cliente-2020-paypai.www1.biz Open in urlscan Pro
217.79.178.233  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set restore.php Show response cliente-2020-paypai.www1.biz/	24 KB 25 KB	188ms 31ms	Document text/html	217.79.178.233 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol HTTP/1.1 Server 217.79.178.233 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS vps1946168.fastwebserver.de Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 535cb5007a86b4a91cf1f095966a63e09f87793febb4c6af9264bdca860bcb45 Request headers Host cliente-2020-paypai.www1.biz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 25 Mar 2020 15:07:36 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Set-Cookie PHPSESSID=ht61i7to85oscm3fpd8usd5kk6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	app.css cliente-2020-paypai.www1.biz/wa_files/	561 KB 561 KB	50ms 33ms	Stylesheet text/css	217.79.178.233 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://cliente-2020-paypai.www1.biz/wa_files/app.css Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol HTTP/1.1 Server 217.79.178.233 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS vps1946168.fastwebserver.de Software Apache/2.2.15 (CentOS) / Resource Hash 8daad0aae422011491987494e6c86bdf6bb827fd5730cd4bb3d17b6dd5528f23 Request headers Referer http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 25 Mar 2020 15:07:37 GMT Last-Modified Wed, 04 Sep 2019 17:37:33 GMT Server Apache/2.2.15 (CentOS) ETag "802cd-8c203-591bda8f49140" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 573955
GET H/1.1	404 Not Found	0.bundle.js.download cliente-2020-paypai.www1.biz/wa_files/	0 0	49ms 32ms	Script text/html	217.79.178.233 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://cliente-2020-paypai.www1.biz/wa_files/0.bundle.js.download Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol HTTP/1.1 Server 217.79.178.233 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS vps1946168.fastwebserver.de Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 25 Mar 2020 15:07:37 GMT Server Apache/2.2.15 (CentOS) Connection close Content-Length 321 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	_languagepack.js.download cliente-2020-paypai.www1.biz/wa_files/	0 0	75ms 58ms	Script text/html	217.79.178.233 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://cliente-2020-paypai.www1.biz/wa_files/_languagepack.js.download Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol HTTP/1.1 Server 217.79.178.233 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS vps1946168.fastwebserver.de Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 25 Mar 2020 15:07:37 GMT Server Apache/2.2.15 (CentOS) Connection close Content-Length 326 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	oo_engine.min.js.download cliente-2020-paypai.www1.biz/wa_files/	0 0	46ms 30ms	Script text/html	217.79.178.233 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://cliente-2020-paypai.www1.biz/wa_files/oo_engine.min.js.download Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol HTTP/1.1 Server 217.79.178.233 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS vps1946168.fastwebserver.de Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Referer http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 25 Mar 2020 15:07:37 GMT Server Apache/2.2.15 (CentOS) Connection close Content-Length 326 Content-Type text/html; charset=iso-8859-1
GET H2	200	generic_sprite_1x.png www.paypalobjects.com/webstatic/restoreaccessnodeweb/	44 KB 44 KB	45ms 45ms	Image image/png	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/restoreaccessnodeweb/generic_sprite_1x.png Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d1a8e147e1c3132fb5941da874109473306d4353ca354ddff7329b099e865678 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Wed, 25 Mar 2020 15:07:37 GMT x-content-type-options nosniff last-modified Fri, 07 Aug 2015 15:25:05 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 44802 expires Wed, 25 Mar 2020 15:07:37 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d5db3b907609c4110204c6b690669146ea129afc11f5de317d7312f9d24536bf Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	PayPalSansSmall-Medium.woff2 www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/	38 KB 38 KB	141ms 34ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Medium.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:03 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalSansBig-Regular.woff2 www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/	38 KB 38 KB	163ms 56ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Regular.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:03 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalVXIcons-Regular.woff2 www.paypalobjects.com/ui-web/vx-icons/2-0-2/	9 KB 9 KB	132ms 34ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/vx-icons/2-0-2/PayPalVXIcons-Regular.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2bd489558b2373c5faeecbdf17bfd8a619cf5db1cad8d648dcbd40d98d3d980d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 18 Oct 2017 00:58:59 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes content-length 8983 expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalSansBig-Light.woff2 www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/	37 KB 38 KB	168ms 70ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:06 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalSansSmall-Regular.woff2 www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/	36 KB 37 KB	198ms 100ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:03 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalSansBig-Medium.woff2 www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/	39 KB 39 KB	206ms 108ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Medium.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 707b984c5c13152e4eaff00bb6000a9e3050a0a086030d2a25525c8dd2bd536e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:03 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT
GET H2	200	PayPalSansSmall-Light.woff2 www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/	36 KB 36 KB	162ms 117ms	Font application/font-woff2	95.101.184.70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Light.woff2 Requested by Host: cliente-2020-paypai.www1.biz URL: http://cliente-2020-paypai.www1.biz/restore.php?&SERVID=Service_Login_&_Authentication=6d8397c3eefd7802780ff4c7590a2dd4f2e6b1503a0436c92206190af30d423ca4c1be8c9e31c822eb41f27091021b59e9ecae78f0b3a5257c199891 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.184.70 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-101-184-70.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e085866d187704eb7574395c3bf4ae78dfdc8f189816d2081b9495fd4a12787f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://cliente-2020-paypai.www1.biz/wa_files/app.css Origin http://cliente-2020-paypai.www1.biz Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 15:07:37 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Jun 2016 16:50:03 GMT server Apache access-control-allow-origin * vary Accept-Encoding content-type application/font-woff2 status 200 strict-transport-security max-age=31536000 accept-ranges bytes expires Fri, 24 Apr 2020 15:07:37 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cliente-2020-paypai.www1.biz/	1969-12-31 23:59:59	Name: PHPSESSID Value: ht61i7to85oscm3fpd8usd5kk6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cliente-2020-paypai.www1.biz
www.paypalobjects.com
217.79.178.233
95.101.184.70
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
2bd489558b2373c5faeecbdf17bfd8a619cf5db1cad8d648dcbd40d98d3d980d
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
535cb5007a86b4a91cf1f095966a63e09f87793febb4c6af9264bdca860bcb45
707b984c5c13152e4eaff00bb6000a9e3050a0a086030d2a25525c8dd2bd536e
8daad0aae422011491987494e6c86bdf6bb827fd5730cd4bb3d17b6dd5528f23
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
d1a8e147e1c3132fb5941da874109473306d4353ca354ddff7329b099e865678
d5db3b907609c4110204c6b690669146ea129afc11f5de317d7312f9d24536bf
e085866d187704eb7574395c3bf4ae78dfdc8f189816d2081b9495fd4a12787f
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e