outlet.bgschool.bg
Open in
urlscan Pro
77.77.151.80
Malicious Activity!
Public Scan
Submission: On April 03 via manual from BG
Summary
This is the only time outlet.bgschool.bg was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 77.77.151.80 77.77.151.80 | 49699 (ICN-) (ICN-) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 23.210.248.89 23.210.248.89 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
21 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-89.deploy.static.akamaitechnologies.com
www.paypalobjects.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
bgschool.bg
outlet.bgschool.bg |
674 KB |
5 |
paypalobjects.com
www.paypalobjects.com |
190 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
15 | outlet.bgschool.bg |
outlet.bgschool.bg
|
5 | www.paypalobjects.com |
outlet.bgschool.bg
|
1 | ajax.googleapis.com |
outlet.bgschool.bg
|
21 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-01-12 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/updatebilling.php
Frame ID: 073189D4E302D2078C324ED51C33C939
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
updatebilling.php
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_app.ltr.css
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/css/ |
287 KB 288 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_ppl-sans.css
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_summary.ltr.css
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/css/ |
300 KB 301 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_app.css
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.maskedinput.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
information.png
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
worning.png
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/img/ |
445 B 687 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_dowira_jquery.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_dowira_plugins.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_ppl_647892.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_pa.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_appli.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ys_bootstrap.js
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/YSASSETS/js/ |
0 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
updatebilling.php
outlet.bgschool.bg/wp-content/plugins/ml-slider/php/cgi/ |
0 25 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
38 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConsumerIcons-Regular.woff
www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ |
35 KB 35 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Medium.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
39 KB 39 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Light.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
37 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Thin.woff2
www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/ |
39 KB 39 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| isNumberKey function| ValidateAlpha1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
outlet.bgschool.bg/ | Name: PHPSESSID Value: a8582681dea06f4592c05d60a1f3a780 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
outlet.bgschool.bg
www.paypalobjects.com
23.210.248.89
2a00:1450:4001:821::200a
77.77.151.80
1874ea5e78629eb0a0bac87800916d23b6a7796cc53fcb16ada872fea82b4230
2132859bb0ef10e8130e805c0df89044392c1233284bb489844ff1bc19fc227b
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
39bc33f508e63450012016fb13d7c204afcf075ff2af59986127bcb88a6b8407
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
60db5bdebc470b5204dc001969958339c0cb700c36403bb2dd2abdcf2ff7ed7e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
707b984c5c13152e4eaff00bb6000a9e3050a0a086030d2a25525c8dd2bd536e
9600c17aa3b630f23242bcfa3762ce4de45776e3092efda870b7e23ecee79d72
d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
e02787f2e02ed52ef1a737c4d417c9302f785d4a51178b3cccea58385134c6c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed31d6de23f26ffc0da51b24fd527e073c9c1ab1d1575e6d44cb515dcfc2a092
feeef692825e15f82abd557ca71f54d2991e2a9945ec31b5bcd7573bf12fa907