paypall.vertysbos.top Open in urlscan Pro
190.123.44.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paypall.vertysbos.top/
Submission Tags: @phishunt_io
Submission: On January 06 via api (January 6th 2024, 4:14:21 pm UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 190.123.44.108, located in Panama and belongs to Panamaserver.com, PA. The main domain is paypall.vertysbos.top.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.

This is the only time paypall.vertysbos.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	190.123.44.108 190.123.44.108	52284 (Panamaser...) (Panamaserver.com)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.122.218.248 3.122.218.248	16509 (AMAZON-02) (AMAZON-02)
17	5

8 190.123.44.108 (Panama)

ASN52284 (Panamaserver.com, PA)

paypall.vertysbos.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com

getyourapi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	vertysbos.top paypall.vertysbos.top	161 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	150 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
1	getyourapi.site getyourapi.site	513 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
17	5

	Domain	Requested by
8	paypall.vertysbos.top	paypall.vertysbos.top
5	cdnjs.cloudflare.com	paypall.vertysbos.top cdnjs.cloudflare.com
2	connect.facebook.net	paypall.vertysbos.top connect.facebook.net
1	getyourapi.site	cdnjs.cloudflare.com
1	www.facebook.com	paypall.vertysbos.top
17	5

This site contains no links.

Subject Issuer	Validity	Valid
paypall.vertysbos.top R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-15` - `2024-01-13`	3 months	crt.sh
getyourapi.site R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paypall.vertysbos.top/
Frame ID: 7E7A31108B4EC648D5BE3DDFDBCA154C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wczoraj nim zapłaciliśmy, a dziś możesz na nim zarobić setki tysięcy euro.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

401 kB
Transfer

973 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paypall.vertysbos.top/ 43 KB
10 KB 2879ms
823ms Document
text/html 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 7d4fabd7e763d2697dc9b5bdc4d84cd6c6592e2a660343f7a9116ff31786a5e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 06 Jan 2024 16:14:15 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding Accept-Encoding

GET
H2 200 common.css
paypall.vertysbos.top/prelanding/bp/index_files/ 6 KB
2 KB 635ms
634ms Stylesheet
text/css 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paypall.vertysbos.top/prelanding/bp/index_files/common.css
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 6b284ebd49ff3b9362a7f8cffd7d76df65e71a26734591193d998bb8252a3a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css

GET
H2 200 form.css
paypall.vertysbos.top/prelanding/bp/index_files/ 3 KB
1 KB 635ms
635ms Stylesheet
text/css 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paypall.vertysbos.top/prelanding/bp/index_files/form.css
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 471e5de3a7905782c21a3313912f2db7b8f070f3a7d81fc8b76ac5ebc7b7b60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css

GET
H2 200 1.webp
paypall.vertysbos.top/prelanding/img/ 39 KB
39 KB 634ms
634ms Image
image/webp 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypall.vertysbos.top/prelanding/img/1.webp
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: f6d58d9c58c9ba45e83e7865af525ff32b69dbb9e00e1dc0071f980a5e20813c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:15 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 2.webp
paypall.vertysbos.top/prelanding/img/ 33 KB
33 KB 494ms
493ms Image
image/webp 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypall.vertysbos.top/prelanding/img/2.webp
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: 109c9c098e8cdf1de5d89bdb68fa288a1c8bb3d9739387684c09dcee96a449d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:15 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 3.webp
paypall.vertysbos.top/prelanding/img/ 31 KB
31 KB 519ms
518ms Image
image/webp 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypall.vertysbos.top/prelanding/img/3.webp
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: bfc958a31437d2ee90f1307b6febfbd5aa07bea69b273a128a986fea67556773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 4.webp
paypall.vertysbos.top/prelanding/img/ 44 KB
44 KB 506ms
504ms Image
image/webp 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypall.vertysbos.top/prelanding/img/4.webp
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: e505b683ef9abb59490a064d6b6cabeafdf5148d9840a1a5c3c66157ed558887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
server: openresty
vary: Accept-Encoding
content-type: image/webp

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 41ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4513729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6X4WLvfb9y5dSJv7FHs5erorE9RdwXu14qxjAykt4rpWcbiRyc09eRf2GS9%2BZdzj78M4wWO2kuDQ%2Bao4gWxWr3msxh0%2Br2K38VMC1IdMa9V16oD9L2evO9nScSqEEoMSK2ksA7CpM1sgabo7SdEGPlL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841540c6a939bb67-FRA
expires: Thu, 26 Dec 2024 16:14:16 GMT

GET
H2 200 main.js Show response
paypall.vertysbos.top/prelanding/bp/index_files/ 735 B
547 B 514ms
513ms Script
application/javascript 190.123.44.108
Panamaserver.com

General

Check archive.org

Show headers Download Go to

Full URL: https://paypall.vertysbos.top/prelanding/bp/index_files/main.js
Requested by: Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 190.123.44.108 , Panama, ASN52284 (Panamaserver.com, PA),
Reverse DNS
Software: openresty /
Resource Hash: f4d919f69f45f252babcb11b4bdc009cf6133d83108cae77d437af82216de5f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 intlTelInput.min.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/ 19 KB
2 KB 38ms
20ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css

Requested by

Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3319462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1820
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836ba-4ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15O0mpaPHf5YBOge1T0nqhUjpl8QEBUoqLYurNx1TyjJpJborobqvHz2uEhq1%2Bdrj6PajrWSCmSsCeB0IMZ6ZtQsyzNCZIprpM84iZz3%2F9A7GpQbKrYvo09cuefFkqP%2BUwTQE%2BiKZU6Ue%2BlSj35JdgdT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841540c6a93abb67-FRA
expires: Thu, 26 Dec 2024 16:14:16 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/ 29 KB
9 KB 37ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js

Requested by

Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3418895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8967
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836ba-7351"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWdFEmk5pv4lC8UNcjkyvkvnv3HItZzmujbH0zZo7M%2BYXk5yKbROHky0Fugibio2MAQnAzaAUzkkIPcts1DAXDYWhNq7VF8LTHAWFXBE4f00Jh9ZYmbPtFAyccbZR7hLpaH2WIG4Fnkj%2Fk3ciHHCFp0U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841540c6a93bbb67-FRA
expires: Thu, 26 Dec 2024 16:14:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 31ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 16:14:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: s7Wuyr6QUdod2otRcKdUHs3Q1jR6oQghkJEsZKZZdqgG4V9vMZbadFKO7N4ZlsTARr1DWACoQYqGPNLv4/aBFg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1138676334183334 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1138676334183334?v=2.9.139&r=stable&domain=paypall.vertysbos.top

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc2412f861cf812788d51c88c86ab94a9f21d1d3e516501e184f47d5bbcda8d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 16:14:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JL+BnHvyiS3zY0INhXBwe/8wrt8sd6u0CU08xnZ5I8NUVfjL5IZeyxPb7OAbDdKXJBCQO+S9xlF5MFK/6kyYsA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1138676334183334&ev=PageView&dl=https%3A%2F%2Fpaypall.vertysbos.top%2F&rl=&if=false&ts=1704557656241&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704557656240.2031700269&ler=empty&it=1704557656153&coo=false&rqm=GET

Requested by

Host: paypall.vertysbos.top
URL: https://paypall.vertysbos.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 16:14:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 geolocation Show response
getyourapi.site/api/ 102 B
513 B 54ms
19ms XHR
application/json 3.122.218.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getyourapi.site/api/geolocation
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software: openresty / Express
Resource Hash: 17565727998e20d5d21af6c6f8507c57f0daf1dd361bcbef8c7248785eb390e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://paypall.vertysbos.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
server: openresty
x-powered-by: Express
etag: W/"66-tAWlCG2ve5RlWmHZaBZ9UqFo7yM"
access-control-max-age: 600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paypall.vertysbos.top
access-control-expose-headers: content-type, authorization, x-request-id
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 102
x-request-id: dddd2e36-0348-4019-97a5-b34bbc99d7d9

GET
H2 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/ 66 KB
66 KB 17ms
17ms Image
image/png 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3158400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 67650
last-modified: Sat, 13 Feb 2021 20:30:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "602836d0-1083d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lqv%2Bzjx4VDXfwnuTrL9fOc7tBN%2Fxkd0YuSQs4zLUECcA34ZFw%2FmYjRiq2rMTfksT6wQ0H9oiqIuzi3%2FbMgpCcvv2acbij4KsoMuiSOrmuhxa8luoxzRngbwQBYc0tQiEnTG6t%2FgpyJ5vdH%2BkZx88QCg"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841540ca2be7bb67-FRA
expires: Thu, 26 Dec 2024 16:14:16 GMT

GET
H3 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/ 240 KB
45 KB 15ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/utils.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paypall.vertysbos.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3249626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44956
last-modified: Sat, 13 Feb 2021 20:31:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6028372e-3bf7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5XkBOkVzHGL5Fa4aBSIPXQdQKOwquluSCiZgsEcLTWs1Pt%2F7xyRY8GFQtIlv1r4YV6pkvHQkYCBOON9WtpfoBp3elVlJClPEjY7i8AcUq%2BIXv2sNQbi3Vf%2B63YVlbgZPsYhfns5CHWNN%2B4fkqXC2zMI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841540cb9f6b360a-FRA
expires: Thu, 26 Dec 2024 16:14:16 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vertysbos.top/	1970-01-20 19:38:53	Name: _fbp Value: fb.1.1704557656240.2031700269

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
getyourapi.site
paypall.vertysbos.top
www.facebook.com
190.123.44.108
2606:4700::6811:180e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.122.218.248
109c9c098e8cdf1de5d89bdb68fa288a1c8bb3d9739387684c09dcee96a449d3
17565727998e20d5d21af6c6f8507c57f0daf1dd361bcbef8c7248785eb390e8
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
471e5de3a7905782c21a3313912f2db7b8f070f3a7d81fc8b76ac5ebc7b7b60b
6b284ebd49ff3b9362a7f8cffd7d76df65e71a26734591193d998bb8252a3a58
7d4fabd7e763d2697dc9b5bdc4d84cd6c6592e2a660343f7a9116ff31786a5e3
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
bfc958a31437d2ee90f1307b6febfbd5aa07bea69b273a128a986fea67556773
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
dc2412f861cf812788d51c88c86ab94a9f21d1d3e516501e184f47d5bbcda8d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e505b683ef9abb59490a064d6b6cabeafdf5148d9840a1a5c3c66157ed558887
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
f4d919f69f45f252babcb11b4bdc009cf6133d83108cae77d437af82216de5f2
f6d58d9c58c9ba45e83e7865af525ff32b69dbb9e00e1dc0071f980a5e20813c
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

paypall.vertysbos.top Open in urlscan Pro 190.123.44.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

401 kBTransfer

973 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Indicators

paypall.vertysbos.top Open in urlscan Pro
190.123.44.108 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

401 kB
Transfer

973 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions