![](/screenshots/76d10e06-bed8-46ed-a846-fbd9101c0639.png)
idjgntjbpgrz.xyz
Open in
urlscan Pro
172.67.171.217
Malicious Activity!
Public Scan
Effective URL: https://idjgntjbpgrz.xyz/
Submission: On October 27 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time idjgntjbpgrz.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: B-CAS (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3034::6815:45f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 172.67.171.217 172.67.171.217 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:400a:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:440... 2606:4700:4400::6812:2844 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3036::6815:1b98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 172.67.139.119 172.67.139.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
idjgntjbpgrz.xyz
idjgntjbpgrz.xyz |
703 KB |
8 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1955 use.fontawesome.com — Cisco Umbrella Rank: 1222 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838 |
277 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412 |
30 KB |
1 |
where.name
1 redirects
where.name |
2 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
10 | idjgntjbpgrz.xyz |
idjgntjbpgrz.xyz
|
5 | ka-f.fontawesome.com |
kit.fontawesome.com
idjgntjbpgrz.xyz |
2 | use.fontawesome.com |
idjgntjbpgrz.xyz
use.fontawesome.com |
1 | kit.fontawesome.com |
idjgntjbpgrz.xyz
|
1 | ajax.googleapis.com |
idjgntjbpgrz.xyz
|
1 | where.name | 1 redirects |
19 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
idjgntjbpgrz.xyz WE1 |
2024-10-26 - 2025-01-24 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-01-27 |
6 months | crt.sh |
use.fontawesome.com WE1 |
2024-09-09 - 2024-12-09 |
3 months | crt.sh |
ka-f.fontawesome.com WE1 |
2024-08-29 - 2024-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://idjgntjbpgrz.xyz/
Frame ID: 5538661178EAEB769BA3F06DCDB14E45
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/76d10e06-bed8-46ed-a846-fbd9101c0639.png)
Page Title
BCAS-CARDPage URL History Show full URLs
-
https://where.name/hob
HTTP 301
https://idjgntjbpgrz.xyz/ Page URL
Detected technologies
![](/vendor/wappa/icons/Laravel.png)
Detected patterns
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://where.name/hob
HTTP 301
https://idjgntjbpgrz.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
idjgntjbpgrz.xyz/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
604a94d7cc.js
kit.fontawesome.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.6.4/css/ |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
idjgntjbpgrz.xyz/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dl.css
idjgntjbpgrz.xyz/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
94 KB 23 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
27 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
823 B 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ |
2 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
top.jpg
idjgntjbpgrz.xyz/img/ |
462 KB 463 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cas.jpg
idjgntjbpgrz.xyz/img/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
star.jpg
idjgntjbpgrz.xyz/img/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wow.jpg
idjgntjbpgrz.xyz/img/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sky.jpg
idjgntjbpgrz.xyz/img/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer.jpg
idjgntjbpgrz.xyz/img/ |
115 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.4/webfonts/ |
74 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ |
154 KB 154 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
idjgntjbpgrz.xyz/ |
209 B 798 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: B-CAS (Entertainment)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| FontAwesomeKitConfig3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
where.name/ | Name: XSRF-TOKEN Value: eyJpdiI6ImJjc2hxOERkZFhkNUtIYWZmWTd6U3c9PSIsInZhbHVlIjoiZ09NMDNNVWlcL1MyM1JzWDJ5a3phblRnRmVzTDkxcGNKdW1MYlwvOHBDb3ozSkRKVlJXd1wvK3M5ZklUVGxrSTZRYzgzeXp2dDhmYkJtZldNQUhSNjRMY2c9PSIsIm1hYyI6ImY3MWYxNWNmNDczMTFmNmE0NDEwZTI1ZGU1OGZkNWFkNjI4M2NhNDEwNTJmMmVhY2EyYmRjYzQ0ZWFhZjBkNWUifQ%3D%3D |
|
where.name/ | Name: laravel_session Value: eyJpdiI6IjA2MFhVMlJ6aVp3eTUxb3FQZ2ZWT0E9PSIsInZhbHVlIjoibmxodDNvYUxiN3FDYWRTT1ZsaEw4RWh3Z2hcL1YzZ0JLN2lzaEg3cjY0cFwvazhKVDM2YlIxXC9MRDZTYURibjRmXC9RTGdjbXJCVGt6enJvXC9cL2ppbWNVeFE9PSIsIm1hYyI6IjBjOTU4NWM2NDY4YWNlNDM0MWEzM2VmZGU5OWRlM2VjOGNiZjBjNTFhMzE5YmE0OTMyZjc4NmMwNTU5NDg2NjEifQ%3D%3D |
|
idjgntjbpgrz.xyz/ | Name: PHPSESSID Value: 3crqf5ekfnsu92jrednv362924 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
idjgntjbpgrz.xyz
ka-f.fontawesome.com
kit.fontawesome.com
use.fontawesome.com
where.name
172.67.139.119
172.67.171.217
2404:6800:400a:80e::200a
2606:4700:3034::6815:45f
2606:4700:3036::6815:1b98
2606:4700:4400::6812:2844
07a217506a71a6ce6aaadf1e3e72008697e3f8845d8a55f1f4a9c26d8abd7ff8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
3f4412d8167d54fb0a3bb44c69fcb1f0d952213872485f09f242a2e7942a37f8
4c29939e5bbbeeb88219ea6f6b889517cfeac1259b779841791363471206439c
5b2d85408ea6a65ea502894f40c6a91351fb4b9551e6ab879a98d155d3ab8c6e
6a7892d27b4f7a337ab35e20982bfe8eaa0c3bd6b81cea8f7e15638c4ed5e2cc
6dd1aa5ce63645418013b3cc160aeed42cc50a7c702d665c3c068888393e362c
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
7f78b205ad671830d37dd697372ba0f9e86ba79111b0b9ad2081044ab65c4c57
839b26cad2504c9bbd0605635409effae007b67361c4d632e157009b6d9bd674
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
c086cb88cec6dfb1a0b7265a06b6ed133cb7d03830cf6acc8f89901282325715
c536ab1797b2e7f55f2b1069182f6788a6ac4e624ebd6a59237e1e85c2f677f0
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
ea4831510da28d468e7e5b81710548701e8a1454aa5cbd9c6caec46db22cfcef
f7dd2c9e723619166b8d6491322f4b9321091ea129e46c4bd560959330030631
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221