linked-dots.com
Open in
urlscan Pro
50.116.64.19
Malicious Activity!
Public Scan
Submission: On May 08 via automatic, source openphish
Summary
TLS certificate: Issued by UbiquiTLS™ DV RSA Server CA on March 22nd 2017. Valid for: 3 months.
This is the only time linked-dots.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 50.116.64.19 50.116.64.19 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
14 | 95.101.242.48 95.101.242.48 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 34.207.42.106 34.207.42.106 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 104.108.64.175 104.108.64.175 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
17 | 5 |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: box5008.bluehost.com
linked-dots.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-242-48.deploy.akamaitechnologies.com
www.paypalobjects.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-207-42-106.compute-1.amazonaws.com
nexus.ensighten.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-64-175.deploy.static.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
paypalobjects.com
www.paypalobjects.com |
432 KB |
1 |
paypal.com
t.paypal.com |
42 B |
1 |
ensighten.com
nexus.ensighten.com |
414 B |
1 |
linked-dots.com
linked-dots.com |
8 KB |
17 | 4 |
Domain | Requested by | |
---|---|---|
14 | www.paypalobjects.com |
linked-dots.com
|
1 | t.paypal.com |
linked-dots.com
|
1 | nexus.ensighten.com |
www.paypalobjects.com
|
1 | linked-dots.com | |
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypal.com |
developer.paypal.com |
www.paypal-marketing.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
linked-dots.com UbiquiTLS™ DV RSA Server CA |
2017-03-22 - 2017-06-20 |
3 months | crt.sh |
www.paypalobjects.com Symantec Class 3 EV SSL CA - G3 |
2015-10-12 - 2017-09-02 |
2 years | crt.sh |
nexus.ensighten.com Symantec Class 3 Secure Server SHA256 SSL CA |
2014-10-27 - 2018-01-13 |
3 years | crt.sh |
www.paypal.com Symantec Class 3 EV SSL CA - G3 |
2016-02-02 - 2017-10-30 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://linked-dots.com/pp/paypalverynow.php
Frame ID: 12236.1
Requests: 18 HTTP requests in this frame
24 Outgoing links
These are links going to different origins than the main page.
Title: PayPal
Search URL Search Domain Scan URL
Title: Pay on eBay
Search URL Search Domain Scan URL
Title: Pay on websites
Search URL Search Domain Scan URL
Title: Pay on the go
Search URL Search Domain Scan URL
Title: More ways to use us
Search URL Search Domain Scan URL
Title: Sell
Search URL Search Domain Scan URL
Title: Get paid on your website
Search URL Search Domain Scan URL
Title: Email an invoice
Search URL Search Domain Scan URL
Title: Request a payment
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Fees
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Apps
Search URL Search Domain Scan URL
Title: Shop
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Partners
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: terms and conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
paypalverynow.php
linked-dots.com/pp/ |
30 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1ccd3721c323f96346241b405f4654311c6c6f.css
www.paypalobjects.com/eboxapps/css/5b/ |
205 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa89f17d37eb3f97e39b926835ba73c0a3fd63.css
www.paypalobjects.com/eboxapps/css/1b/ |
2 KB 600 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c2f14fc42bce1c7b411ec063c9bc6082438ed6.css
www.paypalobjects.com/eboxapps/css/43/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
353ab4e9884d84b9b6254883c67b0440b8b230.js
www.paypalobjects.com/eboxapps/js/79/ |
485 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
33100d84abb37d92f0b866d6a38d4788da87ec.js
www.paypalobjects.com/eboxapps/js/42/ |
12 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bs.js
www.paypalobjects.com/tagmgmt/ |
62 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_jscode_080706.js
www.paypalobjects.com/js/site_catalyst/ |
60 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js
www.paypalobjects.com/pa/js/ |
76 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppcom.svg
www.paypalobjects.com/webstatic/i/logo/rebrand/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PayPalSansBig-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
49 KB 49 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PayPalSansBig-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
48 KB 48 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
46 KB 46 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PayPalSansSmall-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
46 KB 46 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/paypal/prod/ |
713 B 414 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
pp32.png
www.paypalobjects.com/webstatic/icon/ |
4 KB 4 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ts
t.paypal.com/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.linked-dots.com/ | Name: s_pers Value: %20s_fid%3D5752E94A06D3ADDC-2610F1200647D557%7C1557340409506%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1494270209508%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1494270209510%3B%20gpv_events%3Dno%2520value%7C1494270209511%3B |
|
linked-dots.com/ | Name: 44907 Value: |
|
.linked-dots.com/ | Name: s_sess Value: %20s_ppv%3D100%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
linked-dots.com
nexus.ensighten.com
t.paypal.com
www.paypalobjects.com
104.108.64.175
34.207.42.106
50.116.64.19
95.101.242.48
18c9428f5ed837e027c6fcf29afe9d1f63a1e1e5b53ee1dc6373cf1cd1ea22aa
3e08798b4612ce1d4700d2fe3c953f5b56be571619153da80e6012ccd9e8eb9b
3e5e7ada07b81c61389cce569f5e54c9dec0fccf9fec0f7b25f5947bac1ecbcc
4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47
5a74014f096b68865ee0e8860ad209f936422b998ca16ab68c0413316bd4e5cf
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
702eaf6d325844587ea54c33070ddace9786ae20d440f9e12baab86feea64a12
7d32380e182bb91add73ab4aa157097b62c5ac30498a622c8d279a7155898046
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
985679c36d6164422613ad77c540e9764bcfe41dde2b3d5dcff5335dcc764c9e
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4
a4c0827186b10f6d81aa1b49e8cc9f04149537106145439da076ce1e16b9397d
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
ca474d8ee84b0603be74ce617ecaa3636233a565679c90e5c28bc860533ca0c7
df2b46e8ec10841dd7e902cca2db1281c6335267b6d1bf723b4c056314ba3d2c
f18cca0f42c7cac1ed73dff7676ca341d2e48cfd174a0c08191eef75598a6350