translated.turbopages.org
Open in
urlscan Pro
2a02:6b8::1:193
Malicious Activity!
Public Scan
Effective URL: https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/home
Submission: On January 25 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 6th 2023. Valid for: 6 months.
This is the only time translated.turbopages.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 15 | 2a02:6b8::1:193 2a02:6b8::1:193 | 13238 (YANDEX) (YANDEX) | |
1 1 | 2a02:6b8::193 2a02:6b8::193 | 13238 (YANDEX) (YANDEX) | |
7 | 2a02:6b8:20::215 2a02:6b8:20::215 | 13238 (YANDEX) (YANDEX) | |
6 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
4 | 2a02:6b8::2:242 2a02:6b8::2:242 | 13238 (YANDEX) (YANDEX) | |
3 | 2a02:6b8:a::a 2a02:6b8:a::a | 13238 (YANDEX) (YANDEX) | |
1 | 2a02:6b8::194 2a02:6b8::194 | 13238 (YANDEX) (YANDEX) | |
1 | 151.101.1.35 151.101.1.35 | 54113 (FASTLY) (FASTLY) | |
42 | 8 |
ASN13238 (YANDEX, RU)
z5h64q92x9.net | |
translated.turbopages.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
turbopages.org
1 redirects
translated.turbopages.org — Cisco Umbrella Rank: 512753 |
2 MB |
7 |
yastatic.net
yastatic.net — Cisco Umbrella Rank: 6536 |
91 KB |
6 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611 |
153 KB |
4 |
ya.ru
ya.ru — Cisco Umbrella Rank: 20370 |
2 KB |
4 |
yandex.ru
1 redirects
translate.yandex.ru — Cisco Umbrella Rank: 188668 yandex.ru — Cisco Umbrella Rank: 2180 |
2 KB |
1 |
paypal.com
t.paypal.com — Cisco Umbrella Rank: 3523 www.paypal.com Failed |
757 B |
1 |
yandex.net
translate.yandex.net — Cisco Umbrella Rank: 28068 |
3 KB |
1 |
z5h64q92x9.net
1 redirects
z5h64q92x9.net — Cisco Umbrella Rank: 163725 |
462 B |
42 | 8 |
Domain | Requested by | |
---|---|---|
14 | translated.turbopages.org |
1 redirects
translated.turbopages.org
|
7 | yastatic.net |
translated.turbopages.org
|
6 | www.paypalobjects.com |
translated.turbopages.org
www.paypalobjects.com |
4 | ya.ru |
yastatic.net
|
3 | yandex.ru |
translated.turbopages.org
|
1 | t.paypal.com |
translated.turbopages.org
|
1 | translate.yandex.net |
yastatic.net
|
1 | translate.yandex.ru | 1 redirects |
1 | z5h64q92x9.net | 1 redirects |
0 | www.paypal.com Failed |
translated.turbopages.org
|
42 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
z5h64q92x9.net GlobalSign RSA OV SSL CA 2018 |
2023-09-06 - 2024-03-06 |
6 months | crt.sh |
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-20 - 2024-07-21 |
7 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2023-10-13 - 2024-08-20 |
10 months | crt.sh |
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018 |
2023-10-26 - 2024-04-24 |
6 months | crt.sh |
translate.yandex.net GlobalSign RSA OV SSL CA 2018 |
2023-11-29 - 2024-05-04 |
5 months | crt.sh |
t.paypal.com DigiCert SHA2 Extended Validation Server CA |
2023-09-21 - 2024-10-21 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/home
Frame ID: 3049CDF0DCD010065E3B1EE4C2EE0E5B
Requests: 45 HTTP requests in this frame
Frame:
https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
Frame ID: 7BD5FD646CD4B35117DD202141BBDF64
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://z5h64q92x9.net/proxy_u/de-ru.ru/https/www.paypal.com/de/webapps/mpp/home/
HTTP 307
https://translate.yandex.ru/translate?dir=&lang=de-ru&ui=ru&url=https%3A%2F%2Fwww.paypal.com%2Fde%2Fweba... HTTP 302
https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.co... HTTP 307
https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.co... Page URL
Detected technologies
PayPal (Payment Processors) ExpandDetected patterns
- paypalobjects\.com
React (JavaScript Frameworks) Expand
Detected patterns
- react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://z5h64q92x9.net/proxy_u/de-ru.ru/https/www.paypal.com/de/webapps/mpp/home/
HTTP 307
https://translate.yandex.ru/translate?dir=&lang=de-ru&ui=ru&url=https%3A%2F%2Fwww.paypal.com%2Fde%2Fwebapps%2Fmpp%2Fhome%2F HTTP 302
https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/webapps/mpp/home/ HTTP 307
https://translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/home Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home
translated.turbopages.org/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/ Redirect Chain
|
195 KB 195 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
turbo.js
yastatic.net/s3/translate/v129.2/dist/scripts/bundles/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_common.css
yastatic.net/s3/translate/v129.2/dist/styles/misc/ |
65 B 597 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_popup.css
yastatic.net/s3/translate/v129.2/dist/styles/misc/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_stripe.css
yastatic.net/s3/translate/v129.2/dist/styles/misc/ |
32 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page.js
yastatic.net/s3/translate/v129.2/dist/scripts/addons/ |
223 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tr_page_worker.js
yastatic.net/s3/translate/v129.2/dist/scripts/addons/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngrlCaptcha.min.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/webcaptcha/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
PayPalOpen-Regular.woff2
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/paypal-ui/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalOpen-Bold.woff2
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/paypal-ui/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
217af101848fce81210d23446a152868a15e4e.css
www.paypalobjects.com/marketing-resources/css/5f/ |
708 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-be98fc6d.css
www.paypalobjects.com/globalnav/css/ |
407 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-6f6f53ac.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/globalnav/js/ |
65 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr-homepage-app-download.svg
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/marketing/web/US/en/rebrand/qrcodes/ |
59 KB 60 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-17_0_1-bundle.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/marketing-resources/vendors/ |
132 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lottie-web-5_9_4.min.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/marketing-resources/vendors/ |
273 KB 273 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emotion-react-11_9_0-bundle.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/marketing-resources/vendors/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/pa/js/min/ |
69 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-chat.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/helpcenter/smartchat/sales/v1/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marketingIntentsV2.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/activation/js/ |
554 B 619 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5268aaf3e29baeb88236d252dacf5a8a6005e5.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/marketing-resources/js/4a/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptchav3.js
translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/auth/createchallenge/8ec69c1372fa7f5c/ |
11 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-mark-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
485 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalOpen-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-color.svg
www.paypalobjects.com/paypal-ui/logos/svg/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalOpen-Bold.woff2
www.paypalobjects.com/paypal-ui/fonts/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
turbo.js
yastatic.net/s3/translate/v129.2/dist/scripts/bundles/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
*
ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=4014fd95.65b227d2.e7f4b5ae.74722d75726c/ytr_referer=https%3A%2F%2Ftranslated.turbopages.org%2Fproxy_u%2Fde-ru.ru.66a087bb-65b227d0-c9bf3732-74... |
43 B 1 KB |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
*
ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=4014fd95.65b227d2.e7f4b5ae.74722d75726c/ytr_referer=https%3A%2F%2Ftranslated.turbopages.org%2Fproxy_u%2Fde-ru.ru.66a087bb-65b227d0-c9bf3732-74... |
43 B 460 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
*
ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=4014fd95.65b227d2.e7f4b5ae.74722d75726c/ytr_referer=https%3A%2F%2Ftranslated.turbopages.org%2Fproxy_u%2Fde-ru.ru.66a087bb-65b227d0-c9bf3732-74... |
43 B 455 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=4539/ytr_host=https%3A%2F%2Fwww.paypal.com%2Fde%2Fhome/ytr_lang=de-ru/ytr_url=https%3A%2F%2Fww... |
43 B 743 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate
translate.yandex.net/api/v1/tr.json/ |
2 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
418 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
602 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 757 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
eligibility
www.paypal.com/smartchat/open/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
*
ya.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_sid=4014fd95.65b227d2.e7f4b5ae.74722d75726c/ytr_referer=https%3A%2F%2Ftranslated.turbopages.org%2Fproxy_u%2Fde-ru.ru.66a087bb-65b227d0-c9bf3732-74... |
43 B 128 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=436/ytr_error=0/ytr_counter=1/ytr_host=https%3A%2F%2Fwww.paypal.com%2Fde%2Fhome/ytr_lang=de-ru/ytr_... |
43 B 126 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=5230/ytr_host=https://www.paypal.com/de/home/ytr_lang=en-ru/ytr_url=https://www.paypal.com/de/home/ytr_sid=401... |
43 B 125 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
de
www.paypal.com/de/webapps/mpp/rest/cookie-banner/DE/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
de
www.paypal.com/de/webapps/mpp/rest/cookie-banner/DE/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
grcenterprise_v3.html
www.paypal.com/auth/recaptcha/ Frame 7BD5 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ts
t.paypal.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ts
t.paypal.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- translated.turbopages.org
- URL
- https://translated.turbopages.org/proxy_u/0.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypalobjects.com/paypal-ui/fonts/PayPalOpen-Regular.woff2
- Domain
- www.paypal.com
- URL
- https://www.paypal.com/smartchat/open/eligibility?intent=SALESCHAT&page=/proxy_u/de-ru.ru.66a087bb-65b227d0-c9bf3732-74722d776562/https/www.paypal.com/de/home
- Domain
- www.paypal.com
- URL
- https://www.paypal.com/de/webapps/mpp/rest/cookie-banner/DE/de
- Domain
- www.paypal.com
- URL
- https://www.paypal.com/de/webapps/mpp/rest/cookie-banner/DE/de
- Domain
- www.paypal.com
- URL
- https://www.paypal.com/auth/recaptcha/grcenterprise_v3.html
- Domain
- t.paypal.com
- URL
- https://t.paypal.com/ts?v=1.8.13&t=1706174421041&g=-60&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome%3A%3A%3A&pgst=Unknown&calc=f481428aee725&nsid=ojZW86x3xlIXsAN11YH6MqxIXA3_BNOl&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=de&csci=657356c3595146209d3d2d3671d75b70&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105415%2C104449%2C105841&xt=135822%2C142459%2C135141&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&page_type=ecm&server=origin&shir=main_mktg_personal_homepage&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&event_name=ppcom_page_viewed&e=im&imsrc=setup&view=%7B%22t10%22%3A1%2C%22t11%22%3A5139%2C%22tcp%22%3A3994%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A0%7D&pt=PayPal%20Konto%20%7C%20Digitale%20Mobile%20Wallet%20%7C%20PayPal%20DE&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=1491&t3=174&t4d=0&t4=0&t4e=4541&tt=0&rdc=0&protocol=h2&res=%7B%7D&rtt=205&3p_vid=217387221af439a5&3p_fpti=ffb06056c160e16
- Domain
- t.paypal.com
- URL
- https://t.paypal.com/ts?v=1.8.13&t=1706174421047&g=-60&pgrp=main%3Amktg%3Apersonal%3Ahomepage%3Ahome&page=main%3Amktg%3Apersonal%3Ahomepage%3Ahome%3A%3A%3A&pgst=Unknown&calc=f481428aee725&nsid=ojZW86x3xlIXsAN11YH6MqxIXA3_BNOl&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=de&csci=657356c3595146209d3d2d3671d75b70&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=gdpr_v2.1&xe=105415%2C104449%2C105841&xt=135822%2C142459%2C135141&pgld=Unknown&bzsr=main&bchn=mktg&pgsf=personal&lgin=out&page_type=ecm&server=origin&shir=main_mktg_personal_homepage&pros=1&lgcook=0&event_props=cu%2Clgin%2Cpage%2Cxe%2Cxt&user_props=cu%2Cxe%2Cxt&page_segment=ppcom&lcp=3993.800000190735&lcp_attr=%7B%22el%22%3A%22div.text-group.text-group-alignment-start%3Ediv%3Eh1.text-group-headline.heading-text-size-headline-1%22%2C%22ttfb%22%3A3651%2C%22rld%22%3A0%2C%22rlt%22%3A0%2C%22erd%22%3A342.80000019073486%2C%22rating%22%3A%22needs-improvement%22%7D&cls=0.0038000575459798177&cls_attr=%7B%22lsTrgt%22%3A%22p.nav-banner-button-bar.nav-banner-content%3Espan.nav-banner-item-paragraph.body-text-size-body%22%2C%22lsTime%22%3A4980.10000038147%2C%22lsv%22%3A0.0019096624552408855%2C%22rating%22%3A%22good%22%7D&e=cwv&3p_vid=217387221af439a5&3p_fpti=ffb06056c160e16
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.z5h64q92x9.net/ | Name: _yasc Value: pFi0MJ+rDL5Bsl/30GNRXoumQbg2J/Jklk7+WV57ARDKiveDeVmfixvT99x7Bi60xg== |
|
translate.yandex.ru/ | Name: first_visit Value: 1 |
|
translate.yandex.ru/ | Name: first_visit_src Value: organic |
|
translate.yandex.ru/ | Name: _GdCk Value: nku000s7wxxs |
|
.yandex.ru/ | Name: _yasc Value: 6NHL0MRpVCA8eVAj3e0HYB92QNOYIzoTTGObEXebnBtMTQb8lDeNn9myEIR/3ZBIhA== |
|
.yandex.ru/ | Name: i Value: HKTpGITmM3BjZ3cHds5vGkqrlzjePX12pinCHtbPLc1gU93JAR3MVj1exsMXZ7yssNWoA6nQzCt3dgk4F9X3Js7snNU= |
|
.yandex.ru/ | Name: yandexuid Value: 1289889731706174416 |
|
.turbopages.org/ | Name: _yasc Value: Aj5GHNm+Y6Bft9QXxpJ7iTjv+hJCe+WpsmoFbnJ9vunrDVJW8p7sLhEaOgCOcQG7nw== |
|
translated.turbopages.org/ | Name: _GdCk Value: 73v000s7wxxw |
|
.yandex.ru/ | Name: yashr Value: 1528287621706174420 |
|
.paypal.com/ | Name: ts_c Value: vr%3Dffb06056c160e16%26vt%3D217387221af439a5 |
|
.ya.ru/ | Name: i Value: Ua5wbDkOsE9WT5qtvj17miJ/In7cu8VtGSfx4eb7RNAtr7XTJKN2WR6N//7kjIcOKnuXNC0A4KtDih0oWxCo49gP5xw= |
|
.ya.ru/ | Name: yandexuid Value: 3512318181706174420 |
|
.ya.ru/ | Name: yashr Value: 7523222151706174420 |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1800782421%26vteXpYrS%3D1706176221%26vr%3Dffb06056c160e16%26vt%3D217387221af439a5 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
t.paypal.com
translate.yandex.net
translate.yandex.ru
translated.turbopages.org
www.paypal.com
www.paypalobjects.com
ya.ru
yandex.ru
yastatic.net
z5h64q92x9.net
t.paypal.com
translated.turbopages.org
www.paypal.com
151.101.1.35
151.101.130.133
2a02:6b8:20::215
2a02:6b8::193
2a02:6b8::194
2a02:6b8::1:193
2a02:6b8::2:242
2a02:6b8:a::a
0ae43ce889e681571d03d344efe658dd4ae957c10a186541aa5c59af478b92de
0ec34b2c64cf8ac9e34f0ab429c9b2909b504c4c4ffc9a550a4a39771d410ec8
14b115962568cd6f5d13b90a09a767ec1f5a55966e493bfc5355cc0e8c942d31
15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
25bfbe89ff67a321b6a4cfa93696806a1666010069af7cf7cd0a4af56ee5dda2
25fee228870a47e60a3364441f6ee08c554dcda68e14de11204643f4f11d50a0
387a5eb25ad92e9da8b48aad6a7545ead0f5f3377b8b267c5814ae0f3ea8705c
4b58dfa9c08da7011544d09166e6de38c3998e09193872cea7061d0e03c08055
5618cf16a1aa54e9fd30e8a335ad7ea4856f24bda1b9dc41eb44b6a0c579dccb
567cb7473b4b7ee1aa3229ce3f1376706644517e03de2ec708e38308216cc3e1
5c7a99b43c1be7d66d5bdad96ba3d8eb997b46b525d6c68180d37ef641faa4cd
5f121edcf8061e4c0c95be5259251d05f7b96cc3cfb8279e5986443abcefa56d
64ff50635f01862246140b7752377d30beb0129cc2c3637b52327d0af8f2671b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
790bd15cccc54d6c2a4b8c544264ead16b37e0dd658ab1e695eff50107db7b74
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
7fe104ef0b2393d5080f476040abd3ce6009754cf8c18c4458650e4dd2adf0fc
9924560b9904ab7730ef349123a92bdd7f5aec477051fbe927d951970c78a69f
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9b6299e1e0491d2997ca180ee4adb77cdb5568c1307d54441a6074c738c2a047
9c665932508473283a759bd63478698ac0abef6f08d0e99b8d9941533093c03b
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
be98fc6d26677a745fdd5372448a0c1073fa4b24522d34fa38ec38bc636b6c16
cda7704463471358975d47c1934b73ae57baea4741abb04c0abfe9e9ebb20659
d83b795a23947b8db87e38319edf3f4e62e569bfe7cec19e64fb3e6dab62471f
d87a82a19a542555800a35e73b60c0fbd3d164126947a1e123c1f85af21aa59d
e50a57bb7af15f3f4f76136e2c972feb14d1bac7b946aa5d36850d6121971caf
ed33126cc25dfc355209696ca9a928f9a9bd4eb503d24557534c3b04fd614012
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5