paybeagle.com Open in urlscan Pro
185.70.9.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paybeagle.com/
Submission Tags: @phishunt_io
Submission: On February 22 via api (February 22nd 2023, 2:25:04 pm UTC) from DE — Scanned from GB

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 185.70.9.225, located in Manchester, United Kingdom and belongs to SANDYXHOSTING-AS Data Centre Plus, GB. The main domain is paybeagle.com.
TLS certificate: Issued by R3 on December 25th 2022. Valid for: 3 months.

This is the only time paybeagle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	185.70.9.225 185.70.9.225		201536 (SANDYXHOS...) (SANDYXHOSTING-AS Data Centre Plus)
8	2

6 185.70.9.225 (Manchester, United Kingdom)

ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB)

paybeagle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	paybeagle.com paybeagle.com	459 KB
0	google-analytics.com Failed www.google-analytics.com Failed
0	twitter.com Failed platform.twitter.com Failed
8	3

	Domain	Requested by
6	paybeagle.com	paybeagle.com
0	www.google-analytics.com Failed	paybeagle.com
0	platform.twitter.com Failed	paybeagle.com
8	3

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
paybeagle.com R3	`2022-12-25` - `2023-03-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paybeagle.com/
Frame ID: ECBADE0237D68B80E39102680030DE72
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayBeagle | Home

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

459 kB
Transfer

454 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/PayBeagle
Title: Tweets by @PayBeagle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
paybeagle.com/ 3 KB
4 KB 329ms
48ms Document
text/html 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paybeagle.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx / PHP/7.4.28

Resource Hash

1f8da47a2403a2341c7d3fe60a83c0e913c6b713345a511b51fd74e9fd26e391

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Feb 2023 14:24:58 GMT
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.28
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK box-model-large.css
paybeagle.com/css/ 3 KB
4 KB 40ms
39ms Stylesheet
text/css 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paybeagle.com/css/box-model-large.css

Requested by

Host: paybeagle.com
URL: https://paybeagle.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0f05ccc9b0d79db0ba69d5451699fc08cfade5077d4ad56597ca755329e95

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybeagle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 14:24:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Mar 2015 16:30:10 GMT
Server: nginx
X-Content-Type-Options: nosniff
ETag: "550af992-d87"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Accept-Ranges: bytes
Content-Length: 3463
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK your-payments-made-easy.png
paybeagle.com/images/ 329 KB
330 KB 84ms
43ms Image
image/png 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paybeagle.com/images/your-payments-made-easy.png

Requested by

Host: paybeagle.com
URL: https://paybeagle.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx /

Resource Hash

2bba2e1f288a2ce58a6eace944a2ead521d2d47d1add946de5fceae972fb0499

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybeagle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 14:24:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 10 Mar 2015 12:09:48 GMT
Server: nginx
X-Content-Type-Options: nosniff
ETag: "54fedf0c-5238b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Accept-Ranges: bytes
Content-Length: 336779
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK box-model-small.css
paybeagle.com/css/ 3 KB
4 KB 125ms
51ms Stylesheet
text/css 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paybeagle.com/css/box-model-small.css

Requested by

Host: paybeagle.com
URL: https://paybeagle.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx /

Resource Hash

93153185fc1d0c40668cb29924bbdf296bb93aa0d8f7dbc20c0c12bcab2a038c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybeagle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 14:24:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Mar 2015 16:49:30 GMT
Server: nginx
X-Content-Type-Options: nosniff
ETag: "550afe1a-d85"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Accept-Ranges: bytes
Content-Length: 3461
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK box-model-medium.css
paybeagle.com/css/ 3 KB
4 KB 125ms
45ms Stylesheet
text/css 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paybeagle.com/css/box-model-medium.css

Requested by

Host: paybeagle.com
URL: https://paybeagle.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx /

Resource Hash

e104125a9dd2cdcb4bb648e6ee30ef9d8f4accb4fb243c6e5af530cd65a72ddc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybeagle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 14:24:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Mar 2015 16:49:11 GMT
Server: nginx
X-Content-Type-Options: nosniff
ETag: "550afe07-d85"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Accept-Ranges: bytes
Content-Length: 3461
X-XSS-Protection: 1; mode=block

GET widgets.js
platform.twitter.com/ 0
0

GET
H/1.1 200
OK futura-heavy.ttf
paybeagle.com/ 112 KB
113 KB 121ms
89ms Font
application/octet-stream 185.70.9.225
SANDYXHOSTING-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://paybeagle.com/futura-heavy.ttf

Requested by

Host: paybeagle.com
URL: https://paybeagle.com/css/box-model-large.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.70.9.225 Manchester, United Kingdom, ASN201536 (SANDYXHOSTING-AS Data Centre Plus, GB),

Reverse DNS

Software

nginx /

Resource Hash

775e1739ffb01fa7f86a1cbb2e3a11a0515e00ec923df24125388839178c4e08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paybeagle.com/css/box-model-large.css
Origin: https://paybeagle.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 14:24:58 GMT
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 10 Mar 2015 11:15:24 GMT
Server: nginx
X-Content-Type-Options: nosniff
ETag: "54fed24c-1c128"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Feature-Policy: geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Accept-Ranges: bytes
Content-Length: 114984
X-XSS-Protection: 1; mode=block

GET analytics.js
www.google-analytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'self'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	error	URL: https://paybeagle.com/(Line 37) Message: Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://paybeagle.com/(Line 54) Message: Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' data: ; object-src 'self' ; child-src 'self' ; connect-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paybeagle.com
platform.twitter.com
www.google-analytics.com
platform.twitter.com
www.google-analytics.com
185.70.9.225
1f8da47a2403a2341c7d3fe60a83c0e913c6b713345a511b51fd74e9fd26e391
2bba2e1f288a2ce58a6eace944a2ead521d2d47d1add946de5fceae972fb0499
775e1739ffb01fa7f86a1cbb2e3a11a0515e00ec923df24125388839178c4e08
93153185fc1d0c40668cb29924bbdf296bb93aa0d8f7dbc20c0c12bcab2a038c
e104125a9dd2cdcb4bb648e6ee30ef9d8f4accb4fb243c6e5af530cd65a72ddc
e3b0f05ccc9b0d79db0ba69d5451699fc08cfade5077d4ad56597ca755329e95

paybeagle.com Open in urlscan Pro 185.70.9.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

459 kBTransfer

454 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

15 Console Messages

Security Headers

Indicators

paybeagle.com Open in urlscan Pro
185.70.9.225 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

459 kB
Transfer

454 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions