URL: http://paypal.wallet-activation.com/Update-information.php
Submission: On July 16 via automatic, source openphish

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 198.54.114.150, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is paypal.wallet-activation.com.
This is the only time paypal.wallet-activation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.114.150 22612 (NAMECHEAP...)
2 163.172.224.36 12876 (AS12876)
1 163.172.224.32 12876 (AS12876)
1 163.172.224.33 12876 (AS12876)
5 4
Domain Requested by
2 f.top4top.net paypal.wallet-activation.com
1 c.top4top.net paypal.wallet-activation.com
1 b.top4top.net paypal.wallet-activation.com
1 paypal.wallet-activation.com
5 4

This site contains no links.

Subject Issuer Validity Valid
*.top4top.net
AlphaSSL CA - SHA256 - G2
2017-03-03 -
2018-03-04
a year crt.sh

This page contains 1 frames:

Primary Page: http://paypal.wallet-activation.com/Update-information.php
Frame ID: 10104.1
Requests: 5 HTTP requests in this frame

Screenshot


Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

18 kB
Transfer

261 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Update-information.php
paypal.wallet-activation.com/
257 KB
15 KB
Document
General
Full URL
http://paypal.wallet-activation.com/Update-information.php
Protocol
HTTP/1.1
Server
198.54.114.150 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
server210-1.web-hosting.com
Software
Apache / PHP/5.6.31
Resource Hash
554d833725409b8f10a2fb998203aecabbec29194d10e3d476f84b40a18fc815

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 16 Jul 2017 13:42:56 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.31
Content-Length
15353
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p_506ozncf1.png
f.top4top.net/
742 B
742 B
Image
General
Full URL
https://f.top4top.net/p_506ozncf1.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/Update-information.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.36 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn06.top4top.net
Software
HotCores /
Resource Hash
a25336b837a842944b403d7fe49a9006efbc3550f5c1fa3dae1b5461587202c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/Update-information.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17524289x
Date
Sun, 16 Jul 2017 13:42:56 GMT
Last-Modified
Sun, 21 May 2017 21:42:42 GMT
Server
HotCores
ETag
"592209d2-2e6"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="Logo%20V3.PNG"
Connection
close
Accept-Ranges
bytes
Content-Length
742
Expires
Sun, 16 Jul 2017 15:42:56 GMT
p_506jeg7c1.png
f.top4top.net/
195 B
195 B
Image
General
Full URL
https://f.top4top.net/p_506jeg7c1.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/Update-information.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.36 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn06.top4top.net
Software
HotCores /
Resource Hash
d7dcda3bd1582a3f70567ab4d999c9867f26b3b758e04099866d9ae0f291d7f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/Update-information.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17524175x
Date
Sun, 16 Jul 2017 13:42:56 GMT
Last-Modified
Sun, 21 May 2017 21:37:22 GMT
Server
HotCores
ETag
"59220892-c3"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="Line.PNG"
Connection
close
Accept-Ranges
bytes
Content-Length
195
Expires
Sun, 16 Jul 2017 15:42:56 GMT
p_5068o4r11.png
b.top4top.net/
792 B
792 B
Image
General
Full URL
https://b.top4top.net/p_5068o4r11.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/Update-information.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.32 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
b.top4top.net
Software
HotCores /
Resource Hash
b644f05347c6c8171f701eb2e43c45ed566b027c398df15187831a93d02620d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/Update-information.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17524297x
Date
Sun, 16 Jul 2017 13:42:56 GMT
Last-Modified
Sun, 21 May 2017 21:43:19 GMT
Server
HotCores
ETag
"592209f7-318"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="Mark..PNG"
Connection
close
Accept-Ranges
bytes
Content-Length
792
Expires
Sun, 16 Jul 2017 15:42:56 GMT
p_506npiud1.png
c.top4top.net/
2 KB
2 KB
Image
General
Full URL
https://c.top4top.net/p_506npiud1.png
Requested by
Host: paypal.wallet-activation.com
URL: http://paypal.wallet-activation.com/Update-information.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.224.33 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
cdn03.top4top.net
Software
HotCores /
Resource Hash
d8026052951d334f0834fc44af1c17a413f13f763f724f3fd81480f0daaa81e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://paypal.wallet-activation.com/Update-information.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-File-ID
x17524316x
Date
Sun, 16 Jul 2017 13:42:56 GMT
Last-Modified
Sun, 21 May 2017 21:43:55 GMT
Server
HotCores
ETag
"59220a1b-6ea"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/png
Cache-Control
max-age=7200
Content-Disposition
inline; filename="Logo.PNG"
Connection
close
Accept-Ranges
bytes
Content-Length
1770
Expires
Sun, 16 Jul 2017 15:42:56 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies