storage.telnyx.com
Open in
urlscan Pro
64.16.239.37
Malicious Activity!
Public Scan
Submission: On September 23 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 25th 2022. Valid for: a year.
This is the only time storage.telnyx.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 64.16.239.37 64.16.239.37 | 63440 (TELNYX) (TELNYX) | |
1 | 192.229.232.89 192.229.232.89 | 15133 (EDGECAST) (EDGECAST) | |
1 | 44.199.2.7 44.199.2.7 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-2-7.compute-1.amazonaws.com
greenwichvillage.nyc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
greenwichvillage.nyc
greenwichvillage.nyc |
28 KB |
1 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2603 |
14 KB |
1 |
telnyx.com
storage.telnyx.com |
16 KB |
3 | 3 |
Domain | Requested by | |
---|---|---|
1 | greenwichvillage.nyc |
storage.telnyx.com
|
1 | www.paypalobjects.com |
storage.telnyx.com
|
1 | storage.telnyx.com | |
3 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.telnyx.com AlphaSSL CA - SHA256 - G2 |
2022-08-25 - 2023-09-26 |
a year | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2023-08-19 - 2023-12-10 |
4 months | crt.sh |
greenwichvillage.nyc R3 |
2023-09-08 - 2023-12-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Frame ID: 893E2DE6B16B1AE9049AE417DD200B74
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
storage.telnyx.com/onlineserve/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contextualLogin.css
www.paypalobjects.com/web/res/e3a/65c5f2465e43c2598eadb20766d07/css/ |
76 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f600c36902f11e8362d4ded191584840.jpeg
greenwichvillage.nyc/wp-content/uploads/2021/11/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
greenwichvillage.nyc
storage.telnyx.com
www.paypalobjects.com
192.229.232.89
44.199.2.7
64.16.239.37
1d54636adccbd69d6fd62863a1ee72ef855b01808cec683e7bac9df009e37b7c
8db10fe79832e5ec20083abc4e47953692c5b8cce38f8f2f4bbc3b022adb2a59
aee9b4b08dfc00737d1e0266eb642df6350218241ac90d1691c615f59eb2af49