URL: https://linked-dots.com/pp/paypalverynow.php
Submission: On May 08 via automatic, source openphish

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 50.116.64.19, located in Houston, United States and belongs to CYRUSONE - CyrusOne LLC, US. The main domain is linked-dots.com.
TLS certificate: Issued by UbiquiTLS™ DV RSA Server CA on March 22nd 2017. Valid for: 3 months.
This is the only time linked-dots.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
1 50.116.64.19 20013 (CYRUSONE)
14 95.101.242.48 16625 (AKAMAI-AS)
1 34.207.42.106 14618 (AMAZON-AES)
1 104.108.64.175 16625 (AKAMAI-AS)
17 5
Domain Requested by
14 www.paypalobjects.com linked-dots.com
1 t.paypal.com linked-dots.com
1 nexus.ensighten.com www.paypalobjects.com
1 linked-dots.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
developer.paypal.com
www.paypal-marketing.com
Subject Issuer Validity Valid
linked-dots.com
UbiquiTLS™ DV RSA Server CA
2017-03-22 -
2017-06-20
3 months crt.sh
www.paypalobjects.com
Symantec Class 3 EV SSL CA - G3
2015-10-12 -
2017-09-02
2 years crt.sh
nexus.ensighten.com
Symantec Class 3 Secure Server SHA256 SSL CA
2014-10-27 -
2018-01-13
3 years crt.sh
www.paypal.com
Symantec Class 3 EV SSL CA - G3
2016-02-02 -
2017-10-30
2 years crt.sh

This page contains 1 frames:

Primary Page: https://linked-dots.com/pp/paypalverynow.php
Frame ID: 12236.1
Requests: 18 HTTP requests in this frame

Screenshot


Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

441 kB
Transfer

1135 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request paypalverynow.php
linked-dots.com/pp/
30 KB
8 KB
Document
General
Full URL
https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.116.64.19 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
box5008.bluehost.com
Software
Apache /
Resource Hash
702eaf6d325844587ea54c33070ddace9786ae20d440f9e12baab86feea64a12

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
linked-dots.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=7200
Connection
Keep-Alive
Keep-Alive
timeout=10, max=500
Content-Length
8411
Expires
Mon, 08 May 2017 20:33:29 GMT
1ccd3721c323f96346241b405f4654311c6c6f.css
www.paypalobjects.com/eboxapps/css/5b/
205 KB
37 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
f18cca0f42c7cac1ed73dff7676ca341d2e48cfd174a0c08191eef75598a6350

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Mar 2016 23:50:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37609
Expires
Sun, 06 Aug 2017 18:33:29 GMT
fa89f17d37eb3f97e39b926835ba73c0a3fd63.css
www.paypalobjects.com/eboxapps/css/1b/
2 KB
600 B
Stylesheet
General
Full URL
https://www.paypalobjects.com/eboxapps/css/1b/fa89f17d37eb3f97e39b926835ba73c0a3fd63.css
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
3e08798b4612ce1d4700d2fe3c953f5b56be571619153da80e6012ccd9e8eb9b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Dec 2015 23:11:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
600
Expires
Sun, 06 Aug 2017 18:33:29 GMT
c2f14fc42bce1c7b411ec063c9bc6082438ed6.css
www.paypalobjects.com/eboxapps/css/43/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.paypalobjects.com/eboxapps/css/43/c2f14fc42bce1c7b411ec063c9bc6082438ed6.css
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
ca474d8ee84b0603be74ce617ecaa3636233a565679c90e5c28bc860533ca0c7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Dec 2015 23:11:14 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1510
Expires
Sun, 06 Aug 2017 18:33:29 GMT
353ab4e9884d84b9b6254883c67b0440b8b230.js
www.paypalobjects.com/eboxapps/js/79/
485 KB
132 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/79/353ab4e9884d84b9b6254883c67b0440b8b230.js
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
985679c36d6164422613ad77c540e9764bcfe41dde2b3d5dcff5335dcc764c9e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 25 Mar 2016 22:03:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7776000
Transfer-Encoding
chunked
Connection
keep-alive Transfer-Encoding
Accept-Ranges
bytes
Content-Encoding
gzip
Expires
Sun, 06 Aug 2017 18:33:29 GMT
33100d84abb37d92f0b866d6a38d4788da87ec.js
www.paypalobjects.com/eboxapps/js/42/
12 KB
3 KB
Script
General
Full URL
https://www.paypalobjects.com/eboxapps/js/42/33100d84abb37d92f0b866d6a38d4788da87ec.js
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
5a74014f096b68865ee0e8860ad209f936422b998ca16ab68c0413316bd4e5cf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Thu, 25 Feb 2016 23:35:02 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
3253
Expires
Sun, 06 Aug 2017 18:33:29 GMT
bs.js
www.paypalobjects.com/tagmgmt/
62 KB
21 KB
Script
General
Full URL
https://www.paypalobjects.com/tagmgmt/bs.js
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
a4c0827186b10f6d81aa1b49e8cc9f04149537106145439da076ce1e16b9397d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Tue, 18 Apr 2017 00:00:37 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
21040
Expires
Sun, 06 Aug 2017 18:33:29 GMT
pp_jscode_080706.js
www.paypalobjects.com/js/site_catalyst/
60 KB
22 KB
Script
General
Full URL
https://www.paypalobjects.com/js/site_catalyst/pp_jscode_080706.js
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
18c9428f5ed837e027c6fcf29afe9d1f63a1e1e5b53ee1dc6373cf1cd1ea22aa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 03 Feb 2017 01:20:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
22880
Expires
Sun, 06 Aug 2017 18:33:29 GMT
pa.js
www.paypalobjects.com/pa/js/
76 KB
17 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/pa.js
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
7d32380e182bb91add73ab4aa157097b62c5ac30498a622c8d279a7155898046

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 31 Mar 2017 18:59:55 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
17833
Expires
Mon, 08 May 2017 19:33:29 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e5e7ada07b81c61389cce569f5e54c9dec0fccf9fec0f7b25f5947bac1ecbcc

Request headers

Response headers

ppcom.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/
5 KB
5 KB
Image
General
Full URL
https://www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom.svg
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Last-Modified
Mon, 21 Apr 2014 21:29:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5588
Expires
Wed, 07 Jun 2017 18:33:29 GMT
PayPalSansBig-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
49 KB
49 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Regular.woff
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47

Request headers

Pragma
no-cache
Origin
https://linked-dots.com
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Origin
https://linked-dots.com

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 30 Sep 2015 05:09:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50031
Expires
Wed, 07 Jun 2017 18:33:29 GMT
PayPalSansBig-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
48 KB
48 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Light.woff
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e

Request headers

Pragma
no-cache
Origin
https://linked-dots.com
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Origin
https://linked-dots.com

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 30 Sep 2015 05:09:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49115
Expires
Wed, 07 Jun 2017 18:33:29 GMT
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
46 KB
46 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8

Request headers

Pragma
no-cache
Origin
https://linked-dots.com
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Origin
https://linked-dots.com

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 30 Sep 2015 05:09:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47339
Expires
Wed, 07 Jun 2017 18:33:29 GMT
PayPalSansSmall-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/
46 KB
46 KB
Font
General
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Light.woff
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab

Request headers

Pragma
no-cache
Origin
https://linked-dots.com
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.paypalobjects.com/eboxapps/css/5b/1ccd3721c323f96346241b405f4654311c6c6f.css
Origin
https://linked-dots.com

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 30 Sep 2015 05:09:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46703
Expires
Wed, 07 Jun 2017 18:33:29 GMT
serverComponent.php
nexus.ensighten.com/paypal/prod/
713 B
414 B
XHR
General
Full URL
https://nexus.ensighten.com/paypal/prod/serverComponent.php?r=66492.4463010479&ensJson=true&ClientID=1620&PageID=https%3A%2F%2Flinked-dots.com%2Fpp%2Fpaypalverynow.php%3Ftms_country%3Dph%26ensJson%3Dtrue
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/tagmgmt/bs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.42.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-207-42-106.compute-1.amazonaws.com
Software
nginx /
Resource Hash
df2b46e8ec10841dd7e902cca2db1281c6335267b6d1bf723b4c056314ba3d2c

Request headers

Pragma
no-cache
Origin
https://linked-dots.com
Accept-Encoding
gzip, deflate, sdch, br
Host
nexus.ensighten.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://linked-dots.com/pp/paypalverynow.php
Origin
https://linked-dots.com

Response headers

Date
Mon, 08 May 2017 18:33:29 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache no-store
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 08 May 2017 18:33:28 GMT
Cookie set pp32.png
www.paypalobjects.com/webstatic/icon/
4 KB
4 KB
Other
General
Full URL
https://www.paypalobjects.com/webstatic/icon/pp32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.101.242.48 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-242-48.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
www.paypalobjects.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2017 18:33:29 GMT
Last-Modified
Wed, 30 Apr 2014 15:54:51 GMT
Server
Apache
Connection
keep-alive
P3P
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
PYPF=CT; expires=Mon, 05-Jun-2017 18:33:29 GMT; path=/; domain=.paypalobjects.com
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
3972
Expires
Mon, 08 May 2017 18:33:29 GMT
Cookie set ts
t.paypal.com/
42 B
42 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.1.6&t=1494268409983&g=0&e=im&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&tmpl=home.dust&pgst=Unknown&lgin=out&calc=5f4f728410385&rsta=en_PH&s=ci&ccpg=ph&csci=c14f2512fa074b448230c370157565d7&comp=mppnodeweb&tsrce=mppnodeweb&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&shir=main_mktg_personal_&pros=3&lgcook=2&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal%20Philippines&cd=24&sw=1600&sh=1200&bw=1598&bh=1132&ce=1&pl=pdf%2CShockwave%20Flash%2025.0%20r0&t1=402&t1c=402&t1d=1&t1s=275&t2=181&t3=1&t4d=232&t4=256&t4e=24&tt=840&teal=rZJvnqaaQhLn%252FnmWT8cSUmR1G%252FXOGzg1b29TMfAlTtZWOgbgvuMyLA1ApjBZl9uNnIW%252BKSSXdrM_153df1dcb42
Requested by
Host: linked-dots.com
URL: https://linked-dots.com/pp/paypalverynow.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.108.64.175 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-64-175.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
t.paypal.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://linked-dots.com/pp/paypalverynow.php
Connection
keep-alive
Cache-Control
no-cache
Referer
https://linked-dots.com/pp/paypalverynow.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2017 18:33:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control
max-age=0, no-cache, no-store
Rlogid
SSnsfgRniWh%2FzoH38T7ooA4%2FAuviW9AD4SoTuNqhHw3FqRBP1Rv7PQih85EeNV1DgvFeqtch8w1Z29h8cFi4UlRTCm3YOOmWdJ5jttb1De0_15be9567919
Set-Cookie
JSESSIONID=61AB98F69A3874014A29289CD7E4D631; Path=/webapps/tracking ts=vreXpYrS%3D1588939187%26vteXpYrS%3D1494270210%26vr%3De956791a15b0a49120408e40feb56374%26vt%3De956791a15b0a49120408e40feb56373; Domain=.paypal.com; Expires=Fri, 08-May-2020 11:59:47 GMT; Path=/
Content-Type
image/gif
Content-Length
42
Expires
Mon, 08 May 2017 18:33:30 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.linked-dots.com/ Name: s_pers
Value: %20s_fid%3D5752E94A06D3ADDC-2610F1200647D557%7C1557340409506%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1494270209508%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1494270209510%3B%20gpv_events%3Dno%2520value%7C1494270209511%3B
linked-dots.com/ Name: 44907
Value:
.linked-dots.com/ Name: s_sess
Value: %20s_ppv%3D100%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B