bu6GY8yW6T%2BW5QQCRJTOoqARSWkXM%2FzVyrmgHWh32GW2SFI7wxCEMSIBpRQYD%2FhnRA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
x-csrf-token
cf-ray
88a0f6831b398c44-FRA
expires
Mon, 27 May 2024 12:38:33 GMT
datadog-rum.js
www.datadoghq-browser-agent.com/eu1/v5/ 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-115.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61be5b929adc52e22c654e6ad4140782ab8e368ed5e580a5ae6888fa4984e51a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:10 GMT
content-encoding
br
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Thu, 16 May 2024 13:18:00 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10
x-amz-server-side-encryption
AES256
etag
W/"34a5be7daed8097b24f50908508cf1cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
ekLgRJ8iwVPP4AInaDtMAwoh7j2vMjnUX8dQQFj5R1HqSIHL696ujQ==
gtm.js
www.googletagmanager.com/ 		540 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MD45XHL
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b10f5dfca9d866a61fa36c270e9241b2af31260a3358a02d7194e6c58fea4d73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
146286
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 May 2024 21:47:19 GMT
i
c.onboardingnewleads.xyz/v1/r/d/ Frame A035 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.onboardingnewleads.xyz/v1/r/d/i?js_src=https://c.onboardingnewleads.xyz/da/r/fb.js
Requested by
Host: c.onboardingnewleads.xyz
URL: https://c.onboardingnewleads.xyz/da/r/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
hoHxT2MOcFQsYpAHbUPpYcOAFtvpdOlKRXzKXXJc5H2l8ZNpyh+J0f8/6zC5zeOfopvhpJaT1tRMzO/AKA6BOfT9YNUnQyjx946UW63klKQ=$aqpfFqrJSeB+hQJlalex9w==
cf-mitigated
challenge
cf-ray
88a0f684dbe2718b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 26 May 2024 21:47:19 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2F4vFCM6%2BbXEPz%2Ba9kStaFKv1kfpzb0eyZWB2Q0j8fPIUt9lqS7W3OZjzxvAoWpJY4sCRPDpp9G52YED1B%2FmtlfXZTSy7UdEV3DRycIAJtuqhyFg8rTTO0J4K2wjynuZuPNqZr%2BHuU%2B3KsQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
counter2.cgi
lhr.stats.paypal.com/v2/ Frame B400
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
  • https://lhr.stats.paypal.com/v2/counter2.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lhr.stats.paypal.com/v2/counter2.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
HTTP/1.1
Server
34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.177.147.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Sun, 26 May 2024 21:47:19 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://lhr.stats.paypal.com/v2/counter2.cgi?p=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
Date
Sun, 26 May 2024 21:47:19 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
p3
c6.onboardingnewleads.xyz/v1/r/d/b/ 		0
0
PPUI_Zettle_Primary_Positive.svg
cdn.izettle.com/zettle-brand/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.izettle.com/zettle-brand/PPUI_Zettle_Primary_Positive.svg
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/assets/styles/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-170.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eeb90061ec9c7eec4d47cea885ac36a452a250ca7c2f2d1ca6ba70395573896

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Sdfqa67Utg1LsJFJ43_ZTTtZ_MrczWnl
Content-Encoding
gzip
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
Date
Fri, 03 May 2024 05:52:11 GMT
X-Amz-Cf-Pop
FRA6-C1
Age
2044509
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 10 Jan 2024 09:38:19 GMT
Server
AmazonS3
ETag
W/"432deb865a3e78e9faa5764fa3279748"
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Amz-Cf-Id
ob80AXhsUh4ZS-1o4PzT8HvJG_P5_ZEuFqXVe2cthfbfeyWbwf5UPw==
7cac4eca-c237-47e0-b662-eb4be6e9fb35
https://login.onboardingnewleads.xyz/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://login.onboardingnewleads.xyz/7cac4eca-c237-47e0-b662-eb4be6e9fb35
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4c3033f0c082f99faecdbcc746e40caf1ff81c5b83061d0227c6caccde34a8b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
25814
Content-Type
js
www.googletagmanager.com/gtag/ 		308 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9C5Q0J1HW8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD45XHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94644096a968c5de710abdbfd0245bdeee766881a5b877ca2306bb9079611e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:47:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104099
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 26 May 2024 21:47:19 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 26 May 2024 19:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6742
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 26 May 2024 21:54:57 GMT
inpage_linkid.js
www.google-analytics.com/plugins/ga/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ga/inpage_linkid.js
Requested by
Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 21:27:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 26 May 2024 22:27:42 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=627256478&utmhn=login.onboardingnewleads.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=nl-nl&utmje=0&utmfl=-&utmdt=Loggen%20Sie%20sich%20in%20Ihr%20Zettle-Konto%20ein&utmhid=484434607&utmr=-&utmp=%2F&utmht=1716760039917&utmac=UA-XXXXX-Y&utmcc=__utma%3D166533344.1653419208.1716760040.1716760040.1716760040.1%3B%2B__utmz%3D166533344.1716760040.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1989199891&utmredir=1&utmu=qBAAACAAAAAAAAAAAAAAAAAE~
Requested by
Host: login.onboardingnewleads.xyz
URL: https://login.onboardingnewleads.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 26 May 2024 21:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-v2-blue.ico
cdn.izettle.com/favicons/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.izettle.com/favicons/favicon-v2-blue.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-170.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51504c92a90fbd747258641780bcfc8e379d0631d4f662771372f6ccc5a5b83e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
18efgfEFQApd.Y4E_ZJYFO2H6Rov0FWT
Date
Tue, 30 Apr 2024 07:31:58 GMT
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2297744
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3782
Last-Modified
Wed, 15 Nov 2023 10:16:18 GMT
Server
AmazonS3
ETag
"7d8b76f891983ed1642eb7c6bbda73da"
Vary
Accept-Encoding
Content-Type
image/x-icon
Accept-Ranges
bytes
X-Amz-Cf-Id
CZYIYIihA3mbIkjdrobOzTPSdB-31Mb7_e-2lpQddELPXVefTJn3EA==
rum
browser-intake-datadoghq.eu/api/v2/ 		53 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.18.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Alogin-service%2Cversion%3A04391aa0&dd-api-key=pub7e79cbbaf392c9484cc882e902508f9a&dd-evp-origin-version=5.18.0&dd-evp-origin=browser&dd-request-id=d194b8ec-b369-4dfa-8912-ca69cae96916&batch_time=1716760040086
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a9f9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d8a34a29068470244e0037a98b33ced00aa925a28fa3e675e4c6226c20904d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 26 May 2024 21:47:20 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
d194b8ec-b369-4dfa-8912-ca69cae96916
favicon-v2-32x32-blue.png
cdn.izettle.com/favicons/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.izettle.com/favicons/favicon-v2-32x32-blue.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-170.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
933f4dea96d621f0ad6554e8c6ca6decc5ef5914f519a443b236b75e4d3cc4bb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ypjeN1OWa3qdx79TvH6x7i7ZEJxNKLLF
Date
Fri, 03 May 2024 08:09:34 GMT
Via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2036270
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2266
Last-Modified
Fri, 19 Jan 2024 14:03:18 GMT
Server
AmazonS3
ETag
"952ac1cb267e2169b81e8a60ee23bcd3"
Vary
Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
X-Amz-Cf-Id
Ve7FLQOVZ-zK9TbRzoqEL-Nu9sRY1t0EWzoqUU8ZE7QoTsXEIi5JCw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c6.onboardingnewleads.xyz
URL
https://c6.onboardingnewleads.xyz/v1/r/d/b/p3?f=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| DD_RUM object| dataLayer function| $ function| jQuery function| OptanonWrapper function| scrollToAnchor object| EMAIL_REGEXP object| formEl object| emailEl object| inputErrorMessageEl boolean| emailValidationMessageIsSet function| validateEmail object| PAYPAL object| __UTILS__ object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _gaq string| pluginUrl function| setCookie function| getParam object| gclid undefined| gclsrc undefined| domain function| onYouTubeIframeAPIReady object| gaGlobal object| _gat object| e function| f

8 Cookies

Domain/Path Name / Value
login.onboardingnewleads.xyz/ Name: _izloginsession
Value: s%3AZw-TTCXhlBDYWdwefh8vrfDSxucWXfFN.gBfKn67pGd3VqFS1VEXy3%2FCorImAJLe4UcHcdWTUTTE
.onboardingnewleads.xyz/ Name: _gcl_au
Value: 1.1.2021890995.1716760040
.onboardingnewleads.xyz/ Name: __utma
Value: 166533344.1653419208.1716760040.1716760040.1716760040.1
.onboardingnewleads.xyz/ Name: __utmc
Value: 166533344
.onboardingnewleads.xyz/ Name: __utmz
Value: 166533344.1716760040.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.onboardingnewleads.xyz/ Name: __utmt
Value: 1
.onboardingnewleads.xyz/ Name: __utmb
Value: 166533344.1.10.1716760040
login.onboardingnewleads.xyz/ Name: _dd_s
Value: rum=1&id=6ae82d51-09da-483a-9084-37b256cbc90d&created=1716760039252&expire=1716760939252

1 Console Messages

Source Level URL
Text
network error URL: https://c6.onboardingnewleads.xyz/v1/r/d/b/p3?f=Zw-TTCXhlBDYWdwefh8vrfDSxucWXfFN&s=IZETTLE_LOGIN
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
browser-intake-datadoghq.eu
c.onboardingnewleads.xyz
c6.onboardingnewleads.xyz
cdn.izettle.com
lhr.stats.paypal.com
login.onboardingnewleads.xyz
ssl.google-analytics.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
c6.onboardingnewleads.xyz
108.138.32.115
188.114.96.3
2600:1901:0:a9f9::
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
2a06:98c1:3121::3
34.147.177.40
99.86.7.170
04805b6e45bf75e971640dec4944da2726068231bce61abff3ff7d1856946194
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
51504c92a90fbd747258641780bcfc8e379d0631d4f662771372f6ccc5a5b83e
61be5b929adc52e22c654e6ad4140782ab8e368ed5e580a5ae6888fa4984e51a
713bc902f029fd781a25e5cc72c9c160931ed1f5b6480168966d075e1ecacf48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90f8707e3d33c002c0196fc959f3036bc709eaab3876f2e1fa19108d9896a852
933f4dea96d621f0ad6554e8c6ca6decc5ef5914f519a443b236b75e4d3cc4bb
94644096a968c5de710abdbfd0245bdeee766881a5b877ca2306bb9079611e7d
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
9eeb90061ec9c7eec4d47cea885ac36a452a250ca7c2f2d1ca6ba70395573896
a9e7291632c976f2d72c8164fad8420a192ba87aa68f1d2476a56e34fee51078
b10f5dfca9d866a61fa36c270e9241b2af31260a3358a02d7194e6c58fea4d73
b4c3033f0c082f99faecdbcc746e40caf1ff81c5b83061d0227c6caccde34a8b
d8a34a29068470244e0037a98b33ced00aa925a28fa3e675e4c6226c20904d48
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a