If you are a very observant – or cautious – PayPal user you might have noticed that several connection requests are made that are to other domains that are not paypal.com. This can be extremely worrying to users considering that malicious software and attackers also use these kinds of connections for their evil doings.
If you analyze the connections that PayPal makes you notice that the site makes two connections to elements on the domain paypal.112.2o7.net which looks on first glance like a phishing website. The two elements are the smallest in size (both are 43 Bytes) but seem to take the longest to transfer.
The very long url of these requests seems to transfer data about the computer system. It contains the screen resolution and browser plugins among other data which might be even more cause for concern. If you open paypal.112.2o7.net directly you are greeted with an almost blank page.
Not found does not sound good as well. Omniture on the other hand will give many webmasters a clue. It is a service that analyses traffic and it seems that PayPal is one of their customers which is confirmed by a press release on the Omniture website.
The way the data is handled, especially the cryptic url paypal.112.2o7.net can cause concern by users. PayPal should consider changing that url so that the request will come from a PayPal server and not that url.
Continua a leggere – Original Link: What Is paypal.112.2o7.net