![](/screenshots/432e34b4-719d-4867-8538-a3e1af671210.png)
jantelyro.com
Open in
urlscan Pro
185.185.135.145
Malicious Activity!
Public Scan
Submission: On September 22 via automatic, source openphish
Summary
This is the only time jantelyro.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 185.185.135.145 185.185.135.145 | 206446 (ACTIVECLOUD) (ACTIVECLOUD) | |
1 1 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 185.199.110.153 185.199.110.153 | 54113 (FASTLY) (FASTLY - Fastly) | |
17 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
jantelyro.com
jantelyro.com |
598 KB |
2 |
jquerycreditcardvalidator.com
1 redirects
jquerycreditcardvalidator.com |
38 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | jantelyro.com |
jantelyro.com
|
2 | jquerycreditcardvalidator.com | 1 redirects |
17 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
paypall.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jquerycreditcardvalidator.com Let's Encrypt Authority X3 |
2018-08-30 - 2018-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/wallet.php
Frame ID: BF6B462C33F18859DC8B25AE12B4A229
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/432e34b4-719d-4867-8538-a3e1af671210.png)
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
![](/vendor/wappa/icons/OWL Carousel.png)
Detected patterns
- html /<link [^>]*href="[^"]+owl.carousel(?:\.min)?\.css/i
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- html /<link [^>]*href="[^"]+owl.carousel(?:\.min)?\.css/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- http://jquerycreditcardvalidator.com/images/images.png HTTP 301
- https://jquerycreditcardvalidator.com/images/images.png
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/ |
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
115 KB 115 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
34 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.carousel.min.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.theme.default.min.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
75 KB 75 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/css/ |
40 B 279 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.2.min.js
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/js/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6666666.png
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/js/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/js/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/js/ |
31 B 284 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signup_default.jpg
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/img/ |
157 KB 158 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bgpb_3dsecure.jpg
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/img/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
images.png
jquerycreditcardvalidator.com/images/ Redirect Chain
|
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Helvetica.woff2
jantelyro.com/Summary/2c1ec2f8c7404a38973060acb1598e90/fonts/Helvetica/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| AvoidSpace object| jQuery1122028724138467606886 object| Prism number| myVar function| myFunction function| showPage1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jantelyro.com/ | Name: PHPSESSID Value: 470hsp8o1n25089ccsarutmk11 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
jantelyro.com
jquerycreditcardvalidator.com
185.185.135.145
185.199.110.153
185.199.111.153
19a0382e08889e1cb7790084bb2f037ff3f39d5bd838d2cbc4607e35aaea013c
475b84d869640a79650d0a53cd6d522e5fdf23c2c4a03a6e35bf57a2389f7320
47e7fa829544f3aa9f59dff9b96aad548854220a37b796847acedbe07ff4e706
7bbf19c2ce969e8eb6e42d46efc950062f559d964e2bbdabdac5ec835c3f0c27
7cbb5dce46c71ccd58356f61c6b6ade5ccc65fa7eb3c546d37c60329f5ed2c5a
8a51bbc56b6a86dccd3af9b326801b0660ed883308a27ab9b37c8ae2189223d0
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
9ceb5dd891dff8f07c58095008fddd13dad862305a475e3971bed6eea1708cad
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
c53e3f6456e69e285fef5c946418dc4716dc01dd4d3afd5dca4139bbc21f0753
c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13
d37f0718b56495acecbb766599a1def5345f77b5eb381e437bb55e0945759794
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
df52c35691c9b5185479cdf0ad8181e928596e8e74d066abdeaf067cb134ba1b
df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10
ec83b65879d622b75dfea571edf8dfdee7c126aae6db1a58ff0d0b7560abc11e
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5