phishcacher.z5.web.core.windows.net
Open in
urlscan Pro
13.77.184.69
Malicious Activity!
Public Scan
Submission Tags: phishing malicious Search All
Submission: On May 05 via api from US
Summary
TLS certificate: Issued by Microsoft IT TLS CA 2 on April 29th 2020. Valid for: 2 years.
This is the only time phishcacher.z5.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
39 | 13.77.184.69 13.77.184.69 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 151.101.114.133 151.101.114.133 | 54113 (FASTLY) (FASTLY) | |
3 | 23.45.105.205 23.45.105.205 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 4 | 64.4.245.84 64.4.245.84 | 17012 (PAYPAL) (PAYPAL) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 23.45.98.207 23.45.98.207 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
54 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
phishcacher.z5.web.core.windows.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-105-205.deploy.static.akamaitechnologies.com
c.paypal.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
windows.net
phishcacher.z5.web.core.windows.net |
2 MB |
9 |
paypal.com
2 redirects
c.paypal.com b.stats.paypal.com dub.stats.paypal.com t.paypal.com |
22 KB |
2 |
google.com
www.google.com |
5 KB |
1 |
gstatic.com
www.gstatic.com |
93 KB |
1 |
paypalobjects.com
www.paypalobjects.com |
2 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
54 | 6 |
Domain | Requested by | |
---|---|---|
39 | phishcacher.z5.web.core.windows.net |
phishcacher.z5.web.core.windows.net
|
3 | c.paypal.com |
phishcacher.z5.web.core.windows.net
c.paypal.com |
2 | t.paypal.com |
phishcacher.z5.web.core.windows.net
|
2 | www.google.com |
www.gstatic.com
phishcacher.z5.web.core.windows.net |
2 | dub.stats.paypal.com |
phishcacher.z5.web.core.windows.net
|
2 | b.stats.paypal.com | 2 redirects |
1 | www.gstatic.com |
phishcacher.z5.web.core.windows.net
|
1 | www.paypalobjects.com |
phishcacher.z5.web.core.windows.net
|
0 | 192.55.233.1 Failed |
phishcacher.z5.web.core.windows.net
|
54 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.paypal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft IT TLS CA 2 |
2020-04-29 - 2022-04-29 |
2 years | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2019-12-09 - 2021-12-13 |
2 years | crt.sh |
c.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-13 |
2 years | crt.sh |
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA |
2020-03-13 - 2022-06-03 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
t.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-12 |
2 years | crt.sh |
This page contains 11 frames:
Primary Page:
https://phishcacher.z5.web.core.windows.net/paypal/paypal.html
Frame ID: 5F2F90C3FC13F9396735AFA3FC19D9F3
Requests: 31 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/saved_resource.html
Frame ID: F95942AAF9A2AEF83C39A3BBD0E998C4
Requests: 1 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/recaptchav3_v3.html
Frame ID: 7AE888224EACA938A2AC022988C05A78
Requests: 5 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/anchor.html
Frame ID: 4E6EBFDCC347B545E42E08FA718362E5
Requests: 5 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/anchor(1).html
Frame ID: 6B3D1BD9B2D9A66B7E7EF8377539FB36
Requests: 3 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/recaptchav3_v3(1).html
Frame ID: E809BFD83B4B6C892F2B95D3AC4E3B8C
Requests: 1 HTTP requests in this frame
Frame:
https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/saved_resource(1).html
Frame ID: F6537DA1B23F459B90BC07AC7422D8E8
Requests: 2 HTTP requests in this frame
Frame:
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Frame ID: 59264B6C237CC4055D56968F6881F6FD
Requests: 3 HTTP requests in this frame
Frame:
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA
Frame ID: AF828F4229B57FD33EAD18153E34B4DA
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCZXkUAAAAAPJkOCgwA5t4l2JhzXGkroDdqyqt&co=aHR0cHM6Ly9waGlzaGNhY2hlci56NS53ZWIuY29yZS53aW5kb3dzLm5ldDo0NDM.&hl=en&v=TYDIjJAqCk6g335bFk3AjlC3&size=invisible&cb=63by9a55qqat
Frame ID: A95D88992323D7DDE4323C87CE812DB0
Requests: 1 HTTP requests in this frame
Frame:
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA
Frame ID: C78FE56924A49F30BE1ED2A922D26F38
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Microsoft HTTPAPI (Web Servers) ExpandDetected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Change
Search URL Search Domain Scan URL
Title: Having trouble logging in?
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: We can help
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Worldwide
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://b.stats.paypal.com/v1/counter.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA HTTP 302
- https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA
- https://b.stats.paypal.com/v1/counter.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA HTTP 302
- https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zNTk0NzVhNTk0OGU0N2RiOWViNGEzMWNhNzIxZGEyOSZpPTE5Ni4xODguMTE1LjI0MCZ0PTE1ODAzOTIwMjEuMzI1JmE9MjEmcz1VTklGSUVEX0xPR0lOPo1BEVPlfS7fU_LFUWHX86AsDjA
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
paypal.html
phishcacher.z5.web.core.windows.net/paypal/ |
193 KB 194 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
44 KB 44 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xhr-ads.min.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
21 KB 21 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contextualLogin.css
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
93 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
16 KB 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-PN-check.png
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyph_alert_critical_big-2x.png
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
44 KB 44 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptchav3.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
10 KB 11 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-all-prod.pp2.min.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
58 KB 58 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
miconfig.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
73 KB 73 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patleaf.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
122 KB 122 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js(1).download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
27 KB 28 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
63 KB 63 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
patlcfg.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
7 KB 7 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
0 383 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-all-prod.pp2.min.js(1).download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ |
58 KB 58 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame F959 |
278 B 663 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptchav3_v3.html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 7AE8 |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 7AE8 |
258 KB 259 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js(1).download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 7AE8 |
258 KB 259 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 7AE8 |
708 B 1 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anchor.html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 4E6E |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anchor(1).html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 6B3D |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptchav3_v3(1).html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame E809 |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame F653 |
329 B 714 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i.html
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 5926 |
386 B 771 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e
c.paypal.com/v1/r/d/b/ |
18 B 284 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles__ltr.css
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 4E6E |
137 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js(1).download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 4E6E |
258 KB 259 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m0MPLzdqcCSwLlTr1w7f2jbfhTT752rqy2myjG2A2dg.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 4E6E |
12 KB 12 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles__ltr(1).css
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 6B3D |
137 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha__en.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 6B3D |
258 KB 259 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter.cgi
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame F653 |
42 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fb-all-prod.pp2.min.js.download
phishcacher.z5.web.core.windows.net/paypal/paypal_files/ Frame 5926 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter2.cgi
dub.stats.paypal.com/v1/ Frame AF82 Redirect Chain
|
42 B 299 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i
c.paypal.com/v1/r/d/ Frame 5926 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tealeaftarget
phishcacher.z5.web.core.windows.net/platform/ |
335 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TYDIjJAqCk6g335bFk3AjlC3/ Frame 7AE8 |
258 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame A95D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m0MPLzdqcCSwLlTr1w7f2jbfhTT752rqy2myjG2A2dg.js
www.google.com/js/bg/ Frame 4E6E |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 846 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb-all-prod.pp2.min.js
c.paypal.com/webstatic/r/fb/ |
58 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
challenge.js
phishcacher.z5.web.core.windows.net/auth/createchallenge/c92ae8507d18a7c8/ |
321 B 629 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
client-log
phishcacher.z5.web.core.windows.net/signin/ |
335 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
resourceaccesstoken
192.55.233.1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
load-resource
phishcacher.z5.web.core.windows.net/signin/ |
335 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter2.cgi
dub.stats.paypal.com/v1/ Frame C78F Redirect Chain
|
42 B 299 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
load-resource
phishcacher.z5.web.core.windows.net/signin/ |
335 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
load-resource
phishcacher.z5.web.core.windows.net/signin/ |
335 B 673 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts
t.paypal.com/ |
42 B 846 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e
c.paypal.com/v1/r/d/b/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ts
t.paypal.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- phishcacher.z5.web.core.windows.net
- URL
- https://phishcacher.z5.web.core.windows.net/paypal/paypal_files/fb-all-prod.pp2.min.js.download
- Domain
- 192.55.233.1
- URL
- https://192.55.233.1/resourceaccesstoken
- Domain
- c.paypal.com
- URL
- https://c.paypal.com/v1/r/d/b/e?e=Uncaught%20NetworkError%3A%20Failed%20to%20execute%20%27send%27%20on%20%27XMLHttpRequest%27%3A%20Failed%20to%20load%20%27https%3A%2F%2Fphishcacher.z5.web.core.windows.net%2Fplatform%2Ftealeaftarget%27%3A%20Synchronous%20XHR%20in%20page%20dismissal.%20See%20https%3A%2F%2Fwww.chromestatus.com%2Ffeature%2F4664843055398912%20for%20more%20details.20190924&ep=abhiklmnj
- Domain
- t.paypal.com
- URL
- https://t.paypal.com/ts?v=1.3.31&t=1588712290016&g=-120&e=err&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&comp=unifiedloginnodeweb&erpg=Failed%20to%20execute%20%27send%27%20on%20%27XMLHttpRequest%27%3A%20Failed%20to%20load%20%27https%3A%2F%2Fphishcacher.z5.web.core.windows.net%2Fplatform%2Ftealeaftarget%27%3A%20Synchronous%20XHR%20in%20page%20dismissal.%20See%20https%3A%2F%2Fwww.chromestatus.com%2Ffeature%2F4664843055398912%20for%20more%20details.&error_type=WINDOW_ONERROR&error_description=Error%3A%20Failed%20to%20execute%20%27send%27%20on%20%27XMLHttpRequest%27%3A%20Failed%20to%20load%20%27_%2F4664843055398912%20for%20more%20details.%0A%20%20%20%20at%20e.exports.c.send%20(_%2Fxhr-ads.min.js.download%3A1%3A17136)%0A%20%20%20%20at%20c%20(_%2Fpatleaf.js.download%3A4%3A51600)%0A%20%20%20%20at%20Object.sendRequest%20(_%2Fpatleaf.js.download%3A4%3A52508)%0A%20%20%20%20at%20A%20(_%2Fpatleaf.js.download%3A4%3A34052)%0A%20%20%20%20at%20e%20(_%2Fpatleaf.js.download%3A4%3A34198)%0A%20%20%20%20at%20D%20(_%2Fpatleaf.js.download%3A4%3A35717)%0A%20%20%20%20at%20Object.destroy%20(_%2Fpatleaf.js.download%3A4%3A35901)%0A%20%20%20%20at%20Object.destroy%20(_%2Fpatleaf.js.download%3A4%3A5006)%0A%20%20%20%20a&error_source=https%3A%2F%2Fphishcacher.z5.web.core.windows.net%2Fpaypal%2Fpaypal_files%2Fxhr-ads.min.js.download%201%3A17136
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate boolean| paypalADSInterceptorInjected object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack object| PAYPAL function| $ function| _classCallCheck function| _typeof function| _createClass number| HTTPOK string| HTTPGET string| HTTPPOST number| DEFAULT_XHR_TIMEOUT object| google_tag_data function| ga object| gaplugins object| fpti string| fptiserverurl object| _ifpti function| AjaxRequest string| PP_SERVICE_URL string| BASE_SWF_URL string| BEACON_BASE_URL string| PP_IFRAME_JS_URL string| PP_NEW_SERVICE_URL string| PP_VERSION object| Configuration object| PFB_4732Config object| PFB_4732 object| dataCollector object| fp undefined| runFb function| initTsFb object| jstz function| SwfStore function| SlvtStore object| miconfig object| pako object| TLT object| _0x29bc function| _0x1c61 object| d function| dbbefdcfbb object| err object| google_tag_manager object| gDataLayer boolean| error object| _0x378f function| _0x5c324 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.paypal.com/ | Name: ts_c Value: vr%3De6a182a51710a4a18825db8affffffff%26vt%3De6a182a51710a4a18825db8afffffffe |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1683320276%26vteXpYrS%3D1588714076%26vr%3De6a182a51710a4a18825db8affffffff%26vt%3De6a182a51710a4a18825db8afffffffe |
|
.c.paypal.com/ | Name: sc_f Value: yiRBE65uc93l5FXwBgb_L8lb9-wQK-m7qMl9irLm_xAqoFW4XA3FsJqirWbJMqIFFF4OJ3_EJ54MzjCXf5hUygHz9-E1W9yGlRcGfW |
|
.paypal.com/ | Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: oBtHqWpHywHxWHx1Ka6dJQmEoLfwjvXk_hG6kuMNbiDrvSwq1I6bCIlVo66uQIDqXQpjt0Ln2BmGdvGC |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
192.55.233.1
b.stats.paypal.com
c.paypal.com
dub.stats.paypal.com
phishcacher.z5.web.core.windows.net
t.paypal.com
www.google.com
www.gstatic.com
www.paypalobjects.com
192.55.233.1
c.paypal.com
phishcacher.z5.web.core.windows.net
t.paypal.com
13.77.184.69
151.101.114.133
23.45.105.205
23.45.98.207
2a00:1450:4001:815::2004
2a00:1450:4001:81f::2003
64.4.245.84
03b4bd04e1468e219de884630dabf0104d160d806d793e2ae539ea4c1ec6cd81
048c48456eecf7beec386e6d3639533fd24ff7ee7961113c464ce43839aa77ca
0547f3ee15b2d21203dcc3925f816a5e5f2ff2553606242d3a78b818023826b5
08d604303801d3eb8b48337e4b1ac48550e5a1f9524b9863b557ff0b6992d5b9
0adaf22e6710cbc950db6526ac09b6c8757ed25e4701196e88cf2f87dca596c7
0bd6872ee6a6b3492fba29b57455b318136e23d44e2aabcc9e1469a7f775394c
0dfd97bb5b60c66deaca18badf3ccbd2b5e09731481c2f8dbdfbe94f3fdf4ca0
0fa586d42dadbe7582f450f432223e98a3f50ed6037568f79e13dc469c26aa13
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
310dc9fbd0cfa8042932e0666f8f8fa1f18f8990e15a4afaf9a273d4e76133ff
38b69e3b3bff3cfecfd24783700c41a742a09e2100e9e9f56b947d21ef03fadc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a3810bc3f61154c717536cc9437068b0ca2b188ec651e3557fa372b6b84b883
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
4bdf5e1828dac0f6e962ab63df259646cf4b11d3c2224ec8eebdfe1342881c29
555705715e4e03b82158d3ca921ae752028c67602afe2414206f4cbfcf282983
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
66e66ef6afd3f31cd27255bc8ff2b75a49eb8f923c1499c486cb06d9199d77b7
6ab13f73483542e0c9602b1f00f9af7935e257870b3f6c80b84b833282f5bb5e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72fa1cbc1a107add12e60f28ce86b146e40d2eb750b732a755b005c5eb8d8d81
80ded4585bbfcb3256ff5531e3e1d2ba204e67e1d81ad58a63818741477e98c4
880d33a808f0d6354e9c2f5ff6ed50d6e89bcf72b9f44ce2fb9d59ed3f74eb23
969433ff6d1023772ce129d719dcd971bc026e761ce1ef0f76da4f4333e8e919
96b2dcbdf7c0cae3fa6157d57e487a04bdca02e9dfda83c7c35bb024e1281ab0
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
9b430f2f376a7024b02e54ebd70edfda36df8534fbe76aeacb69b28c6d80d9d8
a7628c2ee2611a2ca9461536ec8f4b17c4f3f25988a8997a5c2078d72c3e1fb3
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
b7b511e45223dc1e83a8688e0b5f76bfd9b5c6d529ba7af4873f08cd12cf029b
e3865f6d8845d5b4fefd570cb8da2584c2d3458d9c51d481fff6d1aae0af376c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93c6d3e622810596729aaa9a9ab63e1e605b1d906119ac43e89507a696127ea
f769bdd1f568663326bfb5ee3e06db6745d302859697f703c3ed05d7a734cfa8
fec3c48814afbce172cec0a24ef7160a6bc46cc24d145eda29d5cd2a256631f3
fec7153fb330a8f77266d8fa2066fbd28f6c68b448161ce17ed41d58cd0a6a82