Report - paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

Report Overview

Submitted URL
paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
IP
162.241.60.162
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-06-09 20:37:31
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
paypal-support.com.desenvolvedortheosbank.com.br	unknown	2022-10-25	2023-03-10	2023-06-09	2.2 kB	3.0 kB	162.241.60.162
www.hostgator.com.br	unknown	2005-09-12	2015-04-17	2023-06-09	387 B	4.5 kB	172.66.40.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-09	medium	desenvolvedortheosbank.com.br
2023-06-09	medium	desenvolvedortheosbank.com.br
2023-06-09	medium	desenvolvedortheosbank.com.br
2023-06-09	medium	desenvolvedortheosbank.com.br

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

URL IP Response Size

paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

162.241.60.162

302 Found

385 B

URL User Request GET HTTP/1.1
paypal-support.com.desenvolvedortheosbank.com.br/login.php?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
IP
162.241.60.162:80
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
385 B (385 bytes)
Hash
d05193ddad60aae919d80b29c99503f2
fd19d96aeae49f0cddc8ad3f57fd348ecc9163f6
f177f1fe010f3e367d1b75d6f9b58a3d151c776f71ef66e485d1be04bd011fe6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /login.php?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 09 Jun 2023 20:37:14 GMT
Server: Apache
Location: http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
Content-Length: 385
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

162.241.60.162

200 OK

612 B

URL User Request GET HTTP/1.1
paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
IP
162.241.60.162:80
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
612 B (612 bytes)
Hash
8bbf98bbf5d0053409a9c63bf321e05d
ed99ae34640a66e88f5dd8bd4fc31a306de6c74f
6f5d9bc43ee4175845d07b9c482822edbd556ebf9c1556e22859e0d4125b757b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:37:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 612
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html

www.hostgator.com.br/images/bg_404.jpg

172.66.40.38

403 Forbidden

3.4 kB

URL GET HTTP/1.1
www.hostgator.com.br/images/bg_404.jpg
IP
172.66.40.38:80
ASN
#13335 CLOUDFLARENET

Requested by
http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1519)
Size
3.4 kB (3396 bytes)
Hash
1a38586cb3039fe79bc497d6be0443dd
4852dd101877f3a94af838aabe5323e2a8ca5881
5bb8c7547e50dd460047251e88ddc0feef0d3cd2829f0741e288d47e05fa3c91

HTTP Headers

GET /images/bg_404.jpg HTTP/1.1
Host: www.hostgator.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Fri, 09 Jun 2023 20:37:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=EcXwhe4ccreCJjA_2i3jInYcBOyNY6JwTz2Aa3NhRVQ-1686343035-0-AchnkyIHVBhmzwr27qAruTHBso0X9Yes3JlQLITGfHiRDKa//MidOyu0uh5PCXRjJL22H1T2kuZfQ1rLrsZxnzw=; path=/; expires=Fri, 09-Jun-23 21:07:15 GMT; domain=.hostgator.com.br; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d4c2be45cb0b521-OSL
Content-Encoding: gzip

paypal-support.com.desenvolvedortheosbank.com.br/favicon.ico

162.241.60.162

302 Found

265 B

URL GET HTTP/1.1
paypal-support.com.desenvolvedortheosbank.com.br/favicon.ico
IP
162.241.60.162:80
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
265 B (265 bytes)
Hash
6c892c5abdae63ae82d515fe8a1e0a00
ec33332adbf497b25b55c3689dfb46919850a0d4
790fc30b4a2abeb8751b45bbaf554cadd0f77f427171fc68c0695f8310be2083

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 09 Jun 2023 20:37:15 GMT
Server: Apache
Location: http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi
Content-Length: 265
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi

162.241.60.162

200 OK

612 B

URL GET HTTP/1.1
paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi
IP
162.241.60.162:80
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
612 B (612 bytes)
Hash
8bbf98bbf5d0053409a9c63bf321e05d
ed99ae34640a66e88f5dd8bd4fc31a306de6c74f
6f5d9bc43ee4175845d07b9c482822edbd556ebf9c1556e22859e0d4125b757b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: paypal-support.com.desenvolvedortheosbank.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://paypal-support.com.desenvolvedortheosbank.com.br/cgi-sys/suspendedpage.cgi?cmd=_account-details&session=480c95f081ab3a2b1c89c0717ae5d4c6&dispatch=b73a16147592961a46198aad274a7bdf73269d7a
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 20:37:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 612
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (5)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers