paypal.bsphish.com Open in urlscan Pro
50.116.10.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paypal.bsphish.com/
Submission: On May 02 via automatic, source certstream-suspicious (May 2nd 2024, 3:19:48 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 50.116.10.138, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is paypal.bsphish.com.
TLS certificate: Issued by R3 on April 9th 2024. Valid for: 3 months.

This is the only time paypal.bsphish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	50.116.10.138 50.116.10.138	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	199.232.199.181 199.232.199.181	54113 (FASTLY) (FASTLY)
2	2a04:4e42:600... 2a04:4e42:600::591	54113 (FASTLY) (FASTLY)
18	3

15 50.116.10.138 (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 50-116-10-138.ip.linodeusercontent.com

paypal.bsphish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.199.181 (United States)

ASN54113 (FASTLY, US)

brick.a.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::591 (United States)

ASN54113 (FASTLY, US)

brick.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bsphish.com paypal.bsphish.com	156 KB
3	fastly.net brick.a.ssl.fastly.net — Cisco Umbrella Rank: 124969 brick.freetls.fastly.net — Cisco Umbrella Rank: 104172	77 KB
18	2

	Domain	Requested by
15	paypal.bsphish.com	paypal.bsphish.com
2	brick.freetls.fastly.net	brick.a.ssl.fastly.net
1	brick.a.ssl.fastly.net	paypal.bsphish.com
18	3

This site contains links to these domains. Also see Links.

Domain
breachsmart.com

Subject Issuer	Validity	Valid
bsphish.com R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.a.ssl.fastly.net Certainly Intermediate R1	`2024-04-13` - `2024-05-13`	a month	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://paypal.bsphish.com/
Frame ID: 375E8E134A6122E11A5B1DF7F25BD081
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing Portal

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

233 kB
Transfer

711 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://breachsmart.com/
Title: Official Site

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
paypal.bsphish.com/ 4 KB
2 KB 522ms
172ms Document
text/html 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8366b8d62406c46dc4b4a36da9b76690ef70513811ff1b3af1f917826a69fda2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1241
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 03:19:43 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK Montserrat:300,400,500,600,700
brick.a.ssl.fastly.net/ 870 B
756 B 135ms
42ms Stylesheet
text/css 199.232.199.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://brick.a.ssl.fastly.net/Montserrat:300,400,500,600,700

Requested by

Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.199.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Brick /

Resource Hash

c413d9ee0b7004fddb1b250952be4e5030e1d2d886fdff7a97696169c00dd84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Thu, 16 May 2024 10:24:38 UTC
Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 varnish
Age: 1392905
X-Cache: HIT
Connection: keep-alive
Content-Length: 205
X-Served-By: cache-cph2320041-CPH
Pragma: Public
Last-Modified: Fri, 05 Jan 2024 19:12:42 UTC
Server: Brick
X-Timer: S1714619984.061078,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2628000
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK bootstrap.min.css
paypal.bsphish.com/node_modules/bootstrap/dist/css/ 158 KB
24 KB 174ms
173ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "278e1-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24150

GET
H/1.1 200
OK iziToast.min.css
paypal.bsphish.com/node_modules/izitoast/dist/css/ 41 KB
11 KB 499ms
167ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/izitoast/dist/css/iziToast.min.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a221-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10437

GET
H/1.1 200
OK select2.min.css
paypal.bsphish.com/node_modules/select2/dist/css/ 15 KB
2 KB 500ms
167ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/select2/dist/css/select2.min.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3a76-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1998

GET
H/1.1 200
OK bs-tabulator.css
paypal.bsphish.com/assets/css/ 19 KB
3 KB 506ms
168ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/css/bs-tabulator.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: abf718afdffa48a523f9c631628a55beae0b880b2fcc42795af896ee43b3d259

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:11 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4aa7-5d6725a2bf7c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2984

GET
H/1.1 200
OK all.min.css
paypal.bsphish.com/assets/vendor/fontawesome-pro/css/ 63 KB
13 KB 513ms
170ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/vendor/fontawesome-pro/css/all.min.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:27 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "fd25-5d6725b201bc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13243

GET
H/1.1 200
OK spark.css
paypal.bsphish.com/assets/css/ 130 KB
19 KB 531ms
179ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/css/spark.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: effc5bd6168e9ddbf510bb7b98b7130b3029d633d93596e8498e4f429b5c38c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:12 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "20743-5d6725a3b3a00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19246

GET
H/1.1 200
OK bs-main.css
paypal.bsphish.com/assets/css/ 5 KB
2 KB 529ms
176ms Stylesheet
text/css 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/css/bs-main.css
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c917b69a1a26571efa1646b438cb073be0699b334f583b227e932bdbce82c5b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:13 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "12ad-5d6725a4a7c40-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1468

GET
H/1.1 200
OK jquery.min.js Show response
paypal.bsphish.com/node_modules/jquery/dist/ 87 KB
31 KB 671ms
171ms Script
text/javascript 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/jquery/dist/jquery.min.js
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "15d9d-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30902

GET
H/1.1 200
OK bootstrap.min.js Show response
paypal.bsphish.com/node_modules/bootstrap/dist/js/ 61 KB
15 KB 669ms
168ms Script
text/javascript 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "f3e8-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15286

GET
H/1.1 200
OK iziToast.min.js Show response
paypal.bsphish.com/node_modules/izitoast/dist/js/ 18 KB
5 KB 675ms
169ms Script
text/javascript 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/node_modules/izitoast/dist/js/iziToast.min.js
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4836-1c5fc537f6900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5080

GET
H/1.1 200
OK spark.js Show response
paypal.bsphish.com/assets/js/ 4 KB
1 KB 682ms
169ms Script
text/javascript 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/js/spark.js
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d5c2a8efbf88eec66d3b712db988d1b4d6d1f4b74f96ff47ca2adea066451f5a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:24 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "ed3-5d6725af25500-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1074

GET
H/1.1 200
OK bs-main.js Show response
paypal.bsphish.com/assets/js/ 6 KB
2 KB 705ms
176ms Script
text/javascript 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/js/bs-main.js
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: d9f44bd08fdaac27306f597b76ca70b57ec3c2fc09aaa9abd9a134c44b97ba63

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 01:45:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "174a-5d6725ae312c0-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1716

GET
H2 200 300.woff
brick.freetls.fastly.net/fonts/montserrat/ 38 KB
38 KB 68ms
19ms Font
application/font-woff 2a04:4e42:600::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://brick.freetls.fastly.net/fonts/montserrat/300.woff
Requested by: Host: brick.a.ssl.fastly.net
URL: https://brick.a.ssl.fastly.net/Montserrat:300,400,500,600,700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a61322f97db4f40edc548ecf17dc4cc2b4c9087520caecb9924d312c7563ba3e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://brick.a.ssl.fastly.net/
Origin: https://paypal.bsphish.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220092-FRA
date: Thu, 02 May 2024 03:19:44 GMT
via: 1.1 varnish
last-modified: Fri, 05 Jan 2024 19:09:54 GMT
server: nginx
age: 14561
x-timer: S1714619985.727726,VS0,VE1
etag: "65985402-97d0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 38864
x-cache-hits: 0

GET
H2 200 400.woff
brick.freetls.fastly.net/fonts/montserrat/ 38 KB
38 KB 68ms
20ms Font
application/font-woff 2a04:4e42:600::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://brick.freetls.fastly.net/fonts/montserrat/400.woff
Requested by: Host: brick.a.ssl.fastly.net
URL: https://brick.a.ssl.fastly.net/Montserrat:300,400,500,600,700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e7b9bd3636f99a677ea66d7e169eb7d6684e4baea8591f83115973746fc7ac0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://brick.a.ssl.fastly.net/
Origin: https://paypal.bsphish.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220092-FRA
date: Thu, 02 May 2024 03:19:44 GMT
via: 1.1 varnish
last-modified: Fri, 05 Jan 2024 19:09:54 GMT
server: nginx
age: 73928
x-timer: S1714619985.727712,VS0,VE1
etag: "65985402-97ec"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 38892
x-cache-hits: 0

GET
H/1.1 200
OK OpenSans-400.woff
paypal.bsphish.com/assets/fonts/ 21 KB
22 KB 176ms
176ms Font
font/woff 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/fonts/OpenSans-400.woff
Requested by: Host: paypal.bsphish.com
URL: https://paypal.bsphish.com/assets/css/bs-main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/assets/css/bs-main.css
Origin: https://paypal.bsphish.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Last-Modified: Wed, 26 Jan 2022 01:45:48 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "55c4-5d6725c608b00"
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21956

GET
H/1.1 200
OK favicon.png
paypal.bsphish.com/assets/images/ 3 KB
4 KB 175ms
175ms Other
image/png 50.116.10.138
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://paypal.bsphish.com/assets/images/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.116.10.138 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 50-116-10-138.ip.linodeusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 5924f60f473ebc99009199dc739804f3a4173971563ac5aa5f95a3aabf9b51cd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://paypal.bsphish.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 03:19:44 GMT
Last-Modified: Wed, 26 Jan 2022 01:45:22 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "da7-5d6725ad3d080"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3495

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paypal.bsphish.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: nk1asuot0f3e7l9h6u75t51u53

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brick.a.ssl.fastly.net
brick.freetls.fastly.net
paypal.bsphish.com
199.232.199.181
2a04:4e42:600::591
50.116.10.138
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
3e7b9bd3636f99a677ea66d7e169eb7d6684e4baea8591f83115973746fc7ac0
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
5924f60f473ebc99009199dc739804f3a4173971563ac5aa5f95a3aabf9b51cd
766618d32072335f0a3da8b317bb095e5541de3e20068bcdd31cc638478f0188
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
8366b8d62406c46dc4b4a36da9b76690ef70513811ff1b3af1f917826a69fda2
90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3
a61322f97db4f40edc548ecf17dc4cc2b4c9087520caecb9924d312c7563ba3e
abf718afdffa48a523f9c631628a55beae0b880b2fcc42795af896ee43b3d259
c413d9ee0b7004fddb1b250952be4e5030e1d2d886fdff7a97696169c00dd84e
c917b69a1a26571efa1646b438cb073be0699b334f583b227e932bdbce82c5b7
d5c2a8efbf88eec66d3b712db988d1b4d6d1f4b74f96ff47ca2adea066451f5a
d9f44bd08fdaac27306f597b76ca70b57ec3c2fc09aaa9abd9a134c44b97ba63
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
effc5bd6168e9ddbf510bb7b98b7130b3029d633d93596e8498e4f429b5c38c5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

paypal.bsphish.com Open in urlscan Pro 50.116.10.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

233 kBTransfer

711 kBSize

1 Cookies

1 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

paypal.bsphish.com Open in urlscan Pro
50.116.10.138 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

233 kB
Transfer

711 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions