urlscan.io logo urlscan.io
SecurityTrails logo

paypal.cambridgeholiday.com Open in urlscan Pro
92.204.135.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paypal.cambridgeholiday.com/
Effective URL: https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
Submission Tags: phishing malicious Search All
Submission: On August 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 92.204.135.215, located in Warrenton, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is paypal.cambridgeholiday.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 24th 2021. Valid for: 3 months.
This is the only time paypal.cambridgeholiday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 92.204.135.215 398108 (GO-DADDY-...)
2 1
Apex Domain
Subdomains		 Transfer
3 cambridgeholiday.com
paypal.cambridgeholiday.com
1 KB
2 1
Domain Requested by
3 paypal.cambridgeholiday.com 1 redirects paypal.cambridgeholiday.com
2 1

This site contains no links.

Subject Issuer Validity Valid
paypal.cambridgeholiday.com
cPanel, Inc. Certification Authority		 2021-08-24 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
Frame ID: E09D76283EA3F3AB62FF9406A3B43C24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://paypal.cambridgeholiday.com/ Page URL
  2. https://paypal.cambridgeholiday.com/myaccount?key=aaa25d58885153d3bded6bc489c93f4cd51c6941 HTTP 301
    https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paypal.cambridgeholiday.com/ Page URL
  2. https://paypal.cambridgeholiday.com/myaccount?key=aaa25d58885153d3bded6bc489c93f4cd51c6941 HTTP 301
    https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
paypal.cambridgeholiday.com/ 		158 B
587 B 		Document
General
Check archive.org
Download Go to
Full URL
https://paypal.cambridgeholiday.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
92.204.135.215 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS
ns1006508.ip-92-204-135.us
Software
Apache /
Resource Hash
5bbd52c5e48c3702995a016f824ce15e762eed18458f5d0235f8bdceb51d39a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
paypal.cambridgeholiday.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 09:25:59 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=4e296a3717827eb3fdf36149d341010c; path=/
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
158
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set /
paypal.cambridgeholiday.com/myaccount/
Redirect Chain
  • https://paypal.cambridgeholiday.com/myaccount?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
  • https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
194 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
Requested by
Host: paypal.cambridgeholiday.com
URL: https://paypal.cambridgeholiday.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
92.204.135.215 Warrenton, United States, ASN398108 (GO-DADDY-COM-LLC, US),
Reverse DNS
ns1006508.ip-92-204-135.us
Software
Apache /
Resource Hash
afca372f9959cb6c46bde573d25172c1b223dac52cba20ffad3c8fc2ea09cc8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
paypal.cambridgeholiday.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://paypal.cambridgeholiday.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://paypal.cambridgeholiday.com/

Response headers

Date
Tue, 24 Aug 2021 09:26:00 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=f8cba87988a4796afbb78b839685125e; path=/
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
194
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 24 Aug 2021 09:26:00 GMT
Server
Apache
Location
https://paypal.cambridgeholiday.com/myaccount/?key=aaa25d58885153d3bded6bc489c93f4cd51c6941
Content-Length
299
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
paypal.cambridgeholiday.com/ Name: PHPSESSID
Value: f8cba87988a4796afbb78b839685125e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paypal.cambridgeholiday.com
92.204.135.215
5bbd52c5e48c3702995a016f824ce15e762eed18458f5d0235f8bdceb51d39a9
afca372f9959cb6c46bde573d25172c1b223dac52cba20ffad3c8fc2ea09cc8e