paidlah.info Open in urlscan Pro
107.151.234.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paidlah.info/index.php
Submission Tags: @phish_report
Submission: On May 30 via api (May 30th 2024, 3:45:17 pm UTC) from FI — Scanned from FI

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 107.151.234.108, located in United States and belongs to SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG. The main domain is paidlah.info.
TLS certificate: Issued by R3 on May 30th 2024. Valid for: 3 months.

This is the only time paidlah.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DBS Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
16	107.151.234.108 107.151.234.108		151804 (SNOTIONPT...) (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD)
16	1

16 107.151.234.108 (United States)

ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG)

paidlah.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	paidlah.info paidlah.info	129 KB
16	1

	Domain	Requested by
16	paidlah.info	paidlah.info
16	1

This site contains no links.

Subject Issuer	Validity	Valid
paidlah.info R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paidlah.info/index.php
Frame ID: A5B5AB8094C82D7EC02CD2A768C0C011
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

129 kB
Transfer

321 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response paidlah.info/	4 KB 2 KB	1418ms 515ms	Document text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `4abb2da3b64e8e609aa66628c237f90fda92dde1f786188c3959db426c9556d5` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 1668 content-type text/html; charset=UTF-8 date Thu, 30 May 2024 15:45:11 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H2	200	global.css paidlah.info/css/	32 B 136 B	309ms 308ms	Stylesheet text/css	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/css/global.css Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `7e16396ef8c0c1249aed9ed2a4120629a50e28070d8469030061cb3a71662ade` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT last-modified Sat, 19 Nov 2022 18:45:24 GMT server Apache accept-ranges bytes etag "20-5edd7399e9900" content-length 32 content-type text/css
GET H2	200	swiper.min.css paidlah.info/css/	19 KB 3 KB	310ms 309ms	Stylesheet text/css	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/css/swiper.min.css Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `0acdefe2164951522a3032ca13a4f691e14c4823cdca772b4b499a97a6fb27eb` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT content-encoding gzip last-modified Sat, 19 Nov 2022 18:45:24 GMT server Apache etag "4b85-5edd7399e9900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3017
GET H2	200	img_paylahlogo_dark.png paidlah.info/img/	5 KB 5 KB	309ms 308ms	Image image/png	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Show image Full URL https://paidlah.info/img/img_paylahlogo_dark.png Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `4af5f120c5a15ae31c05497269b0c91aefad1668413c63e553266cf0d355f741` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT last-modified Sat, 19 Nov 2022 17:56:56 GMT server Apache accept-ranges bytes etag "1264-5edd68c4a0a00" content-length 4708 content-type image/png
GET H2	404	slide_2.png paidlah.info/img/news/	259 B 259 B	309ms 309ms	Image text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Show image Full URL https://paidlah.info/img/news/slide_2.png Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `7a0770728c79a82260b1f114005c89f4020d4782efe22f463313918c5e447462` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT server Apache content-length 259 content-type text/html; charset=iso-8859-1
GET H2	404	slide_3.png paidlah.info/img/news/	259 B 259 B	304ms 304ms	Image text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Show image Full URL https://paidlah.info/img/news/slide_3.png Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `7a0770728c79a82260b1f114005c89f4020d4782efe22f463313918c5e447462` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT server Apache content-length 259 content-type text/html; charset=iso-8859-1
GET H2	404	slide_4.png paidlah.info/img/news/	259 B 259 B	305ms 304ms	Image text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Show image Full URL https://paidlah.info/img/news/slide_4.png Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `7a0770728c79a82260b1f114005c89f4020d4782efe22f463313918c5e447462` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT server Apache content-length 259 content-type text/html; charset=iso-8859-1
GET H2	200	jquery-1.11.1.min.js Show response paidlah.info/js/	94 KB 33 KB	899ms 899ms	Script text/javascript	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/js/jquery-1.11.1.min.js Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT content-encoding gzip last-modified Tue, 15 Nov 2022 10:10:44 GMT server Apache etag "1762a-5ed7f91a9b100-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 33225
GET H2	200	swiper.min.js Show response paidlah.info/js/	109 KB 29 KB	305ms 304ms	Script text/javascript	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/js/swiper.min.js Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `71ac9609b38bb7193aa590b72a2e18ecf603226589e02cd157aa312cc0c70bba` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:12 GMT content-encoding gzip last-modified Tue, 15 Nov 2022 10:08:20 GMT server Apache etag "1b38e-5ed7f89146d00-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 29418
GET H2	200	k.js Show response paidlah.info/zy/api/	2 KB 906 B	1380ms 1379ms	Script text/javascript	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/zy/api/k.js Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `2b2afdc05faf6b897ecb2fe532526752927f5c5cdf5e1452355f9395396b9190` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:13 GMT content-encoding gzip last-modified Fri, 29 Jul 2022 12:55:30 GMT server Apache etag "7e3-5e4f12a363480-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 805
GET H2	200	blur_splash.png paidlah.info/img/	48 KB 48 KB	299ms 299ms	Image image/png	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Show image Full URL https://paidlah.info/img/blur_splash.png Requested by Host: paidlah.info URL: https://paidlah.info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `a671794422a6fbede385687dfe032bfbea00dcc50066d90c2a7863b9b1aefbc6` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:13 GMT last-modified Sat, 19 Nov 2022 17:56:56 GMT server Apache accept-ranges bytes etag "be95-5edd68c4a0a00" content-length 48789 content-type image/png
GET H2	200	i.js Show response paidlah.info/zy/api/	13 KB 3 KB	300ms 300ms	Script text/javascript	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/zy/api/i.js?ver=1717083913951 Requested by Host: paidlah.info URL: https://paidlah.info/zy/api/k.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `dbf82bc987446183b84a7c9a342f3f7ecfb1836879ab7a1437b2b2d221a5130a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:14 GMT content-encoding gzip last-modified Sun, 20 Nov 2022 16:13:22 GMT server Apache etag "335f-5ede937bf4c80-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 2542
GET H2	200	favicon.ico paidlah.info/	27 KB 6 KB	297ms 297ms	Other image/x-icon	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `fe745f8e0bf523d857b573bf196a69770c0b1f7c95a3a132feadc23553bc9dac` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 15:45:14 GMT content-encoding gzip last-modified Sun, 20 Nov 2022 18:25:44 GMT server Apache etag "6d26-5edeb11209a00-gzip" vary Accept-Encoding content-type image/x-icon accept-ranges bytes content-length 6279
POST H2	200	api.php Show response paidlah.info/zy/api/	0 41 B	310ms 310ms	XHR text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/zy/api/api.php Requested by Host: paidlah.info URL: https://paidlah.info/zy/api/k.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 30 May 2024 15:45:15 GMT server Apache content-length 0 content-type text/html; charset=UTF-8
POST H2	200	api.php Show response paidlah.info/zy/api/	0 41 B	428ms 428ms	XHR text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/zy/api/api.php Requested by Host: paidlah.info URL: https://paidlah.info/zy/api/k.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 30 May 2024 15:45:16 GMT server Apache content-length 0 content-type text/html; charset=UTF-8
POST H2	200	api.php Show response paidlah.info/zy/api/	0 41 B	309ms 308ms	XHR text/html	107.151.234.108 SNOTIONPTELTD-AS-...
General Check archive.org Show headers Download Go to Full URL https://paidlah.info/zy/api/api.php Requested by Host: paidlah.info URL: https://paidlah.info/zy/api/k.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.151.234.108 , United States, ASN151804 (SNOTIONPTELTD-AS-AP S NOTION PTE. LTD, SG), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://paidlah.info/index.php Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 30 May 2024 15:45:17 GMT server Apache content-length 0 content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DBS Bank (Banking)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paidlah.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: mlecvmjrnucdqhdvlhckho5qgc

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://paidlah.info/img/news/slide_2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paidlah.info/img/news/slide_3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paidlah.info/img/news/slide_4.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

paidlah.info
107.151.234.108
0acdefe2164951522a3032ca13a4f691e14c4823cdca772b4b499a97a6fb27eb
2b2afdc05faf6b897ecb2fe532526752927f5c5cdf5e1452355f9395396b9190
4abb2da3b64e8e609aa66628c237f90fda92dde1f786188c3959db426c9556d5
4af5f120c5a15ae31c05497269b0c91aefad1668413c63e553266cf0d355f741
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
71ac9609b38bb7193aa590b72a2e18ecf603226589e02cd157aa312cc0c70bba
7a0770728c79a82260b1f114005c89f4020d4782efe22f463313918c5e447462
7e16396ef8c0c1249aed9ed2a4120629a50e28070d8469030061cb3a71662ade
a671794422a6fbede385687dfe032bfbea00dcc50066d90c2a7863b9b1aefbc6
dbf82bc987446183b84a7c9a342f3f7ecfb1836879ab7a1437b2b2d221a5130a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe745f8e0bf523d857b573bf196a69770c0b1f7c95a3a132feadc23553bc9dac

paidlah.info Open in urlscan Pro 107.151.234.108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

129 kBTransfer

321 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

paidlah.info Open in urlscan Pro
107.151.234.108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

129 kB
Transfer

321 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!