www.paypal.verification.newscorridor.in
Open in
urlscan Pro
103.242.119.69
Malicious Activity!
Public Scan
Submission: On April 16 via automatic, source phishtank
Summary
This is the only time www.paypal.verification.newscorridor.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 103.242.119.69 103.242.119.69 | 45854 (TRIMAXITI...) (TRIMAXITINFRA-IN 2nd Floor) | |
21 | 2.18.233.20 2.18.233.20 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
2 | 2.21.161.21 2.21.161.21 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
32 | 4 |
ASN45854 (TRIMAXITINFRA-IN 2nd Floor, Universal Building Mill Compound, IN)
PTR: server3.pingstack.com
www.paypal.verification.newscorridor.in |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
www.paypalobjects.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
www.paypal.com | |
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
paypalobjects.com
www.paypalobjects.com |
680 KB |
10 |
newscorridor.in
1 redirects
www.paypal.verification.newscorridor.in |
583 KB |
2 |
paypal.com
www.paypal.com t.paypal.com |
10 KB |
32 | 3 |
Domain | Requested by | |
---|---|---|
21 | www.paypalobjects.com |
www.paypal.verification.newscorridor.in
|
10 | www.paypal.verification.newscorridor.in |
1 redirects
www.paypal.verification.newscorridor.in
|
1 | t.paypal.com | |
1 | www.paypal.com |
www.paypal.verification.newscorridor.in
|
32 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington/
Frame ID: 853ABA6EE334284D1146C6BC83A66D5
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington
HTTP 301
http://www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
PayPal (Payment Processors) Expand
Detected patterns
- env /^PAYPAL$/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington
HTTP 301
http://www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/Bank/huntington/ Redirect Chain
|
45 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.paypal.verification.newscorridor.in/Paypal/home/css/ |
178 KB 178 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/js/ |
84 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.js
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/js/ |
47 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.v-form.js
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.js
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/js/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G-Z118.css
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/css/ |
195 KB 195 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
B-Z118.css
www.paypal.verification.newscorridor.in/Paypal/home/myaccount/lib/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
app-service-nav.ltr.css
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/css/ |
258 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
paypal-sans.css
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/css/ |
4 KB 606 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wallet.ltr.css
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/css/ |
175 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
af9b426d7e4e79cf69efc9d9c2afcead.js
www.paypalobjects.com/tagmgmt/codefiles/ |
2 KB 876 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
embed.js
www.paypal.com/search/js/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
vx-header-footer.min.css
www.paypalobjects.com/ui-web/vx-pattern-lib/2-7-9-consumer/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1.1.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/js/apps/ |
650 KB 163 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ajaxError.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/widgets/ |
1 KB 842 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
dust-templates.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/ |
2 MB 232 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
languagepack.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/locales/US/en/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
overpanel.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/widgets/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
banks.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/wallet/ |
14 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
alertMsg.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/widgets/ |
227 B 468 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
creditDebitCards.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/wallet/ |
13 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
savedOffers.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/wallet/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
walletAlertDialogs.js
www.paypalobjects.com/web/res/dec/20e7b06d236a51c925e9c2cc70c12/templates/US/en/wallet/ |
16 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n.css
www.paypal.verification.newscorridor.in/Paypal/home/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pa.js
www.paypalobjects.com/pa/js/min/ |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
610 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
PayPalSansBig-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
38 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
sprite_bank_logos.png
www.paypalobjects.com/webstatic/sprite/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ConsumerIcons-Regular.woff
www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ |
35 KB 35 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
PayPalSansBig-Medium.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
39 KB 39 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
PayPalSansBig-Light.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
37 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 728 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery boolean| isLessthanIE10 function| onSearchLoad function| PaypalSitewideSearch object| searchClient object| PAYPAL object| fpti string| fptiserverurl object| dataLayer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
t.paypal.com
www.paypal.com
www.paypal.verification.newscorridor.in
www.paypalobjects.com
103.242.119.69
2.18.233.20
2.21.161.21
1b396ed53e76c547685aee9e3a69d82ec87a76180e7fbb23769d3e8074f76e69
20db92851a8f3fcb35ca958f6347ee6857381650e2de95cd132d223b8ea877a1
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
265824c6bea009a5ea14bfd4806ba47c712770646a86ff14ef99f380378291ac
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
2b1d89b0685427c4f90517d223cbc0a240a1fd74c60f003d71812a280b65f13a
30bc1b11f0e0c0106b7375a97f264d9c24116e7a31a35de783d84599b4af7548
3ceaec66635047efaf5889ed5605bef6bf7d3c75d96ab71921a466cb42dcb0cd
400bbeedc9cb7c6424872b243b3f003ceac019c17fcfad8f9a2ada381de6e6b7
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
4bc770c642f016d705f567f136f9d3df6eb2b10f940c82fbd5ddf274cc8d11cc
5ca63f9d668f1d38e6a85f426704c402571f11b25e54cabc0814c9079e77fc4a
665551090901038f16d04c4d54df1a8a5cc4c53d48235d717963d61d9588aa87
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f0c2094203ea363f3936369e52f056728f03b240fa837dbf4260c0b796557c8
6f6068a72bc75fc107a05edbdf47a7d614c387dbf33d5c959202ff294800823b
6f6a67c79d12fa627d6464fa05b5a3e1c4f5f871e9921eea3eeef807f6208df8
707b984c5c13152e4eaff00bb6000a9e3050a0a086030d2a25525c8dd2bd536e
a60ee34c366a9e1f00e1a5938d6d3455207c7db4cf9e2f8e0c7fc5531a625707
b079e12e67f7dd8ea3dd12c910e68f566bf3708e7ef20b876a9c38d52ff76d4b
be3251b34308c826c2548f0c4d6186d08f62c9a7f710d9c313a579b0682b9aa9
c6c94c9eaefd52e7d69296e0a56e93c77406187f5b76d9b8967d516108a8b66b
c791f29a6b5f68dc6b139c2802a3a60840a8aa754ce61fcffaf73f5f1bc96d4a
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
d399edb2cdd5267896ba82e1ffe5ce0ecc9497d129757bd832c81359d7cd1af7
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
d81ada33bf99f29765861977f91134d15b14eddd282abead90a4421e753c7014
db39a023575ee000c45dd62050708dc33656f6665f2b85f37c86d54168037803
ead4fb25e471117a3e895219e26c76d40af27f753d6ba04b74a179ea06801a95
eb1cdb484ee2a006956c5cf2e9865b29fa5bf983006ca585ba926d22ef0f1785
f24c194f2653ae7b859e8b5af8da641739fc3e8bfdd6122541aaa02b46f419fb
fc4d0ebd8564f38a7895b7942a87b7fe9b233d568547dddc04d3b66dbb39cf79
fe706dcce96bdc0838b1490c7f93dd4e74611ac7edad4f28b073344a291b1718