firetechgulf.com Open in urlscan Pro
192.186.196.71  Malicious Activity! Public Scan

Submitted URL: http://firetechgulf.com/z/paypal.com.au
Effective URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/
Submission: On June 25 via manual from US

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 13 HTTP transactions. The main IP is 192.186.196.71, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is firetechgulf.com.
This is the only time firetechgulf.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
4 14 192.186.196.71 26496 (AS-26496-...)
3 195.123.213.249 50979 (ITL-)
13 2
Apex Domain
Subdomains
Transfer
14 firetechgulf.com
firetechgulf.com
117 KB
13 1
Domain Requested by
14 firetechgulf.com 4 redirects firetechgulf.com
13 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/
Frame ID: 14764DB53096B0BDF0912DBB2DED3EC6
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://firetechgulf.com/z/paypal.com.au HTTP 301
    http://firetechgulf.com/z/paypal.com.au/ HTTP 302
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e HTTP 301
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/ HTTP 302
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /angular.*\.js/i
  • env /^angular$/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

117 kB
Transfer

361 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://firetechgulf.com/z/paypal.com.au HTTP 301
    http://firetechgulf.com/z/paypal.com.au/ HTTP 302
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e HTTP 301
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/ HTTP 302
    http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/
Redirect Chain
  • http://firetechgulf.com/z/paypal.com.au
  • http://firetechgulf.com/z/paypal.com.au/
  • http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e?
  • http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/?
  • http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
46 KB
9 KB
Document
General
Full URL
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache / PHP/5.4.45
Resource Hash
315200f08ee3fe87434223a68414272bd61d5c3ab0f9c241795574c02b9d5111

Request headers

Host
firetechgulf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
bid=e958211a8a4d92777391575b76ec9d2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
14764DB53096B0BDF0912DBB2DED3EC6

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
9059
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Mon, 25 Jun 2018 16:49:12 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Set-Cookie
bid=e958211a8a4d92777391575b76ec9d2e
location
login/?
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html
jquery.min.js
firetechgulf.com/z/paypal.com.au/bower_components/jquery/dist/
85 KB
30 KB
Script
General
Full URL
http://firetechgulf.com/z/paypal.com.au/bower_components/jquery/dist/jquery.min.js
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 14:26:56 GMT
Server
Apache
ETag
"7980d3c-1538f-56335fd33cc00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
30307
font-awesome.min.css
firetechgulf.com/z/paypal.com.au/bower_components/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
http://firetechgulf.com/z/paypal.com.au/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2017 04:29:24 GMT
Server
Apache
ETag
"7980e06-7918-54cb44da47100-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
7053
index.css
firetechgulf.com/z/paypal.com.au/login/
19 KB
5 KB
Stylesheet
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/index.css
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
47e6fda875d813f1857c2e4c2d8a589844c1a90cb69b52132c57a1d6b38856b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Nov 2016 09:02:18 GMT
Server
Apache
ETag
"7980e3f-4df1-54116dd185a80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4614
angular.min.js
firetechgulf.com/z/paypal.com.au/bower_components/angular/
165 KB
58 KB
Script
General
Full URL
http://firetechgulf.com/z/paypal.com.au/bower_components/angular/angular.min.js
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Aug 2017 14:37:28 GMT
Server
Apache
ETag
"7962f8e-2937c-5570811783a00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
css.css
firetechgulf.com/z/paypal.com.au/login/
2 KB
930 B
Stylesheet
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/css.css
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
51874b152cfbb53e2383b9ba00071055f330ddf317f9b9a92c1e3e081d679753

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Sep 2017 12:45:08 GMT
Server
Apache
ETag
"7980e49-6b3-55a02edb43d00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
600
form.js
firetechgulf.com/z/paypal.com.au/login/
4 KB
2 KB
Script
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/form.js?v=5b311d091c151
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
7087ac9607bd867220dbc2da783dca6623a2ab4add6c3085cca705bfc30653f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 13:16:54 GMT
Server
Apache
ETag
"7980e3b-e94-56c66a62d3d80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1319
ng.js
firetechgulf.com/z/paypal.com.au/login/
1 KB
993 B
Script
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/ng.js?v=5b311d091c18a
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
2f0271c8e591a1a79bc2ce0c44087747404f34d5416f9613f3ebcf470fff4a78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 13:23:32 GMT
Server
Apache
ETag
"7980e51-5a9-56c66bde63d00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
649
token.js
firetechgulf.com/z/paypal.com.au/login/
4 KB
1 KB
Script
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/token.js?v=5b311d091c1c1
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
ff940a5655478c91139fc042c8ab0fac0ec8227ccdcd64d5ff0056ff68f3499a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Mar 2018 09:11:54 GMT
Server
Apache
ETag
"7980e4a-f80-5673388764a80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1022
token.php
195.123.213.249/mydick/gates/
65 B
274 B
Script
General
Full URL
http://195.123.213.249/mydick/gates/token.php?link=pp&bid=e958211a8a4d92777391575b76ec9d2e&callback=jQuery331004965564375349074_1529945353405&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1529945353406
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Server
195.123.213.249 , Ukraine, ASN50979 (ITL-, LV),
Reverse DNS
vds-shellycolmanl72-162414.hosted-by-itldc.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c535f53ec119185beb92eb66b039dcb2647e146791a78cae902c33d40a1d811f

Request headers

Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
65
Content-Type
text/javascript;charset=UTF-8
token.php
195.123.213.249/mydick/gates/
58 B
267 B
Script
General
Full URL
http://195.123.213.249/mydick/gates/token.php?link=pp&bid=e958211a8a4d92777391575b76ec9d2e&callback=jQuery331004965564375349074_1529945353407&data=%7B%22mes%22%3A%22User%20curently%20on%20the%20login%20page%22%7D&_=1529945353408
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Server
195.123.213.249 , Ukraine, ASN50979 (ITL-, LV),
Reverse DNS
vds-shellycolmanl72-162414.hosted-by-itldc.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
53dfddc6d20367d2c63d217010ca1958ab5b5dd34edc1608d3c96f80206e95af

Request headers

Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
58
Content-Type
text/javascript;charset=UTF-8
paypal-logo-129x32.svg
firetechgulf.com/z/paypal.com.au/login/
5 KB
2 KB
Image
General
Full URL
http://firetechgulf.com/z/paypal.com.au/login/paypal-logo-129x32.svg
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
Protocol
HTTP/1.1
Server
192.186.196.71 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-192-186-196-71.ip.secureserver.net
Software
Apache /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
firetechgulf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://firetechgulf.com/z/paypal.com.au/login/index.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://firetechgulf.com/z/paypal.com.au/login/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Nov 2016 06:21:38 GMT
Server
Apache
ETag
"7980e41-1351-541149e81a080-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1929
token.php
195.123.213.249/mydick/gates/
65 B
273 B
Script
General
Full URL
http://195.123.213.249/mydick/gates/token.php?link=pp&bid=e958211a8a4d92777391575b76ec9d2e&callback=jQuery331004965564375349074_1529945353407&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1529945353409
Requested by
Host: firetechgulf.com
URL: http://firetechgulf.com/z/paypal.com.au/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Server
195.123.213.249 , Ukraine, ASN50979 (ITL-, LV),
Reverse DNS
vds-shellycolmanl72-162414.hosted-by-itldc.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
763528752fc4552c96d36b1bd61d36210d08853f1c396716389c2d8b36a7778b

Request headers

Referer
http://firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e/login/?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 16:49:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
65
Content-Type
text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| angular string| bid object| php_js string| el object| cookies object| loader_ function| send1 function| login_proxy object| lngs string| lenguage object| lng object| app object| bider_obj object| last_respond undefined| last_operation object| respond object| CORE__ object| REST_FN__ number| bidder_timer

1 Cookies

Domain/Path Name / Value
firetechgulf.com/z/paypal.com.au/e958211a8a4d92777391575b76ec9d2e Name: bid
Value: e958211a8a4d92777391575b76ec9d2e