urlscan.io logo urlscan.io
SecurityTrails logo

stoneclientes.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:f7d0::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Submission: On January 25 via automatic, source phishtank — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 2a02:4780:dead:f7d0::1, located in United States and belongs to AWEX, CY. The main domain is stoneclientes.000webhostapp.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on July 10th 2021. Valid for: a year.
This is the only time stoneclientes.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
20 2a02:4780:dea... 204915 (AWEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.66.133 54113 (FASTLY)
5 151.101.65.35 54113 (FASTLY)
1 2 64.4.245.84 17012 (PAYPAL)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 151.101.1.35 54113 (FASTLY)
31 7
20    2a02:4780:dead:f7d0::1 (United States)

ASN204915 (AWEX, CY)
stoneclientes.000webhostapp.com
1    2606:4700::6813:b878 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
1    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
5    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2a02:26f0:7100:1ac::26cf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c6.paypal.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
20 000webhostapp.com
stoneclientes.000webhostapp.com
269 KB
10 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5622
b.stats.paypal.com — Cisco Umbrella Rank: 4419
dub.stats.paypal.com — Cisco Umbrella Rank: 17119
c6.paypal.com — Cisco Umbrella Rank: 6753
t.paypal.com — Cisco Umbrella Rank: 3581
42 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1385
2 KB
1 000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 112800
2 KB
31 4
Domain Requested by
20 stoneclientes.000webhostapp.com stoneclientes.000webhostapp.com
5 c.paypal.com stoneclientes.000webhostapp.com
c.paypal.com
2 t.paypal.com
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 www.paypalobjects.com stoneclientes.000webhostapp.com
1 cdn.000webhost.com stoneclientes.000webhostapp.com
31 8

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
*.000webhostapp.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-10 -
2022-08-10		 a year crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-13		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-02 -
2022-03-15		 4 months crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-06-24 -
2022-06-29		 2 years crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-21 -
2022-10-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Frame ID: 64C2B9CA6239D1F1ADAB299AE343FA42
Requests: 25 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: AC22642D1121EB6CF4C24AC99883B7C0
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn
Frame ID: 083415BB496357A41CD4D0F00B498D91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

31
Requests

97 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

2
Countries

316 kB
Transfer

871 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin.html
stoneclientes.000webhostapp.com/www.paypal.com/ 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
f59c5906e8b877ccc8b12f475e9f15fdc1a81cf3dbd83aa342f2ad041761fb56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-type
text/html; charset=UTF-8
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
c4c4779cb68632755b101982ef1275db
content-encoding
gzip
ngrlCaptcha.min.js
stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:46 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
b5de07953d1792a941db2a496711e383
contextualLogin.css
stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/css/ 		119 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/css/contextualLogin.css
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
8d0096fd103e6fe6319cdc5bf1015cb83b7241816d04ffb7d5ca9da16123a04d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:49 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
6ced2222e3f51f5ba0e53605e79c1b5c
modernizr-2.6.1.js
stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/lib/modernizr-2.6.1.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:50 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
af7b4239210d4b7ca16f09db683e34dc
icon-PN-check.png
stoneclientes.000webhostapp.com/www.paypalobjects.com/images/shared/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:47 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
1238
x-xss-protection
1; mode=block
x-request-id
e002c7fdc6879978494921787d61a4e4
glyph_alert_critical_big-2x.png
stoneclientes.000webhostapp.com/www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:47 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
1709
x-xss-protection
1; mode=block
x-request-id
cf2c0e2537852a35169da0aacf075188
fn-sync-telemetry-min.js
stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/lib/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/lib/fn-sync-telemetry-min.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:50 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
ee3730cbcd06b1e718a4999b81acaa17
signin-split.js
stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/ 		316 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/signin-split.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
9c434dbdf63f5a913772f0ba9bf20d6691ecea8686df39eeb96b9f5d67d7abe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:50 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
63ba5f25bdf86e56da5528ac0f16849a
pa.js
stoneclientes.000webhostapp.com/www.paypalobjects.com/pa/js/min/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
abeea56da097a2b21b8d9c5963d45cbc5021459f4e9fd4d07cfd28a244ed33bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 22 Jan 2022 00:36:49 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
2facb2540712f5c517aa2d43b45e3d58
recaptchav3eae8.html
stoneclientes.000webhostapp.com/www.paypal.com/auth/createchallenge/b1cb95ae7718148d/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypal.com/auth/createchallenge/b1cb95ae7718148d/recaptchav3eae8.html?_sessionID=xyFZ2WDqN8Huf3qK4DgMXisOAp6e-9Ul
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
bafdd41fb42811425fb566c973cde7fbd53d6fda7615308b05f347c7ecb41ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
82dd1e28a332508ac4f056926ca1ea92
content-type
text/html; charset=UTF-8
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3996
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj
imgq:100,h2pri
x-hostinger-datacenter
srv
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
last-modified
Mon, 17 Jan 2022 10:58:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"61e54bc9-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
vary
Accept
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn2
accept-ranges
bytes
cf-ray
6d33c6c7d8bb9054-FRA
expires
Tue, 25 Jan 2022 23:06:02 GMT
signin.html
stoneclientes.000webhostapp.com/www.paypal.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
5f709b50b89628a6476343c3007ceac4
content-type
text/html; charset=UTF-8
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/css/contextualLogin.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1c098630023be
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
1932
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10024-SJC, cache-ams21054-AMS
last-modified
Fri, 24 Oct 2014 22:52:57 GMT
x-timer
S1643137563.848213,VS0,VE0
etag
W/"544ad849-1351"
strict-transport-security
max-age=31557600
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
2000, 3
signin.html
stoneclientes.000webhostapp.com/www.paypal.com/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
Content-Range
bytes 0-26371/26372
accept-ranges
bytes
Content-Length
26372
x-xss-protection
1; mode=block
x-request-id
be7fc73011314010f128ff413f79db0c
signin.html
stoneclientes.000webhostapp.com/www.paypal.com/ 		31 KB
31 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
f59c5906e8b877ccc8b12f475e9f15fdc1a81cf3dbd83aa342f2ad041761fb56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 25 Jan 2022 19:06:02 GMT
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
Content-Range
bytes 0-26371/26372
accept-ranges
bytes
Content-Length
26372
x-xss-protection
1; mode=block
x-request-id
27ab0b762ba8efd634ff66f6bccde0fc
client-log
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/client-log
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
563e267b92cafff1de5ef31ff0375774
content-type
text/html; charset=UTF-8
fb.js
c.paypal.com/da/r/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/web/res/ed6/59f95c0bae000a102e0d94307a2eb/js/signin-split.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6432819
x-cache
HIT, MISS, HIT
paypal-debug-id
1d89932fe1229
x-cache-hits
1, 0, 844840
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19090
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10041-SJC, cache-ams21068-AMS, cache-ams21041-AMS
last-modified
Fri, 12 Nov 2021 07:18:06 GMT
x-timer
S1643137563.255822,VS0,VE2
etag
W/"618e152e-db6d"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jan 2022 19:06:03 GMT
challenge.js
stoneclientes.000webhostapp.com/auth/createchallenge/cc31cd5013c4520a/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/auth/createchallenge/cc31cd5013c4520a/challenge.js
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
b57435794a581d0b67ed3cc6293cb099
content-type
text/html; charset=UTF-8
client-log
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/client-log
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
5f9e100d6cab3d4c5bfea9872cf49342
content-type
text/html; charset=UTF-8
cookie-banner
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/cookie-banner?
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
af568972906dedded485901c7ad0fdf5
content-type
text/html; charset=UTF-8
load-resource
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/load-resource
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
482ff7f1f4c43796d07743bd55165816
content-type
text/html; charset=UTF-8
i
c.paypal.com/v1/r/d/ Frame AC22 		160 B
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/

Response headers

correlation-id
8700a81b45ffa
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
8700a81b45ffa
x-content-type-options
nosniff
x-xss-protection
1; mode=block
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Tue, 25 Jan 2022 19:06:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn11575-HHN, cache-ams21041-AMS
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1643137563.295466,VS0,VE150
vary
Accept-Encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin
*
counter2.cgi
dub.stats.paypal.com/v1/ Frame 0834
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 19:06:03 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD04MmIxNTIyODZhNmM0YTliYjg3ZjMwZDE4NDcwZDA0NiZpPTE3Ny4yMjMuNTMuOTYmdD0xNjQyMjY4NjM1LjU3NCZhPTIxJnM9VU5JRklFRF9MT0dJTlQlO0aFrWbaR38Oc0vFGMOv6Lkn
Date
Tue, 25 Jan 2022 19:06:03 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
load-resource
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/load-resource
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
342d5ae10d725cdbf68fcdfa8405c303
content-type
text/html; charset=UTF-8
load-resource
stoneclientes.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoneclientes.000webhostapp.com/signin/load-resource
Requested by
Host: stoneclientes.000webhostapp.com
URL: https://stoneclientes.000webhostapp.com/www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f7d0::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
b83285320d14cf7a553d911751f2f33f
content-type
text/html; charset=UTF-8
fb.js
c.paypal.com/da/r/ Frame AC22 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6432819
x-cache
HIT, MISS, HIT
paypal-debug-id
1d89932fe1229
x-cache-hits
1, 0, 844841
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19090
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10041-SJC, cache-ams21068-AMS, cache-ams21041-AMS
last-modified
Fri, 12 Nov 2021 07:18:06 GMT
x-timer
S1643137563.471085,VS0,VE2
etag
W/"618e152e-db6d"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jan 2022 19:06:03 GMT
p1
c.paypal.com/v1/r/d/b/ Frame AC22 		125 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73867eda6b6b07babe4ac791a5c09ac9180b54765fec7e0fc7f057caf3d3867
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Tue, 25 Jan 2022 19:06:03 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
b57d64c06d92a
x-served-by
cache-hhn4082-HHN, cache-ams21041-AMS
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
b57d64c06d92a
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame AC22 		15 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
13c56231651b8
x-served-by
cache-hhn11538-HHN, cache-ams21041-AMS
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
13c56231651b8
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame AC22 		0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=82b152286a6c4a9bb87f30d18470d046&s=UNIFIED_LOGIN_INPUT_EMAIL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1ac::26cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jan 2022 19:06:03 GMT
CORRELATION-ID
b32fb65a341b
Paypal-Debug-Id
b32fb65a341b
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Tue, 25 Jan 2022 19:06:03 GMT
ts
t.paypal.com/ 		42 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.5.15&t=1643137563661&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1642268635555&calc=f8981514960d6&nsid=xyFZ2WDqN8Huf3qK4DgMXisOAp6e-9Ul&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=82b152286a6c4a9bb87f30d18470d046&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&pl=pdf&imsrc=setup&view=%7B%22t10%22%3A310%2C%22t11%22%3A1376%2C%22tcp%22%3A760%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A250%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=310&t1c=310&t1d=54&t1s=130&t2=126&t3=124&t4d=0&t4=0&t4e=2&tt=1125&rdc=0&protocol=h2&res=%7B%7D&3p_vid=4e10f38a5e3c468c&3p_fpti=5d39d666749e6037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
3a4e20223eaf2
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn11535-HHN, cache-ams21080-AMS
pragma
no-cache
x-timer
S1643137564.724807,VS0,VE174
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jan 2022 19:06:03 GMT
ts
t.paypal.com/ 		42 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.5.15&t=1643137563762&g=0&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1642268635555&calc=f8981514960d6&nsid=xyFZ2WDqN8Huf3qK4DgMXisOAp6e-9Ul&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=82b152286a6c4a9bb87f30d18470d046&comp=unifiedloginnodeweb&tsrce=unifiedloginnodeweb&cu=0&ef_policy=ccpa&transition_name=ss_prepare_email&userRedirected=true&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_email&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=164&t3=1&tt=165&protocol=h2&cenc=br&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A1%2C%22t11%22%3A165%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=4e10f38a5e3c468c&3p_fpti=5d39d666749e6037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 19:06:03 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
294ddc880efe7
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn11580-HHN, cache-ams21080-AMS
pragma
no-cache
x-timer
S1643137564.770350,VS0,VE157
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jan 2022 19:06:03 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| paypalADSInterceptorInjected object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| _ifpti function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage

4 Cookies

Domain/Path Name / Value
.c.paypal.com/ Name: sc_f
Value: yDmozMB6_C-kyh8HXHHHttdpJSBVdoGG3HD-pKr6OKnyXzoEyTWNJ4GDTOG_cSqxXbSFN7w77n2cn9Ghe_MJe7I44h2RI2XeU-b8Km
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: AR7LQB_iXYGPrLnVMYWUqKfavOMJLbzfcPggEWi0fdFODCPyUJyr20v0yzBzvpEiAa4vGA2mcdafOIMc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1737831963%26vteXpYrS%3D1643139363%26vr%3D5d39d666749e6037%26vt%3D4e10f38a5e3c468c
.paypal.com/ Name: ts_c
Value: vr%3D5d39d666749e6037%26vt%3D4e10f38a5e3c468c

8 Console Messages

Source Level URL
Text
security error URL: https://stoneclientes.000webhostapp.com/www.paypal.com/signin.html
Message:
Refused to execute script from 'https://stoneclientes.000webhostapp.com/www.paypal.com/auth/createchallenge/b1cb95ae7718148d/recaptchav3eae8.html?_sessionID=xyFZ2WDqN8Huf3qK4DgMXisOAp6e-9Ul' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://stoneclientes.000webhostapp.com/signin/client-log
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/auth/createchallenge/cc31cd5013c4520a/challenge.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/signin/load-resource
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/signin/client-log
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/signin/cookie-banner?
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/signin/load-resource
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stoneclientes.000webhostapp.com/signin/load-resource
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.000webhost.com
dub.stats.paypal.com
stoneclientes.000webhostapp.com
t.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.65.35
151.101.66.133
2606:4700::6813:b878
2a02:26f0:7100:1ac::26cf
2a02:4780:dead:f7d0::1
64.4.245.84
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
8d0096fd103e6fe6319cdc5bf1015cb83b7241816d04ffb7d5ca9da16123a04d
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9c434dbdf63f5a913772f0ba9bf20d6691ecea8686df39eeb96b9f5d67d7abe4
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
abeea56da097a2b21b8d9c5963d45cbc5021459f4e9fd4d07cfd28a244ed33bd
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
bafdd41fb42811425fb566c973cde7fbd53d6fda7615308b05f347c7ecb41ebc
c73867eda6b6b07babe4ac791a5c09ac9180b54765fec7e0fc7f057caf3d3867
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f59c5906e8b877ccc8b12f475e9f15fdc1a81cf3dbd83aa342f2ad041761fb56