If you are a very observant - or cautious - PayPal user you may have noticed that several connection requests are made whenever you connect to the main PayPal website that you may not link to PayPal necessarily.
Some of the requests are made to third-party domains instead of paypal.com which you would not necessarily expect from a financial service.
This can be extremely worrying to users considering that malicious software and attackers also use these kinds of connections for their evil doings.
If you analyze the connections that PayPal makes you notice that the site makes two connections to load objects from the domain paypal.112.2o7.net.
This looks on first glance like one of those phishing websites that add the name of the service that they attack to the url to make users believe that they are on the right website.
The two elements are the smallest in size (both are 43 Bytes) but seem to take the longest to transfer.
The very long url of these requests seems to transfer data about the computer system. It contains the screen resolution and browser plugins among other data which might be even more cause for concern.
If you open paypal.112.2o7.net directly you are greeted with a page that is more or less blank.
Not found does not sound good as well. Omniture on the other hand will give many webmasters a clue. It is a service that analyses traffic and it seems that PayPal is one of the company's customers.
This has been confirmed by a press release on the Omniture website which states that PayPal is indeed one of the company's customers. Omniture is part of Adobe Systems.
The way the data is handled, especially the cryptic url paypal.112.2o7.net can cause concern by users who don't know about Omniture or discover the connection for the first time.
PayPal should consider changing that url so that the request will come from a PayPal server and not that url.
Update 2: PayPal.com connects to different third-party servers now. It seems to have dropped connections to paypal.112.2o7.net completely. It appears that PayPal switched to Google Analytics for web stats instead.
Connections may also be established to secure.adnxs.com, paypal.d1.sc.omtrdc.net, and paypalobjects.com.
You can check the connections that PayPal -- and any other site for that matter -- make in the following way:
In your browser of choice, tap on the F12 key to display the Developer Tools. Locate the network tab in the interface, and load the PayPal page. The browser lists all connections made during page load time.
Simply go through them to discover all third-party connections made.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.