fr.paypal.c1401344.ferozo.com Open in urlscan Pro
162.241.203.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html
Effective URL:
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html
Submission: On July 22 via manual (July 22nd 2019, 2:04:45 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 162.241.203.100, located in Provo, United States and belongs to OIS1 - Oso Grande IP Services, LLC, US. The main domain is fr.paypal.c1401344.ferozo.com.

This is the only time fr.paypal.c1401344.ferozo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	103.250.212.193 103.250.212.193	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
3 18	162.241.203.100 162.241.203.100	26337 (OIS1) (OIS1 - Oso Grande IP Services)
17	3

1 103.250.212.193 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: server-5d-r1.ipv4.per01.ds.network

1b3.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 162.241.203.100 (Provo, United States) 3 redirects

ASN26337 (OIS1 - Oso Grande IP Services, LLC, US)
PTR: 162-241-203-100.unifiedlayer.com

fr.paypal.c1401344.ferozo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ferozo.com 3 redirects fr.paypal.c1401344.ferozo.com	89 KB
1	1b3.com.au 1b3.com.au	450 B
0	paypalobjects.com Failed www.paypalobjects.com Failed
17	3

	Domain	Requested by
18	fr.paypal.c1401344.ferozo.com	3 redirects fr.paypal.c1401344.ferozo.com
1	1b3.com.au
0	www.paypalobjects.com Failed	fr.paypal.c1401344.ferozo.com
17	3

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 4 frames:

Primary Page: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html
Frame ID: C735274876F7213453B5E6989B84E6D2
Requests: 12 HTTP requests in this frame

Frame: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource.html
Frame ID: D63D6AB51758032E9144AD824F170F55
Requests: 1 HTTP requests in this frame

Frame: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource(1).html
Frame ID: 6B13D0151E98B85ABC0B107C7FCBC43D
Requests: 2 HTTP requests in this frame

Frame: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/i.html
Frame ID: 18F353550D0C2705EDD4474D72E45174
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html Page URL
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/ HTTP 302
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf HTTP 301
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/ HTTP 301
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

89 kB
Transfer

228 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html Page URL
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/ HTTP 302
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf HTTP 301
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/ HTTP 301
http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	edit_layers.html Show response 1b3.com.au/wp-content/plugins/revslider/css/	195 B 450 B	869ms 472ms	Document text/html	103.250.212.193 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html Protocol HTTP/1.1 Server 103.250.212.193 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS server-5d-r1.ipv4.per01.ds.network Software nginx / Resource Hash `19033f54396df0a23f60c5e947a055044ee7c81c0526f2d33417c169b6f97616` Request headers Host 1b3.com.au Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Mon, 22 Jul 2019 14:04:29 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Last-Modified Mon, 22 Jul 2019 01:26:11 GMT ETag W/"c3-58e3af60f52c0" Content-Encoding gzip
GET H/1.1	200 OK	Primary Request Connectez-vous-votre-compte-PayPal.html Show response fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/ Redirect Chain http://fr.paypal.c1401344.ferozo.com/home/fr/signin/ http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/ http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html	143 KB 56 KB	142ms 141ms	Document text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `034b67a69cff7692d4e63ea6fac3feeead118c58250658549feb34c7d06f8872` Request headers Host fr.paypal.c1401344.ferozo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://1b3.com.au/wp-content/plugins/revslider/css/edit_layers.html Response headers Date Mon, 22 Jul 2019 14:04:32 GMT Server Apache Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Keep-Alive timeout=5, max=72 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html Redirect headers Date Mon, 22 Jul 2019 14:04:32 GMT Server Apache Location Connectez-vous-votre-compte-PayPal.html Content-Length 0 Keep-Alive timeout=5, max=73 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	contextualLogin.css fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	76 KB 22 KB	399ms 142ms	Stylesheet text/css	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/contextualLogin.css Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `87dddc3cf6349281da6d3a298bab9f9cbc4e9b41ae892a9adc345077834852df` Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:33 GMT Content-Encoding gzip Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Server Apache Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=71
GET H/1.1	200 OK	icon-PN-check.png fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	2 KB 2 KB	541ms 141ms	Image image/png	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Show image Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/icon-PN-check.png Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653` Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:33 GMT Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=70 Content-Length 2236
GET H/1.1	200 OK	glyph_alert_critical_big-2x.png fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	6 KB 6 KB	1662ms 138ms	Image image/png	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Show image Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/glyph_alert_critical_big-2x.png Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79` Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=62 Content-Length 5828
GET H/1.1	404 Not Found	pa.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 0	417ms 140ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/pa.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:33 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=68 Content-Length 4677
GET H/1.1	404 Not Found	analytics.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 0	557ms 140ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/analytics.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:33 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=67 Content-Length 4677
GET H/1.1	404 Not Found	miconfig.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 0	697ms 139ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/miconfig.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=66 Content-Length 4677
GET H/1.1	404 Not Found	fb-all-prod.pp2.min.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 0	838ms 140ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/fb-all-prod.pp2.min.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=65 Content-Length 4677
GET H/1.1	404 Not Found	tealeaf-ul-prod_domcap.min.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 0	840ms 140ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/tealeaf-ul-prod_domcap.min.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=64 Content-Length 4677
GET H/1.1	200 OK	w fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/	0 214 B	981ms 138ms	Image text/plain	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Show image Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/w Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=61 Content-Length 0
GET H/1.1	200 OK	saved_resource.html Show response fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/ Frame D63D	149 B 433 B	276ms 138ms	Document text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource.html Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50` Request headers Host fr.paypal.c1401344.ferozo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Response headers Date Mon, 22 Jul 2019 14:04:33 GMT Server Apache Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 145 Keep-Alive timeout=5, max=69 Connection Keep-Alive Content-Type text/html
GET		paypal-logo-129x32.svg www.paypalobjects.com/images/shared/	0 0

GET H/1.1	200 OK	saved_resource(1).html Show response fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/ Frame 6B13	218 B 480 B	281ms 142ms	Document text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource(1).html Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `cc72ad2cc8fed3cedb6a8a453bdb67f1b81fd2257621db5e02021f67a962a85c` Request headers Host fr.paypal.c1401344.ferozo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Server Apache Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 192 Keep-Alive timeout=5, max=63 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	i.html Show response fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/ Frame 18F3	362 B 552 B	261ms 138ms	Document text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/i.html Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Protocol HTTP/1.1 Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `a086b105767c6d9e865e698476dbad144cdec7e5719da98746ddd1eafeedc514` Request headers Host fr.paypal.c1401344.ferozo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal.html Response headers Date Mon, 22 Jul 2019 14:04:34 GMT Server Apache Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 264 Keep-Alive timeout=5, max=60 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	counter.cgi fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/ Frame 6B13	42 B 288 B	405ms 145ms	Image application/cgi	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Show image Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/counter.cgi Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource(1).html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash `47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292` Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/saved_resource(1).html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:35 GMT Last-Modified Mon, 22 Jul 2019 14:04:32 GMT Server Apache Content-Type application/cgi Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=59 Content-Length 42
GET H/1.1	404 Not Found	fb-all-prod.pp2.min.js.t%C3%A9l%C3%A9chargement fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/ Frame 18F3	0 0	158ms 142ms	Script text/html	162.241.203.100 Oso Grande IP Ser...
General Check archive.org Show headers Download Go to Full URL http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/fb-all-prod.pp2.min.js.t%C3%A9l%C3%A9chargement Requested by Host: fr.paypal.c1401344.ferozo.com URL: http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/i.html Protocol HTTP/1.1 Security , , Server 162.241.203.100 Provo, United States, ASN26337 (OIS1 - Oso Grande IP Services, LLC, US), Reverse DNS 162-241-203-100.unifiedlayer.com Software Apache / Resource Hash Request headers Referer http://fr.paypal.c1401344.ferozo.com/home/fr/signin/b7fbf/Connectez-vous-votre-compte-PayPal_files/i.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 22 Jul 2019 14:04:35 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 05:15:50 GMT Server Apache Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=58 Content-Length 4677

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b3.com.au
fr.paypal.c1401344.ferozo.com
www.paypalobjects.com
www.paypalobjects.com
103.250.212.193
162.241.203.100
034b67a69cff7692d4e63ea6fac3feeead118c58250658549feb34c7d06f8872
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
19033f54396df0a23f60c5e947a055044ee7c81c0526f2d33417c169b6f97616
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
87dddc3cf6349281da6d3a298bab9f9cbc4e9b41ae892a9adc345077834852df
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a086b105767c6d9e865e698476dbad144cdec7e5719da98746ddd1eafeedc514
cc72ad2cc8fed3cedb6a8a453bdb67f1b81fd2257621db5e02021f67a962a85c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

fr.paypal.c1401344.ferozo.com Open in urlscan Pro 162.241.203.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

89 kBTransfer

228 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

0 Cookies

Indicators

fr.paypal.c1401344.ferozo.com Open in urlscan Pro
162.241.203.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

89 kB
Transfer

228 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!