www.kapitalkel.net
Open in
urlscan Pro
89.46.106.13
Malicious Activity!
Public Scan
Effective URL: http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/info.html
Submission: On April 04 via automatic, source phishtank
Summary
This is the only time www.kapitalkel.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 89.46.106.13 89.46.106.13 | 31034 (ARUBA-ASN) (ARUBA-ASN) | |
1 | 66.235.148.64 66.235.148.64 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 104.96.4.11 104.96.4.11 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 104.96.4.12 104.96.4.12 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
23 | 4 |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net
paypal.d1.sc.omtrdc.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-96-4-11.deploy.static.akamaitechnologies.com
www.paypalobjects.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-96-4-12.deploy.static.akamaitechnologies.com
t.paypal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
kapitalkel.net
www.kapitalkel.net |
147 KB |
1 |
paypal.com
t.paypal.com |
42 B |
1 |
paypalobjects.com
www.paypalobjects.com |
9 KB |
1 |
omtrdc.net
paypal.d1.sc.omtrdc.net |
43 B |
23 | 4 |
Domain | Requested by | |
---|---|---|
20 | www.kapitalkel.net |
www.kapitalkel.net
|
1 | t.paypal.com |
www.kapitalkel.net
|
1 | www.paypalobjects.com |
www.kapitalkel.net
|
1 | paypal.d1.sc.omtrdc.net | |
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypalobjects.com Symantec Class 3 EV SSL CA - G3 |
2015-10-12 - 2017-09-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/info.html
Frame ID: 31955.1
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/procesing2.php Page URL
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/zzzsedjc24bwp.php Page URL
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/info.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/procesing2.php Page URL
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/zzzsedjc24bwp.php Page URL
- http://www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/info.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 14- http://paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/s5566844407390?AQB=1&ndh=1&t=4%2F3%2F2017%2017%3A38%3A50%202%200&fid=519A496E96759EC3-22DEB0AF9737539B&vmt=51437A79&vmf=paypal.112.2o7.net&...
- http://paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/s5566844407390?AQB=1&pccr=true&vidn=2C71ED1505314BA4-4000012A40022C32&&ndh=1&t=4%2F3%2F2017%2017%3A38%3A50%202%200&fid=519A496E96759EC3-22D...
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
procesing2.php
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.css
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
55 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pageSalsa.css
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
33 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
country.css
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
227 B 227 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.js
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
60 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
counter.cgi
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
4 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paypal_logo.gif
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_load_roundcorner_lock1_186x42_withlock.gif
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
139 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
calendar.js
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp_jscode_080706.js
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/Logging%20in%20-%20PayPal_files/ |
60 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_sprite.gif
www.kapitalkel.net/en_US/i/pui/core/ |
229 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s5566844407390
paypal.d1.sc.omtrdc.net/b/ss/paypalglobal/1/H.25.3/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pa.js
www.paypalobjects.com/WEBSCR-640-20130928-1/pa/js/min/ |
33 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ts
t.paypal.com/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zzzsedjc24bwp.php
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/ |
322 B 226 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zz.php
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/ |
93 B 103 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
info.html
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/ |
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.kapitalkel.net/ |
209 B 209 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.png
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.png
www.kapitalkel.net/jj/eadd480e4c0f364a6a14fd206cd15a37/dit/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.kapitalkel.net/ | Name: s_sess Value: %20s_ppv%3D100%3B%20s_cc%3Dtrue%3B%20v31%3Dp%252Fgen%252Flogin-processing%253A%253A_login-processing%3B%20s_sq%3D%3B |
|
.kapitalkel.net/ | Name: s_pers Value: %20s_fid%3D519A496E96759EC3-22DEB0AF9737539B%7C1554399530869%3B%20gpv_c43%3Dp%252Fgen%252Flogin-processing%253A%253A_login-processing%7C1491329330872%3B%20tr_p1%3Dp%252Fgen%252Flogin-processing%253A%253A_login-processing%7C1491329330873%3B%20gpv_events%3Dno%2520value%7C1491329330874%3B |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
paypal.d1.sc.omtrdc.net
t.paypal.com
www.kapitalkel.net
www.paypalobjects.com
104.96.4.11
104.96.4.12
66.235.148.64
89.46.106.13
09b988869b11a118677b4858aff8f89680bdc93afd25403c2a7a4d23ad986e5d
0b514c92ccf88fb8be3393886edc42cea82df3d8fb0181ac6cd3b9f7ca5c4291
10c27f7f0b50673681e8c2ff39ffcdaa6f539d6b3a9c2a5f18e5691ac5f39412
34e3520614802bd30348c83769fc07bd32b6882407148a0dfeb5cc1098652ecb
3ed629977eb3cc5258649bc87e2f65cf09a4c90f8783b8f3791d9f6277b9ddd7
3f5017649076025d07b8a1247e5eb5d65b93daa6b9bf4e28e6fae5ad55947ecb
4b40ace1d6613a81c58a9420333f5f30652876cd3f13cdcdc6ad224867d2e6a7
6159f7df76129759f0cb0c674ad7cdfb5cc25c8150daab62979ea6bcfc590f0d
67940c1cff792bac6025214c7178f7144d8e5c5c17a06df18d08dc6e43b55f77
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
904a9744bb51fc67bec695e9f960c97b6ca90d018277b842518ce823cbf2f52f
9a1445e5dd6458e79decd9b6d071f21825b69cde06386a2c097696efdfd8d44b
9dd98ddf102ad5f5f525d468e56f3fc568d5fb0c1ca107a7fdfb9c45071680d0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b32c62e95c5c824665d9448392953ebadc4d1e1636717f3e915718d8c2725bb1
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
c978bbecf8c51329b37db86bde0c580b8c6d85ba9dbc0480ed7992e7ab2d0992
d8f8d5801ebe04572cb4525b1b271cdd70cf976d4f40d152bcc68edc52f72221
e025ca55920bb8dc0793cc9073076b582fe8b9f03d37c344f54b1891b2757e5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453303444d7b6754f9607fa73afc3edcb15239eca8f82c241973ba4feedc138
f34bfdb247021328d53ee74b2e34905ea312d7e06a531eb6378c0662a4d0dcef
fafbce04be77f486c9c2d2b51567136cfc21ba02a6bdca1b4bcdaeb3be13cfff