URL: http://paypal.wallet-activation.com/3D-Security.php
Submission: On July 16 via automatic, source openphish

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 198.54.114.150, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is paypal.wallet-activation.com.
This is the only time paypal.wallet-activation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.114.150 22612 (NAMECHEAP...)
2 163.172.224.36 12876 (AS12876)
2 163.172.224.35 12876 (AS12876)
5 3
Domain Requested by
2 e.top4top.net paypal.wallet-activation.com
2 f.top4top.net paypal.wallet-activation.com
1 paypal.wallet-activation.com
5 3

This site contains no links.

Subject Issuer Validity Valid
*.top4top.net
AlphaSSL CA - SHA256 - G2
2017-03-03 -
2018-03-04
a year crt.sh

This page contains 1 frames:

Primary Page: http://paypal.wallet-activation.com/3D-Security.php
Frame ID: 10054.1
Requests: 5 HTTP requests in this frame

Screenshot


Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

69 kB
Transfer

263 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3D-Security.php
paypal.wallet-activation.com/
206 KB
12 KB
Document
General
Full URL
http://paypal.wallet-activation.com/3D-Security.php
Protocol
HTTP/1.1
Server
198.54.114.150 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
server210-1.web-hosting.com
Software
Apache / PHP/5.6.31
Resource Hash
6c3afeb01dfdfe9013583cfc94e1580da3528da6bd659a4ec46d9150cd2ea520

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 16 Jul 2017 13:42:46 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.31
Content-Length
12470
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p_507i77651.gif
f.top4top.net/
1 KB
1 KB
Image
General
Full URL
https://f.top4top.net/p_507i77651.gif
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/3D-Security.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.36 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn06.top4top.net
Software
HotCores /
Resource Hash
f6639daf17f1a0059039339d133150ff56a5790bd5610ef890740638a8702e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/3D-Security.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17532221x
Date
Sun, 16 Jul 2017 13:42:46 GMT
Last-Modified
Mon, 22 May 2017 12:02:31 GMT
Server
HotCores
ETag
"5922d357-4cd"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/gif
Cache-Control
max-age=7200
Content-Disposition
inline; filename="cvv_visa.gif"
Connection
close
Accept-Ranges
bytes
Content-Length
1229
Expires
Sun, 16 Jul 2017 15:42:46 GMT
p_5074rlc61.png
f.top4top.net/
13 KB
13 KB
Image
General
Full URL
https://f.top4top.net/p_5074rlc61.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/3D-Security.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.36 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn06.top4top.net
Software
HotCores /
Resource Hash
bad93bb8f66df081c06d605e812839a5b6fd444bc413343cab7c17f378cc97a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/3D-Security.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17532191x
Date
Sun, 16 Jul 2017 13:42:46 GMT
Last-Modified
Mon, 22 May 2017 12:00:05 GMT
Server
HotCores
ETag
"5922d2c5-340a"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="320%20Secu.png"
Connection
close
Accept-Ranges
bytes
Content-Length
13322
Expires
Sun, 16 Jul 2017 15:42:46 GMT
p_5076dfp71.png
e.top4top.net/
24 KB
24 KB
Image
General
Full URL
https://e.top4top.net/p_5076dfp71.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/3D-Security.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.35 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
e.top4top.net
Software
HotCores /
Resource Hash
82678a8a369cf3b2271ddf914dc23c7d0b3311d9221105354cc574d1bc9c62d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/3D-Security.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17532226x
Date
Sun, 16 Jul 2017 13:42:46 GMT
Last-Modified
Mon, 22 May 2017 12:02:53 GMT
Server
HotCores
ETag
"5922d36d-6024"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="norton_secured_seal-big.png"
Connection
close
Accept-Ranges
bytes
Content-Length
24612
Expires
Sun, 16 Jul 2017 15:42:46 GMT
p_507cc1pr1.png
e.top4top.net/
19 KB
19 KB
Image
General
Full URL
https://e.top4top.net/p_507cc1pr1.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/3D-Security.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.35 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
e.top4top.net
Software
HotCores /
Resource Hash
0879632bc7859e18a65d9516f2a9db2b17781a1a33d9ec3874878ce4d3d27354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/3D-Security.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17532244x
Date
Sun, 16 Jul 2017 13:42:46 GMT
Last-Modified
Mon, 22 May 2017 12:03:53 GMT
Server
HotCores
ETag
"5922d3a9-4bdd"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="Untitled-4.png"
Connection
close
Accept-Ranges
bytes
Content-Length
19421
Expires
Sun, 16 Jul 2017 15:42:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies