urlscan.io logo urlscan.io
SecurityTrails logo

billsmaniax.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:363b::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://billsmaniax.000webhostapp.com/login.html
Effective URL: https://billsmaniax.000webhostapp.com/login.html
Submission Tags: phishing malicious Search All
Submission: On September 28 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a02:4780:dead:363b::1, located in United States and belongs to AWEX, CY. The main domain is billsmaniax.000webhostapp.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 4th 2022. Valid for: a year.
This is the only time billsmaniax.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
4 2a02:4780:dea... 204915 (AWEX)
5 151.101.130.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 192.229.221.25 15133 (EDGECAST)
1 2 64.4.245.84 17012 (PAYPAL)
3 151.101.1.35 54113 (FASTLY)
19 6
4    2a02:4780:dead:363b::1 (United States)

ASN204915 (AWEX, CY)
billsmaniax.000webhostapp.com
5    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
1    2606:4700::6813:b978 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
c.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
3    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
10 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5933
b.stats.paypal.com — Cisco Umbrella Rank: 5163
dub.stats.paypal.com — Cisco Umbrella Rank: 24402
t.paypal.com — Cisco Umbrella Rank: 3344
41 KB
5 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2268
40 KB
4 000webhostapp.com
billsmaniax.000webhostapp.com
50 KB
1 000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 628414
2 KB
19 4
Domain Requested by
5 c.paypal.com billsmaniax.000webhostapp.com
c.paypal.com
5 www.paypalobjects.com billsmaniax.000webhostapp.com
www.paypalobjects.com
4 billsmaniax.000webhostapp.com billsmaniax.000webhostapp.com
3 t.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 cdn.000webhost.com billsmaniax.000webhostapp.com
19 7

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
*.000webhostapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-04 -
2023-07-10		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-13		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh

This page contains 3 frames:

Primary Page: https://billsmaniax.000webhostapp.com/login.html
Frame ID: F10F73AB70EBBB1ADEE6FDF8079057DF
Requests: 14 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M
Frame ID: 25AEBB45052D111E31B30FFD1044210B
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: 7877619A2B50671683EEB5F92C16E258
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to your PayPal account

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

19
Requests

95 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

6
IPs

1
Countries

132 kB
Transfer

407 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M HTTP 302
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
billsmaniax.000webhostapp.com/ 		99 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:363b::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
bc5ab1488c4a8172eb283bea634cb8ee7f27c588670a0e2201fb5a70b743161c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 04:43:50 GMT
server
awex
x-content-type-options
nosniff
x-request-id
07a23b3501b594407a9c734f3f4452c8
x-xss-protection
1; mode=block
contextualLogin.css
www.paypalobjects.com/web/res/064/b5db45519f3ee9cacb3b28ada1570/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/web/res/064/b5db45519f3ee9cacb3b28ada1570/css/contextualLogin.css
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eecbb49d86d66528fc95012be4e808257ac8ae1602c98b921dac511697dc849f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
acfca0e290405
x-cache-hits
1, 1
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
13085
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10075-SJC, cache-ams21057-AMS
last-modified
Thu, 21 Jun 2018 07:18:40 GMT
traceparent
00-0000000000000000000acfca0e290405-5ab71b847206242c-01
x-timer
S1664340231.873254,VS0,VE1
etag
W/"5b2b5150-11ef4"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 06 Sep 2023 10:02:03 GMT
icon-PN-check.png
www.paypalobjects.com/images/shared/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon-PN-check.png
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
paypal-debug-id
a62b3a2ce2f32
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1238
x-served-by
cache-sjc10057-SJC, cache-ams21057-AMS
x-timer
S1664340231.873207,VS0,VE0
etag
"49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
29100, 3
glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
paypal-debug-id
b81b460757e6d
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1709
x-served-by
cache-sjc10073-SJC, cache-ams21057-AMS
x-timer
S1664340231.894006,VS0,VE0
etag
"e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
33979, 33707
pa.js
www.paypalobjects.com/pa/js/min/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/min/pa.js
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a4a8dfbe067cb759d312253f775e7f23f835f6974d470f40920f611413c9d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
774657e948e05
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
21560
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10082-SJC, cache-ams21057-AMS
last-modified
Wed, 14 Sep 2022 23:00:18 GMT
traceparent
00-0000000000000000000774657e948e05-328f6f9d29a43582-01
x-timer
S1664340231.894015,VS0,VE0
etag
W/"63225d02-dcf5"
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
2, 47048
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b978 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1353
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj
imgq:100,h2pri
x-hostinger-datacenter
srv
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
last-modified
Tue, 23 Aug 2022 11:07:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"6304b4e5-7fe"
strict-transport-security
max-age=2592000
content-type
image/webp
vary
Accept
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
7519d20b79499950-FRA
expires
Wed, 28 Sep 2022 08:43:50 GMT
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/064/b5db45519f3ee9cacb3b28ada1570/css/contextualLogin.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.paypalobjects.com/web/res/064/b5db45519f3ee9cacb3b28ada1570/css/contextualLogin.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
paypal-debug-id
1c098630023be
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
1932
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10065-SJC, cache-ams21057-AMS
last-modified
Fri, 24 Oct 2014 22:52:57 GMT
x-timer
S1664340231.929620,VS0,VE1
etag
W/"544ad849-1351"
strict-transport-security
max-age=31557600
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
341, 1
client-log
billsmaniax.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://billsmaniax.000webhostapp.com/signin/client-log
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:363b::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://billsmaniax.000webhostapp.com/login.html
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
ed4cfad1622dbebb3ae5e5c95b8aedf2
content-type
text/html; charset=UTF-8
challenge.js
billsmaniax.000webhostapp.com/auth/createchallenge/1f7e67994640ab05/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://billsmaniax.000webhostapp.com/auth/createchallenge/1f7e67994640ab05/challenge.js
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:363b::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://billsmaniax.000webhostapp.com/login.html
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
82923400ba6e7634a667c24e2c8e2560
content-type
text/html; charset=UTF-8
fb-all-prod.pp2.min.js
c.paypal.com/webstatic/r/fb/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC3A) /
Resource Hash
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
792597
x-cache
HIT
paypal-debug-id
bec3ca6a5bd71
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=4
dc
ccg11-origin-www-1.paypal.com
content-length
18440
last-modified
Sat, 13 Feb 2021 00:30:01 GMT
server
ECAcc (amc/BC3A)
traceparent
00-0000000000000000000bec3ca6a5bd71-2354e28edcf63517-01
etag
"60271d89-e7e3"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Sep 2022 04:43:51 GMT
client-log
billsmaniax.000webhostapp.com/signin/ 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://billsmaniax.000webhostapp.com/signin/client-log
Requested by
Host: billsmaniax.000webhostapp.com
URL: https://billsmaniax.000webhostapp.com/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:363b::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://billsmaniax.000webhostapp.com/login.html
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
x-xss-protection
1; mode=block
x-request-id
e8b3acedcf928e7734460443cc3d6c71
content-type
text/html; charset=UTF-8
counter2.cgi
dub.stats.paypal.com/v1/ Frame 25AE
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M
  • https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 04:43:51 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD1lMjc2NmRjZDhlMGQ0ZmI5OThmNDg5NmE4NDQ3OTdlNCZpPTc5LjEwNi4xMjYuMCZ0PTE1Mjk4NDcyMTcuNzgxJmE9MjEmcz1VTklGSUVEX0xPR0lOqozznX2w0G1T2SU2ax2ckzmaD_M
Date
Wed, 28 Sep 2022 04:43:51 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
i
c.paypal.com/v1/r/d/ Frame 7877 		187 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC36) /
Resource Hash
25fffe054cf7f48921658270315d75be019d52bf8e5fcdc59d8df79b1d5033e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://billsmaniax.000webhostapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
accept-ranges
bytes
age
72570
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
160
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
8faa215e190f0
date
Wed, 28 Sep 2022 04:43:51 GMT
last-modified
Tue, 27 Sep 2022 08:34:21 GMT
paypal-debug-id
8faa215e190f0
server
ECAcc (amc/BC36)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=3
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000008faa215e190f0-7bece3cb618b889c-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fb-all-prod.pp2.min.js
c.paypal.com/webstatic/r/fb/ Frame 7877 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC3A) /
Resource Hash
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
792597
x-cache
HIT
paypal-debug-id
bec3ca6a5bd71
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc
ccg11-origin-www-1.paypal.com
content-length
18440
last-modified
Sat, 13 Feb 2021 00:30:01 GMT
server
ECAcc (amc/BC3A)
traceparent
00-0000000000000000000bec3ca6a5bd71-2354e28edcf63517-01
etag
"60271d89-e7e3"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Sep 2022 04:43:51 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 7877 		125 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/359D) /
Resource Hash
e05457477e4a0f0ec92bd88147da55bb0d329514022868cf9685bb3bac35ee30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 04:43:50 GMT
correlation-id
540d553f95eeb
content-type
application/json
server
ECAcc (lhd/359D)
traceparent
00-0000000000000000000540d553f95eeb-ce139f0597167182-01
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
540d553f95eeb
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=200
timing-allow-origin
*
content-length
125
e
c.paypal.com/v1/r/d/b/ Frame 7877 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
correlation-id
d668b57c2f302
server
ECAcc (lhd/35E6)
traceparent
00-0000000000000000000d668b57c2f302-1c2bfd8fcf4aae70-01
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
d668b57c2f302
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=163
timing-allow-origin
*
ts
t.paypal.com/ 		42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.1&t=1664340231389&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&tmpl=unifiedloginnodeweb%2Fpublic%2Ftemplates%2FcontextualLoginView%2Fsignin.dust&pgst=1529847217718&calc=24a8af95a8e6a&rsta=en_US&pgtf=Nodejs&env=live&s=ci&csci=e2766dcd8e0d4fb998f4896a844797e4&comp=unifiedloginnodeweb&tsrce=authnodeweb&transition_name=ss_prepare_pwd&xe=2322%2C3182%2C3966%2C2977%2C3862%2C3465&xt=5566%2C7594%2C9474%2C7132%2C9227%2C8254&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&e=im&imsrc=setup&view=%7B%22t10%22%3A282%2C%22t11%22%3A791%2C%22tcp%22%3A594%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A150%7D&pt=Log%20in%20to%20your%20PayPal%20account&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=282&t1c=282&t1d=35&t1s=124&t2=122&t3=124&t4d=0&t4=0&t4e=2&tt=638&rdc=0&protocol=h2&res=%7B%7D&3p_vid=65585dd721353631&3p_fpti=78f35ff2a27f9f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:51 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
e9e77b25c3400
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn11532-HHN, cache-ams21058-AMS
pragma
no-cache
traceparent
00-0000000000000000000e9e77b25c3400-6e4ffe2859e4a7b5-01
x-timer
S1664340231.454279,VS0,VE191
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:43:51 GMT
ts
t.paypal.com/ 		42 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.1&t=1664340232391&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&tmpl=%2F%2Ft.paypal.&pgst=1529847217718&calc=24a8af95a8e6a&rsta=en_US&pgtf=Nodejs&env=live&s=ci&csci=e2766dcd8e0d4fb998f4896a844797e4&comp=unifiedloginnodeweb&tsrce=authnodeweb&transition_name=ss_prepare_pwd&xe=2322%2C3182%2C3966%2C2977%2C3862%2C3465&xt=5566%2C7594%2C9474%2C7132%2C9227%2C8254&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=t_paypal_cpl&t1=69&t1c=69&t1d=20&t1s=33&t2=205&t3=1&tt=275&protocol=h2&cdn=fastly&view=%7B%22t10%22%3A69%2C%22t11%22%3A275%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=65585dd721353631&3p_fpti=78f35ff2a27f9f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:52 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9edf64c10a38
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn11520-HHN, cache-ams21058-AMS
pragma
no-cache
traceparent
00-000000000000000000009edf64c10a38-fa307eeda4e57cf6-01
x-timer
S1664340232.386438,VS0,VE156
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:43:52 GMT
ts
t.paypal.com/ 		42 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.7.1&t=1664340232391&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&tmpl=%2F%2Fc.paypal.&pgst=1529847217718&calc=24a8af95a8e6a&rsta=en_US&pgtf=Nodejs&env=live&s=ci&csci=e2766dcd8e0d4fb998f4896a844797e4&comp=unifiedloginnodeweb&tsrce=authnodeweb&transition_name=ss_prepare_pwd&xe=2322%2C3182%2C3966%2C2977%2C3862%2C3465&xt=5566%2C7594%2C9474%2C7132%2C9227%2C8254&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&event_name=c_paypal_cpl&t1=1&t1c=0&t1d=0&t1s=0&t2=17&t3=1&tt=19&protocol=h2&cdn=edgecast&view=%7B%22t10%22%3A1%2C%22t11%22%3A19%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=65585dd721353631&3p_fpti=78f35ff2a27f9f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://billsmaniax.000webhostapp.com/login.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 04:43:52 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b8f09c3a599a6
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn4060-HHN, cache-ams21058-AMS
pragma
no-cache
traceparent
00-0000000000000000000b8f09c3a599a6-d7018e256545f00f-01
x-timer
S1664340232.386487,VS0,VE187
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:43:52 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| _ifpti function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage function| AjaxRequest string| PP_SERVICE_URL string| BASE_SWF_URL string| BEACON_BASE_URL string| PP_IFRAME_JS_URL string| PP_NEW_SERVICE_URL string| PP_VERSION object| Configuration object| PFB_4732Config object| PFB_4732 object| dataCollector object| fp undefined| runFb function| initTsFb object| jstz function| SwfStore function| SlvtStore

5 Cookies

Domain/Path Name / Value
.c.paypal.com/ Name: sc_f
Value: 9UnYg0xPGfsFVUPjcQiWkbh-cN5ICTuU9V-5Cy2ri5Qma0xZSTOTHtNxK3nmsTtJyNXScSjB8vKjrRhHJ3oewLa9uUAnqQla1BUdlm
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: 2yVwH0eEr0cSDgJitwEG3H-we331UzdicvOwm8guAi9_JCJ9Posa0NbQo43_a_ne9UL2e-XyNhP_utUp
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts_c
Value: vr%3D78f35ff2a27f9f8%26vt%3D65585dd721353631
.paypal.com/ Name: ts
Value: vreXpYrS%3D1759034632%26vteXpYrS%3D1664342032%26vr%3D78f35ff2a27f9f8%26vt%3D65585dd721353631

3 Console Messages

Source Level URL
Text
network error URL: https://billsmaniax.000webhostapp.com/signin/client-log
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://billsmaniax.000webhostapp.com/auth/createchallenge/1f7e67994640ab05/challenge.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://billsmaniax.000webhostapp.com/signin/client-log
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block