www.paypals.us
Open in
urlscan Pro
74.122.232.20
Public Scan
Submitted URL: http://www.paypals.us/
Effective URL: https://www.paypals.us/
Submission Tags: phishingcatcher certstream Search All
Submission: On July 28 via api from CH
Effective URL: https://www.paypals.us/
Submission Tags: phishingcatcher certstream Search All
Submission: On July 28 via api from CH
Summary
This website contacted 6 IPs
in 2 countries
across 5 domains to perform 18 HTTP transactions.
The main IP is 74.122.232.20, located in
United States and
belongs to PRANASYSTEMS-COM - Prana Systems, LLC., US.
The main domain is www.paypals.us.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 28th 2019. Valid for: 3 months.
This is the only time www.paypals.us was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on July 28th 2019. Valid for: 3 months.
This is the only time www.paypals.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 3 | 74.122.232.20 74.122.232.20 | 35975 (PRANASYST...) (PRANASYSTEMS-COM - Prana Systems) | |
| 10 | 13.32.219.208 13.32.219.208 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 74.122.232.15 74.122.232.15 | 35975 (PRANASYST...) (PRANASYSTEMS-COM - Prana Systems) | |
| 18 | 6 |
3
74.122.232.20
(United States)
ASN35975 (PRANASYSTEMS-COM - Prana Systems, LLC., US)
PTR: vip1.webstarts.com
ASN35975 (PRANASYSTEMS-COM - Prana Systems, LLC., US)
PTR: vip1.webstarts.com
| www.paypals.us |
10
13.32.219.208
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-219-208.fra56.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-219-208.fra56.r.cloudfront.net
| static.secure.website |
1
2a00:1450:4001:825::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
2a00:1450:4001:809::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| ajax.googleapis.com |
3
2a00:1450:4001:825::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
1
74.122.232.15
(United States)
ASN35975 (PRANASYSTEMS-COM - Prana Systems, LLC., US)
PTR: webstarts.com
ASN35975 (PRANASYSTEMS-COM - Prana Systems, LLC., US)
PTR: webstarts.com
| www.webstarts.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
secure.website
static.secure.website |
384 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
34 KB |
| 3 |
paypals.us
1 redirects
www.paypals.us |
16 KB |
| 2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
| 1 |
webstarts.com
www.webstarts.com |
453 B |
| 18 | 5 |
| Domain | Requested by | |
|---|---|---|
| 10 | static.secure.website |
www.paypals.us
ajax.googleapis.com |
| 3 | fonts.gstatic.com |
ajax.googleapis.com
|
| 3 | www.paypals.us |
1 redirects
www.paypals.us
|
| 1 | www.webstarts.com |
ajax.googleapis.com
|
| 1 | ajax.googleapis.com |
www.paypals.us
|
| 1 | fonts.googleapis.com |
www.paypals.us
|
| 18 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| instagram.com |
| facebook.com |
| twitter.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| paypals.us Let's Encrypt Authority X3 |
2019-07-28 - 2019-10-26 |
3 months | crt.sh |
| static.secure.website Amazon |
2019-03-22 - 2020-04-22 |
a year | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2019-07-02 - 2019-09-24 |
3 months | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-07-02 - 2019-09-24 |
3 months | crt.sh |
| www.webstarts.com Go Daddy Secure Certificate Authority - G2 |
2016-12-27 - 2019-12-28 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paypals.us/
Frame ID: 9E429F6D9C55E97E02879824B9413043
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.paypals.us/
HTTP 301
https://www.paypals.us/ Page URL
Detected technologies
Red Hat
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Red Hat/i
OpenSSL
(Web Server Extensions)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: http://instagram.com/freewebsitebuilder
Search URL Search Domain Scan URL
URL: http://facebook.com/webstarts
Search URL Search Domain Scan URL
URL: http://twitter.com/webstarts
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.paypals.us/
HTTP 301
https://www.paypals.us/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.paypals.us/ Redirect Chain
|
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.css
static.secure.website/library/users/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site.css
static.secure.website/client-site-resources/10543927/css/ |
53 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
25 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout-desktop.css
static.secure.website/client-site-resources/10543927/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
public-icons.min.css
static.secure.website/library/users/fonts/public/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
position.css
www.paypals.us/css/ |
0 300 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.css
static.secure.website/client-site-resources/10543927/css/ |
713 B 771 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index-layout-desktop.css
static.secure.website/client-site-resources/10543927/css/ |
970 B 868 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.js
static.secure.website/library/users/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_LOImzDK7erRjhunIspaMgxg7oTC0nDy.woff2
fonts.gstatic.com/s/meiescript/v7/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
public-icons.woff2
static.secure.website/library/users/fonts/public/font/ |
94 KB 95 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
add.js
www.webstarts.com/library/users/ |
9 B 453 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adult-countryside-dog-family-w1000.jpeg
static.secure.website/wspfus/0/14865/ |
219 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
portrait-of-young-woman-w300.jpeg
static.secure.website/wspfus/0/26037/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| _wsConfig object| _wsProps undefined| $ function| jQuery function| $j object| _ws function| getCurrentPath function| getFileFromPath function| getExt function| includeFile function| afterLoad string| addScript object| userBrowser function| FontFaceObserver object| jQuery1111087913195660449860 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
static.secure.website
www.paypals.us
www.webstarts.com
13.32.219.208
2a00:1450:4001:809::200a
2a00:1450:4001:825::2003
2a00:1450:4001:825::200a
74.122.232.15
74.122.232.20
1947ed1f560462ba5f3dcca23f0689b50ca500f0978f66078b23378df49fdc49
4a64b630f7c646e5b385baae8d09e026e954c1aff5d7f0197c7b84d6e115b08a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
67ed5ded6880d59f520d7312344e210ff91b6b14fa1db0ddab7dd95652d1ad26
7dcb47cc526ff180b7c949a11852c8959240d57608400b53ec0c0f8118a3cfd1
81f60bf5885f6f5205ea9d10a118f4dc7aafe617d0e6a294093578d093eb12b3
87aa34cebc54369a296595d63fe1b5103ba6c18528e275c6047b2bce121e54dc
a0378c9e12bed78db67df560e3df08c8efe979d3c150232d404d91b392f2fa10
a815cc59e31f34121e2cabfbb0128a9fa60aa07245f8d772ff17fb15842f2bab
b198e39b394538253fb4c3886c25d414467dc6c971d1582db8a3a6792ac16a55
b9b7a52c3262039223957db282a7a0b84d402df43c511303bba3abf8ffbc08a6
d864f6e213fb515a91a67fd90fb56227cb3dff6ea5fef0fc923752803c258a01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b1800e97d395ff06938f35262897dd9a771bca610708d7f433793eec7c78e
fa6d8aebf3465200eebe15b407ff311073e3389f992dd3295a7c6ce9f2063ab8
fcd3664b232e62cbd10943afd36fff0faa54e3c49a349b04fc4bb21e6a8b2636