pigje.com.pk
Open in
urlscan Pro
72.18.132.197
Malicious Activity!
Public Scan
Effective URL: http://pigje.com.pk/wp-includes/rest-api/fields/k/redirect-bin.php
Submission: On November 27 via automatic, source openphish
Summary
This is the only time pigje.com.pk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 72.18.132.197 72.18.132.197 | 30475 (WEHOSTWEB...) (WEHOSTWEBSITES-COM - Handy Networks) | |
15 | 2 |
ASN30475 (WEHOSTWEBSITES-COM - Handy Networks, LLC, US)
PTR: server6.a2zcreatorz.com
pigje.com.pk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
pigje.com.pk
pigje.com.pk |
277 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
11 | pigje.com.pk |
pigje.com.pk
|
15 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://pigje.com.pk/wp-includes/rest-api/fields/k/redirect-bin.php
Frame ID: 12824.1
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://pigje.com.pk/wp-includes/rest-api/fields/k/auth_ini.php Page URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/redirect-bin.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://pigje.com.pk/wp-includes/rest-api/fields/k/auth_ini.php Page URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/redirect-bin.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
auth_ini.php
pigje.com.pk/wp-includes/rest-api/fields/k/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vudu.css
pigje.com.pk/wp-includes/rest-api/fields/k/css/ |
26 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wibscreen.css
pigje.com.pk/wp-includes/rest-api/fields/k/css/ |
105 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_62sq.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
616 B 616 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
redirect-bin.php
pigje.com.pk/wp-includes/rest-api/fields/k/ |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
multipage.css
pigje.com.pk/wp-includes/rest-api/fields/k/css/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_utilities.js
pigje.com.pk/wp-includes/rest-api/fields/k/js/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HeClientRules.js
pigje.com.pk/wp-includes/rest-api/fields/k/js/ |
64 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_62sq.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
616 B 616 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
req.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
116 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
alert.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
lock.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
prog_devideroff3.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
btn_blueslice.gif
pigje.com.pk/wp-includes/rest-api/fields/k/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pigje.com.pk
- URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/img/alert.gif
- Domain
- pigje.com.pk
- URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/img/lock.gif
- Domain
- pigje.com.pk
- URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/img/prog_devideroff3.gif
- Domain
- pigje.com.pk
- URL
- http://pigje.com.pk/wp-includes/rest-api/fields/k/img/btn_blueslice.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| checkForErrors object| win object| dropdownList object| inputList object| linkList string| browserCloseText undefined| secureTimeout number| secureChildInterval function| addEvent function| simulateClick function| showGroup function| clearChildren function| showLayer function| showRow function| setInputRules function| setSelectRules function| runElementRule function| initialize function| toggle function| displayErrorIcon2 function| popup function| newWindow function| allLinks function| setLightBoxLinkRule function| trimTitleLink function| mouseDown function| childLinkOnClick function| browserClosePopup function| setUserClickFlag function| autoTab function| getFocus function| btnCancelRule function| itpBtnCancelRule function| saveContinue function| setAutoCompleteOff function| setHtmlText function| hasClass function| addClass function| removeClass function| getElementsByClassName function| setCartHeight function| encodeXSS function| callService function| Tab0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pigje.com.pk
pigje.com.pk
72.18.132.197
2900cd456f4ce61ba29f48fc7086a271d946077efa26c7927c65c19e293120ec
3f32fabf32147846d06d0d451ac9a41dcef278f09683a7b05c95e04f9a055a2e
644a7c2774f9f5677923ec675fea8c1611272c7dc25cbb2ac838781573289b27
65fdf4fcebebebc39a09aca58d58031d87a348426093f1ffef8b55749ffebe1f
6a0b9007ff4c4e34864b44263e23241a991a72b3aa28a3025f9326cede219553
76c40c6637f83d11db4ac6382089975db1c7d15e1592d5d79b3f782cec01572b
843526b71e6d3c994c9b4b906c82b2ce018e1deb32ca3793977f6e34b0bbdadd
96dfcecb1acb946c83c158448d492ea66c20f41709f0f8e735d04cb64aecf4c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ebf4a535fa6a88962621940e780ca0cd6707b6cdaed59f469f0aeada311d09d1