paypal.verifylog.xyz
Open in
urlscan Pro
45.148.121.166
Malicious Activity!
Public Scan
Submission: On November 26 via automatic, source openphish — Scanned from NL
Summary
This is the only time paypal.verifylog.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
31 | 45.148.121.166 45.148.121.166 | 64425 (SKB-ENTER...) (SKB-ENTERPRISE) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:813::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:813::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
8 | 151.101.193.35 151.101.193.35 | 54113 (FASTLY) (FASTLY) | |
2 4 | 64.4.245.84 64.4.245.84 | 17012 (PAYPAL) (PAYPAL) | |
4 | 151.101.1.35 151.101.1.35 | 54113 (FASTLY) (FASTLY) | |
3 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
57 | 11 |
ASN64425 (SKB-ENTERPRISE, NL)
PTR: server70hector.f7-networks.com
paypal.verifylog.xyz |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
verifylog.xyz
paypal.verifylog.xyz |
2 MB |
16 |
paypal.com
2 redirects
c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com c6.paypal.com Failed |
63 KB |
3 |
gstatic.com
www.gstatic.com |
293 KB |
2 |
paypalobjects.com
www.paypalobjects.com |
73 KB |
2 |
google.com
1 redirects
www.google.com |
1 KB |
1 |
recaptcha.net
www.recaptcha.net |
2 KB |
1 |
google.nl
www.google.nl |
548 B |
1 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net |
1 KB |
1 |
google.com.gh
www.google.com.gh |
548 B |
57 | 9 |
Domain | Requested by | |
---|---|---|
31 | paypal.verifylog.xyz |
paypal.verifylog.xyz
|
7 | c.paypal.com |
paypal.verifylog.xyz
c.paypal.com |
4 | t.paypal.com |
paypal.verifylog.xyz
|
3 | www.gstatic.com |
paypal.verifylog.xyz
www.recaptcha.net |
2 | dub.stats.paypal.com |
paypal.verifylog.xyz
|
2 | b.stats.paypal.com | 2 redirects |
2 | www.paypalobjects.com |
paypal.verifylog.xyz
|
2 | www.google.com |
1 redirects
paypal.verifylog.xyz
|
1 | c6.paypal.com |
paypal.verifylog.xyz
|
1 | www.recaptcha.net |
paypal.verifylog.xyz
|
1 | www.google.nl |
paypal.verifylog.xyz
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | www.google.com.gh |
paypal.verifylog.xyz
|
57 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.google.com.gh GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2021-11-02 - 2022-03-15 |
4 months | crt.sh |
c.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-06-24 - 2022-06-29 |
2 years | crt.sh |
t.paypal.com DigiCert SHA2 Extended Validation Server CA |
2021-09-21 - 2022-10-22 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
misc.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
This page contains 13 frames:
Primary Page:
http://paypal.verifylog.xyz/
Frame ID: B92D701A9EE3FB7E2D7245E64F6AE72B
Requests: 29 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/grcenterprise_v3.html
Frame ID: E53FC74C3B6F4A74A396902FB693D8F5
Requests: 4 HTTP requests in this frame
Frame:
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A53221C2F46E562A958D8391C93DC5D0
Requests: 5 HTTP requests in this frame
Frame:
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o
Frame ID: CC6800ECE4DA541D7D2E8330502DCF80
Requests: 1 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/pixel.html
Frame ID: 135B81F452EAE66AE132B64F0CA10681
Requests: 3 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/saved_resource.html
Frame ID: 8C26A9A580CE78340F85DE291B8B9C88
Requests: 1 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/i.html
Frame ID: 69749C48B248FAA8A8E02D8CFC99994A
Requests: 2 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/anchor.html
Frame ID: 5EF9D34DD17AB12E48F12C7A5EF0E18B
Requests: 3 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/saved_resource(1).html
Frame ID: 7BEF83485525AA58DB3BA36797C00221
Requests: 1 HTTP requests in this frame
Frame:
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdCCOUUAAAAAHTE-Snr6hi4HJGtJk_d1_ce-gWB&co=aHR0cDovL3BheXBhbC52ZXJpZnlsb2cueHl6Ojgw&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=a46bqyrndi1s
Frame ID: 243C1965B24E6EA7DC7E895C5AF90CF5
Requests: 3 HTTP requests in this frame
Frame:
http://paypal.verifylog.xyz/paypalpj_files/saved_resource(2).html
Frame ID: FA9B625CCBE2AA8C8E927348A4A6E472
Requests: 1 HTTP requests in this frame
Frame:
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o
Frame ID: 36AC4AF9ADA154438378D0F0AE0D3AE5
Requests: 1 HTTP requests in this frame
Frame:
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 007B10F3CF1CA93281F7CBAA1363D83B
Requests: 5 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992191228/?random=118604740&cv=9&fst=1637672850245&num=1&label=vTDjCL3nvv4CEPzFjtkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=5&u_nmime=2>m=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&ref=https%3A%2F%2Fwww.paypal.com%2Fus%2Fhome&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tuecYdu7H8W2mLAPmvyhuAU&sscte=1&crd= HTTP 302
- https://www.google.com/pagead/1p-conversion/992191228/?random=118604740&cv=9&fst=1637672850245&num=1&label=vTDjCL3nvv4CEPzFjtkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=5&u_nmime=2>m=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&ref=https%3A%2F%2Fwww.paypal.com%2Fus%2Fhome&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tuecYdu7H8W2mLAPmvyhuAU&random=1316060513&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.nl/pagead/1p-conversion/992191228/?random=118604740&cv=9&fst=1637672850245&num=1&label=vTDjCL3nvv4CEPzFjtkD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=5&u_nmime=2>m=2oi4f0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.paypal.com%2Fsignin&ref=https%3A%2F%2Fwww.paypal.com%2Fus%2Fhome&tiba=Log%20in%20to%20your%20PayPal%20account&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tuecYdu7H8W2mLAPmvyhuAU&random=1316060513&resp=GooglemKTybQhCsO&ipr=y&prhg=0
- https://b.stats.paypal.com/v1/counter.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o HTTP 302
- https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o
- https://b.stats.paypal.com/v1/counter.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o HTTP 302
- https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zZmIyYTkwYTIyMWE0MGNkYTEwNzUyYWI1MGJkNmJmNiZpPTQxLjIxMC4zLjI1NCZ0PTE2Mzc2NzI4NTEuMDgzJmE9MjEmcz1VTklGSUVEX0xPR0lONQN8i0r4xN2z3hMQLJoAyZZzA2o
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
paypal.verifylog.xyz/ |
51 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f.txt
paypal.verifylog.xyz/paypalpj_files/ |
37 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.download
paypal.verifylog.xyz/paypalpj_files/ |
44 KB 44 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js.download
paypal.verifylog.xyz/paypalpj_files/ |
79 KB 79 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
latmconf.js.download
paypal.verifylog.xyz/paypalpj_files/ |
131 KB 131 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ngrlCaptcha.min.js.download
paypal.verifylog.xyz/paypalpj_files/ |
21 KB 21 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contextualLogin.css
paypal.verifylog.xyz/paypalpj_files/ |
119 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-2.6.1.js.download
paypal.verifylog.xyz/paypalpj_files/ |
4 KB 4 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f(1).txt
paypal.verifylog.xyz/paypalpj_files/ |
2 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f(2).txt
paypal.verifylog.xyz/paypalpj_files/ |
2 KB 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fn-sync-telemetry-min.js.download
paypal.verifylog.xyz/paypalpj_files/ |
5 KB 6 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin-split.js.download
paypal.verifylog.xyz/paypalpj_files/ |
320 KB 320 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js.download
paypal.verifylog.xyz/paypalpj_files/ |
59 KB 59 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptchav3.js.download
paypal.verifylog.xyz/paypalpj_files/ |
11 KB 11 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patleaf.js.download
paypal.verifylog.xyz/paypalpj_files/ |
130 KB 130 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patlcfg.js.download
paypal.verifylog.xyz/paypalpj_files/ |
6 KB 6 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.js.download
paypal.verifylog.xyz/paypalpj_files/ |
55 KB 55 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/992191228/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com.gh/pagead/1p-user-list/992191228/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.nl/pagead/1p-conversion/992191228/ Redirect Chain
|
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grcenterprise_v3.html
paypal.verifylog.xyz/paypalpj_files/ Frame E53F |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
c.paypal.com/v1/r/d/ Frame A532 |
160 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter2.cgi
dub.stats.paypal.com/v1/ Frame CC68 Redirect Chain
|
42 B 299 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.html
paypal.verifylog.xyz/paypalpj_files/ Frame 135B |
200 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 148 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
paypal.verifylog.xyz/paypalpj_files/ Frame 8C26 |
152 B 397 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i.html
paypal.verifylog.xyz/paypalpj_files/ Frame 6974 |
256 B 504 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js.download
paypal.verifylog.xyz/paypalpj_files/ Frame E53F |
343 KB 344 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enterprise.js.download
paypal.verifylog.xyz/paypalpj_files/ Frame E53F |
977 B 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.js.download
paypal.verifylog.xyz/paypalpj_files/ Frame 6974 |
55 KB 55 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anchor.html
paypal.verifylog.xyz/paypalpj_files/ Frame 5EF9 |
40 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
paypal.verifylog.xyz/paypalpj_files/ Frame 7BEF |
152 B 397 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 135B |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 135B |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame E53F |
343 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles__ltr.css
paypal.verifylog.xyz/paypalpj_files/ Frame 5EF9 |
51 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js.download
paypal.verifylog.xyz/paypalpj_files/ Frame 5EF9 |
343 KB 344 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 243C |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(2).html
paypal.verifylog.xyz/paypalpj_files/ Frame FA9B |
152 B 397 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.js
c.paypal.com/da/r/ Frame A532 |
55 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 243C |
51 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 243C |
343 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
p1
c.paypal.com/v1/r/d/b/ Frame A532 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
e
c.paypal.com/v1/r/d/b/ Frame A532 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p3
c6.paypal.com/v1/r/d/b/ Frame A532 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
client-log
paypal.verifylog.xyz/signin/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.js
c.paypal.com/da/r/ |
55 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 148 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter2.cgi
dub.stats.paypal.com/v1/ Frame 36AC Redirect Chain
|
42 B 299 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
c.paypal.com/v1/r/d/ Frame 007B |
160 B 1023 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb.js
c.paypal.com/da/r/ Frame 007B |
55 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p1
c.paypal.com/v1/r/d/b/ Frame 007B |
125 B 639 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
e
c.paypal.com/v1/r/d/b/ Frame 007B |
15 B 249 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p3
c6.paypal.com/v1/r/d/b/ Frame 007B |
0 147 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 447 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tealeaftarget
paypal.verifylog.xyz/platform/ |
1 KB 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- c.paypal.com
- URL
- https://c.paypal.com/v1/r/d/b/p1
- Domain
- c.paypal.com
- URL
- https://c.paypal.com/v1/r/d/b/e
- Domain
- c6.paypal.com
- URL
- https://c6.paypal.com/v1/r/d/b/p3?f=3fb2a90a221a40cda10752ab50bd6bf6&s=UNIFIED_LOGIN_INPUT_PASSWORD
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager object| gDataLayer object| latmconf boolean| paypalADSInterceptorInjected object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ object| fpti string| fptiserverurl object| _ifpti object| pako object| TLT object| _0x1c7d function| _0x4b3a object| d function| daccacbec object| err object| google_tag_data function| ga object| gaplugins object| _0x2fa2 function| _0x3a485 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.paypal.com/ | Name: ts_c Value: vr%3D20d2ec4d6b967dd0%26vt%3D723108e0716a6c6f |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1732582857%26vteXpYrS%3D1637890257%26vr%3D20d2ec4d6b967dd0%26vt%3D723108e0716a6c6f |
|
.c.paypal.com/ | Name: sc_f Value: yH2j4SU9hlDbAj5aNcOG1BwX-E4SCXCyWIAP6rc41Te0jVDOvvhsRcSSRZru_CLgKAaxhvHZKxAQNxH_GyTXtoEoQ4fl3v8VqSixWW |
|
.paypal.com/ | Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 5uuXd2ClaRzOMisYlb5w2Nnef2KEMsQksImNtbLU-HJ3LPh0um5b0XP4HGM3MGXcC9C4UXBiLisT3Arz |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b.stats.paypal.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
googleads.g.doubleclick.net
paypal.verifylog.xyz
t.paypal.com
www.google.com
www.google.com.gh
www.google.nl
www.gstatic.com
www.paypalobjects.com
www.recaptcha.net
c.paypal.com
c6.paypal.com
151.101.1.35
151.101.130.133
151.101.193.35
2a00:1450:4001:802::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:831::2003
45.148.121.166
64.4.245.84
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
08cc01b5aa35229d38133e41d12175c8d0faebec99cae2a625793e6ea8d37218
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
3485788982ee606e7b42a83e933c2f62e342bbb96b68f90eb4fd830c62cee812
3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b
431b5f1f8a9b745d82bb9be17893a5601069d8b412d4ee0238b53cb4e52d09d1
440eedb9540fd38fbd2e3162686cc8d4e36b3f61884af8db4d563d9de65f8558
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5d3b6518c622f9938b185ef97ee8193c7ff2084d892140986a07f9ca14d6350b
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
67048e0a5d650568c6488415a5fba26748a2b717cb185ab0c7ce07fb6a21da05
6c95c7a38d45988433fee5ff9e9412c22a61c0c8212766c62f3c94c10ae84d88
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
916af047bc6ae9550371c939c1db21b835ce0f0393f1f4dfd89327ba80464e0e
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
9d2cae5991852237acca6108a7550f34cd3d15605004b024d76d5a8d2e865f5d
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a913d18a0cf3d623822483c8c7456cff16fbe286a5006167e6caa4143887cc39
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
beaef1168086eb204dc23a17baec905a57c0acd46163a47cd042ef7d29e355b9
c4c863ef4d32400fcba8f7deec38430400231239b8b61dd85c4235373d82564d
c6148927485b9bc25d9fae863ff5caaf24230cb99401439c049a539c557a1603
cbeed9f5c2db1341f947fa502644fd74dbd15952f4f9d62ecf05726139e43981
cdf98d4b6fe5431380ab59d1910ad5f62927da92c7f5853da99a3d5b625bb8f4
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
e049ad70c54b8f59fa0fcb3adc5fabdabdbccae2836183228e806b3c1ef8e9ce
e3137b3bd8b237e3f52ac321a7d4f996a779918f0c8097c16756d063fcbdc725
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
f982a9dad50b916735a08b8e6f40efa7f97163106b18da079b144764c86a44a1