07dd96.htmlcomponentservice.com
Open in
urlscan Pro
2a00:1450:4001:809::2013
Malicious Activity!
Public Scan
Submission: On August 24 via manual from US
Summary
This is the only time 07dd96.htmlcomponentservice.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a00:1450:400... 2a00:1450:4001:809::2013 | 15169 (GOOGLE) (GOOGLE) | |
22 | 184.25.158.196 184.25.158.196 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:801::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:824::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 23.43.117.160 23.43.117.160 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
26 | 5 |
ASN15169 (GOOGLE, US)
07dd96.htmlcomponentservice.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-25-158-196.deploy.static.akamaitechnologies.com
www.paypalobjects.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-117-160.deploy.static.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
paypalobjects.com
www.paypalobjects.com |
236 KB |
1 |
paypal.com
t.paypal.com |
748 B |
1 |
google.de
www.google.de |
107 B |
1 |
google.com
1 redirects
www.google.com |
155 B |
1 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net |
253 B |
1 |
htmlcomponentservice.com
07dd96.htmlcomponentservice.com |
8 KB |
0 |
bluelithium.com
Failed
ads.bluelithium.com Failed |
|
26 | 7 |
Domain | Requested by | |
---|---|---|
22 | www.paypalobjects.com |
07dd96.htmlcomponentservice.com
www.paypalobjects.com |
1 | t.paypal.com | |
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | googleads.g.doubleclick.net | 1 redirects |
1 | 07dd96.htmlcomponentservice.com | |
0 | ads.bluelithium.com Failed | |
26 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypal.com |
www.paypal-promo.com |
www.paypal-media.com |
www.thepaypalblog.com |
www.paypal-labs.com |
www.ebay.com |
www.paypal.ca |
www.paypal.com.mx |
www.paypal.co.uk |
www.paypal.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-12 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://07dd96.htmlcomponentservice.com/get_draft?id=90a690_4bc1c646ed00e3ef15fe7ea7cd20122b.html
Frame ID: A7725DA87F191DFBE4A7C18BCC82BF86
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
Google App Engine (Web Servers) ExpandDetected patterns
- headers server /Google Frontend/i
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: forgot? Close Forgot your email address? Enter up to 3 of your email addresses and we'll help you find your account. Get started
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Buy
Search URL Search Domain Scan URL
Title: Make a Payment...
Search URL Search Domain Scan URL
Title: How to Purchase Online
Search URL Search Domain Scan URL
Title: How to Purchase in Stores
Search URL Search Domain Scan URL
Title: Sell
Search URL Search Domain Scan URL
Title: Request a Payment...
Search URL Search Domain Scan URL
Title: How to Sell Online
Search URL Search Domain Scan URL
Title: Transfer
Search URL Search Domain Scan URL
Title: Send Someone Money...
Search URL Search Domain Scan URL
Title: Explore
Search URL Search Domain Scan URL
Title: Sign Up for Free
Search URL Search Domain Scan URL
Title: More about buying
Search URL Search Domain Scan URL
Title: More about selling
Search URL Search Domain Scan URL
Title: More about transferring
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Fees
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Why PayPal
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: About PayPal
Search URL Search Domain Scan URL
Title: Merchant services
Search URL Search Domain Scan URL
Title: PayPal blog
Search URL Search Domain Scan URL
Title: PayPal Labs
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Site map
Search URL Search Domain Scan URL
Title: eBay
Search URL Search Domain Scan URL
Title: Privacy policy
Search URL Search Domain Scan URL
Title: Legal agreements
Search URL Search Domain Scan URL
Title: terms and conditions
Search URL Search Domain Scan URL
Title: United States
Search URL Search Domain Scan URL
Title: Canada
Search URL Search Domain Scan URL
Title: Mexico
Search URL Search Domain Scan URL
Title: United Kingdom
Search URL Search Domain Scan URL
Title: Australia
Search URL Search Domain Scan URL
Title: See all countries
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984570777/?value=0&label=xuVFCJezswQQmbe91QM&guid=ON&script=0&ts=1598285162552 HTTP 302
- https://www.google.com/pagead/1p-user-list/984570777/?value=0&label=xuVFCJezswQQmbe91QM&guid=ON&script=0&is_vtc=1&random=2216620808 HTTP 302
- https://www.google.de/pagead/1p-user-list/984570777/?value=0&label=xuVFCJezswQQmbe91QM&guid=ON&script=0&is_vtc=1&random=2216620808&ipr=y
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
get_draft
07dd96.htmlcomponentservice.com/ |
29 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53459a7e7974a1f2c7366be247a735.css
www.paypalobjects.com/eboxapps/css/9f/ |
137 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a28837097160c3d95d654741539edc.css
www.paypalobjects.com/eboxapps/css/c4/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d4f5b0a1a2c67a3caf69a0c969cb5.js
www.paypalobjects.com/eboxapps/js/fe/ |
43 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_paypal_106x29.png
www.paypalobjects.com/webstatic/i/sparta/logo/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-buy.png
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-sell.png
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-transfer.png
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
731118da4b492abd11fe676d0fdc5d.js
www.paypalobjects.com/eboxapps/js/f0/ |
205 KB 64 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7d58619320ba24f33943d42cb1379.js
www.paypalobjects.com/eboxapps/js/52/ |
48 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp_jscode_080706.js
www.paypalobjects.com/js/site_catalyst/ |
60 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
www.paypalobjects.com/pa/js/min/ |
46 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scr_gray-bkgd.png
www.paypalobjects.com/webstatic/i/ex_ce2/scr/ |
440 B 649 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scr_content-bkgd.png
www.paypalobjects.com/webstatic/i/ex_ce2/scr/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scr_gray-bkgd.png
www.paypalobjects.com/webstatic/i/sparta/scr/ |
440 B 670 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_ia.png
www.paypalobjects.com/webstatic/i/sparta/sprite/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interior-gradient-bottom.png
www.paypalobjects.com/webstatic/mktg/consumer/gradients/ |
110 B 347 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interior-gradient-top.png
www.paypalobjects.com/webstatic/mktg/consumer/gradients/ |
112 B 349 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-signup-v2.jpg
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
29 KB 29 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vertical-gradient-sprite.png
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
571 B 779 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-gradient-top.png
www.paypalobjects.com/webstatic/mktg/consumer/pages/home/ |
104 B 340 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_flag_22x16.png
www.paypalobjects.com/webstatic/i/sparta/sprite/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_ia.png
www.paypalobjects.com/webstatic/i/ex_ce2/sprite/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pixel
ads.bluelithium.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/984570777/ Redirect Chain
|
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 748 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ads.bluelithium.com
- URL
- https://ads.bluelithium.com/pixel?id=2041741&t=2&ts=1598285162552
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| antiClickjack object| Modernizr string| opCreativeId string| siteCatalystPageName string| siteCatalystC7 string| siteCatalystAccountNumber string| feedback_link boolean| isPaymentFlow boolean| isSiteRedirect string| languageCode string| countryCode string| serverName string| commentCardCmd string| accountNumber boolean| miniBrowser string| sitefb_plus_icon string| rLogId boolean| showSitefbIcon string| _sp string| _rp function| _fC object| PAYPAL string| custom_var number| _poE number| _poX number| _sH object| _doc object| _w string| _ht string| _hr number| _tm number| _kp number| _sW undefined| baseurl function| O_LC function| PP_O_LC function| _fPe function| _fPx function| O_GoT function| PP_O_GoT function| Mini_O_GoT function| siteFeedBackImage function| $ function| jQuery function| DP_jQuery_1598285161781 function| assignSiteCatalystVars function| PayPalURL undefined| url_var undefined| url_var_temp object| paypal_url string| _ht_temp string| _hr_temp string| custom_var_temp undefined| ppbce number| getOpinionLabURL function| OpinionLabOnCloseEvent function| showpopup number| topless object| jQuery1710033010306658348254 number| trident_verOffset string| sc_code_ver string| s_account object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq function| scOnload object| fpti string| fptiserverurl object| _ifpti string| readerContent string| j object| s_i_paypal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.htmlcomponentservice.com/ | Name: s_sess Value: %20s_ppv%3D100%3B%20s_cc%3Dtrue%3B%20v31%3Dmain%253Amktg%253Apersonal%253A%253Ahome%3B%20s_sq%3D%3B |
|
.htmlcomponentservice.com/ | Name: s_pers Value: %20s_fid%3D5B1F0E3B77208189-3924FC378DD77BAD%7C1661357162558%3B%20gpv_c43%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1598286962560%3B%20tr_p1%3Dmain%253Amktg%253Apersonal%253A%253Ahome%7C1598286962562%3B%20gpv_events%3Dno%2520value%7C1598286962563%3B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
07dd96.htmlcomponentservice.com
ads.bluelithium.com
googleads.g.doubleclick.net
t.paypal.com
www.google.com
www.google.de
www.paypalobjects.com
ads.bluelithium.com
184.25.158.196
23.43.117.160
2a00:1450:4001:801::2002
2a00:1450:4001:809::2013
2a00:1450:4001:81e::2003
2a00:1450:4001:824::2004
18c9428f5ed837e027c6fcf29afe9d1f63a1e1e5b53ee1dc6373cf1cd1ea22aa
1d428781d3f71a5f8c83d37acccdf0121bbba0be41fa5a45403b0a143bec3222
26f1a69a23e87a4e8e3ba9656e1a86abf186d00c417d8c52e632d56c86a01415
27eb42381cfad4fe4de2a0c5724f46f359a3ae1cab79884d8af2f45a7f7eef62
2b9bc64cd986a5497856e8e1bd62b4c1c38a80a989b10657ea48598745050919
376c4f6b11a73d917a10ddea997e144e4e35583aa8af8e4ba6c42253b017eac5
4ad4fc0b41d1751368a6ca2bdcc558da74c833c115d92adb4d8d03c711a511ec
4ada833960f21f1bb762bdef24bc99babce6dee065be7783f19ffc26979e577c
4cb4a4d9717a184e25b7ab050f911207741231be62f32499ef0df086ad081e68
6860b16e25dfe4e72ffb72631dde079391e88f5144bddedab9cb36cdb5ad574c
6a606be67cd72a0ab8423b778636aa98af62ff4ebfc41fd583244d10ed7771e8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7417e34e396a20851e48ba2e1af6276f6c14602f7a09febc7316e412cdebd10e
8abeae84b3f968375d03397dbbba4ec46107941ed9e9911af29362fb1137b2c5
a5a22e5984c90de1c03de0e00d83a7bf2ad692480a2e1363faf30a21e14c9d53
b6269e1ef16b6c593338f7c72a2b1279758e8396fbf83c1e263288174c5d7038
bca15c33262af2495d7ee0112cd45dfde3157d42ed645ae0a64983113985223f
c9b1ffb982bee52f9a4317020e1ab2cd18a8f77d8c4b5a28921c408844f4f15b
d07ed240ce22cb8fe6b30ddf2badddcf5293a772696297fa61ed8a03968d4bb7
d59b30b936d93b0d2f364e7d8656566dadf109452d35c901d17cc47883c11acc
d64045c32a5032951412c4017a38521496aa93482efe41e9211aff66ecaa2079
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdf6586e001cc4778e1c68b7a71f336aaf00011a46bb367e33362f7d346aad7a