ghdteuegdj.youdontcare.com
Open in
urlscan Pro
5.206.227.115
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On October 26 via api from FI — Scanned from PT
Summary
This is the only time ghdteuegdj.youdontcare.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 5.206.227.115 5.206.227.115 | 47674 (NETSOLUTIONS) (NETSOLUTIONS) | |
17 | 1 |
ASN47674 (NETSOLUTIONS, MO)
PTR: jd.nl
ghdteuegdj.youdontcare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
youdontcare.com
ghdteuegdj.youdontcare.com |
246 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | ghdteuegdj.youdontcare.com |
ghdteuegdj.youdontcare.com
|
17 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://ghdteuegdj.youdontcare.com/schuld/financien.html
Frame ID: 982FE9C0671238D9E54D90A5821B183B
Requests: 17 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
financien.html
ghdteuegdj.youdontcare.com/schuld/ |
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marktplaats.css
ghdteuegdj.youdontcare.com/schuld/FOD/ |
103 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.min.css
ghdteuegdj.youdontcare.com/schuld/FOD/ |
120 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.112272e5.css
ghdteuegdj.youdontcare.com/schuld/FOD/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js.download
ghdteuegdj.youdontcare.com/schuld/FOD/ |
78 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util.js.download
ghdteuegdj.youdontcare.com/schuld/FOD/ |
143 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fod_logo.jpg
ghdteuegdj.youdontcare.com/schuld/FOD/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obp.dff79601.svg
ghdteuegdj.youdontcare.com/schuld/FOD/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
ghdteuegdj.youdontcare.com/schuld/FOD/ |
116 KB 116 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bancontact.svg
ghdteuegdj.youdontcare.com/schuld/FOD/ |
288 B 288 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Marktplaats.Sprite.svg
ghdteuegdj.youdontcare.com/schuld/FOD/ |
288 B 288 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light-webfont.woff2
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular-webfont.woff2
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light-webfont.woff
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular-webfont.woff
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular-webfont.ttf
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light-webfont.ttf
ghdteuegdj.youdontcare.com/schuld/FOD/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| radioselected boolean| tcsaccepted object| selectedbank function| closeselect function| openselect function| radiochange function| changevalues function| gm_authFailure object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ghdteuegdj.youdontcare.com
5.206.227.115
0a13f7a510e9cb674c985ada9d5aa5e11b35c907cca576232354f55be52b9e57
398d74f87682fe45a49629d5ff966191f84310ad409efa2ff47a9affc3a5f0bf
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
584a2c05476de8bbc369a9094e3a888c305a750bf7f6282358a24419ba3c3eaf
6b0eedcff94b6a63aa4726b01dd0cd284710ca8b73f35ea018e141f9b778c758
a13b2a4b26685419942c0bd65dfedd700f98a85b799abfb49a00c444f340e86b
bbccc0214ae38caf1d8287a138b46c04133e6c9397844abcd606b1e17a1250fc
bfe8034d6da06a3fb17b45b8d3813aa8e8e47b3bf650274da27eee2b2a47b0cb
cffd79ef5ba4424fdd951858e19523ad61fc440df90e251c60f658dd8ecdf418
daa392a442e0815ae90396224b9f6b0580cc98bbd3eb6f7c2e1f79a3c8689251