storage.telnyx.com Open in urlscan Pro
64.16.239.37  Malicious Activity! Public Scan

URL: https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Submission: On September 23 via api from JP — Scanned from JP

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 64.16.239.37, located in United States and belongs to TELNYX, US. The main domain is storage.telnyx.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 25th 2022. Valid for: a year.
This is the only time storage.telnyx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
1 64.16.239.37 63440 (TELNYX)
1 192.229.232.89 15133 (EDGECAST)
1 44.199.2.7 14618 (AMAZON-AES)
3 3
Apex Domain
Subdomains
Transfer
1 greenwichvillage.nyc
greenwichvillage.nyc
28 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2603
14 KB
1 telnyx.com
storage.telnyx.com
16 KB
3 3
Domain Requested by
1 greenwichvillage.nyc storage.telnyx.com
1 www.paypalobjects.com storage.telnyx.com
1 storage.telnyx.com
3 3

This site contains no links.

Subject Issuer Validity Valid
*.telnyx.com
AlphaSSL CA - SHA256 - G2
2022-08-25 -
2023-09-26
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-08-19 -
2023-12-10
4 months crt.sh
greenwichvillage.nyc
R3
2023-09-08 -
2023-12-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Frame ID: 893E2DE6B16B1AE9049AE417DD200B74
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Wells Fargo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

58 kB
Transfer

119 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
storage.telnyx.com/onlineserve/
16 KB
16 KB
Document
General
Full URL
https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.16.239.37 , United States, ASN63440 (TELNYX, US),
Reverse DNS
Software
Telnyx API /
Resource Hash
aee9b4b08dfc00737d1e0266eb642df6350218241ac90d1691c615f59eb2af49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-length
16375
content-type
text/html
date
Sat, 23 Sep 2023 06:33:22 GMT
last-modified
Thu, 14 Sep 2023 16:24:29 GMT
server
Telnyx API
x-amz-tagging-count
0
contextualLogin.css
www.paypalobjects.com/web/res/e3a/65c5f2465e43c2598eadb20766d07/css/
76 KB
14 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/web/res/e3a/65c5f2465e43c2598eadb20766d07/css/contextualLogin.css
Requested by
Host: storage.telnyx.com
URL: https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.232.89 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tkb/7345) /
Resource Hash
1d54636adccbd69d6fd62863a1ee72ef855b01808cec683e7bac9df009e37b7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://storage.telnyx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
b9b74d9a6dd01
dc
ccg11-origin-www-1.paypal.com
content-length
13525
last-modified
Fri, 09 Nov 2018 15:41:31 GMT
server
ECAcc (tkb/7345)
traceparent
00-0000000000000000000b9b74d9a6dd01-be37dc3b8e8c3c27-01
etag
W/"5be5aaab-12e07"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sun, 22 Sep 2024 06:33:24 GMT
f600c36902f11e8362d4ded191584840.jpeg
greenwichvillage.nyc/wp-content/uploads/2021/11/
28 KB
28 KB
Image
General
Full URL
https://greenwichvillage.nyc/wp-content/uploads/2021/11/f600c36902f11e8362d4ded191584840.jpeg
Requested by
Host: storage.telnyx.com
URL: https://storage.telnyx.com/onlineserve/wellsfargosecuredlinkandbankingcustomerserviceWELLSFARGOsecure.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.199.2.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-2-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8db10fe79832e5ec20083abc4e47953692c5b8cce38f8f2f4bbc3b022adb2a59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://storage.telnyx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:33:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 17:12:12 GMT
server
nginx
etag
"619bcf6c-6f61"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
28513
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack

0 Cookies