thebijou.click
Open in
urlscan Pro
167.172.158.24
Malicious Activity!
Public Scan
Submission: On June 26 via automatic, source openphish — Scanned from DE
Summary
This is the only time thebijou.click was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 167.172.158.24 167.172.158.24 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
14 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
thebijou.click
thebijou.click |
582 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | thebijou.click |
thebijou.click
|
14 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://thebijou.click/Address?sslchannel=true&sessionid=ZeMHlI18RPV3ZwFwOyYLNaVgwBAYGvEfX7wqjwFaR27YtTrtesiSJsRICCF0i1LbHG296oPiYDTBTM12jctROf4vNeHyjCyDu29DKQabMTOw55MQhWIvm7uX1RlkrvPDbq
Frame ID: FF4490BEF68A04AD1E4A2525E6C585F8
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Address
thebijou.click/ |
33 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups_0022.css
thebijou.click/us_assetz/css/ |
130 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups_0042.css
thebijou.click/us_assetz/css/ |
231 KB 100 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups_0032.css
thebijou.click/us_assetz/css/ |
741 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ups2.css
thebijou.click/us_assetz/css/ |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UPS_logo.svg
thebijou.click/us_assetz/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
thebijou.click/us_assetz/js/ |
266 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mask.js
thebijou.click/us_assetz/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social.jpg
thebijou.click/assets/resources/images/ |
260 B 260 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light.woff
thebijou.click/us_assetz/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.woff
thebijou.click/us_assetz/fonts/ |
92 KB 91 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Italic.woff
thebijou.click/us_assetz/fonts/ |
97 KB 96 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Medium.woff
thebijou.click/us_assetz/fonts/ |
92 KB 92 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light.woff2
thebijou.click/us_assetz/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
thebijou.click/ | Name: PHPSESSID Value: ocl3j6u04a1p7hqop93ak3n1u8 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
thebijou.click
167.172.158.24
20756f29cea655d4ffe8144e7cdcdd9f29301f0643681604450214ca4437fb25
4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706
658074af4655bf83f92974e9b517193ca00e70aebe9f3fe3bd89663575dc1061
835e33c2a281edd220513a561aea9bc1acfa20e5b2a3a692a8cd5d66b0e88e24
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
a3ebbe5cccfbabf1e67669b3dc6dc3792f55cf0153bc6f99a39a8d6328c24b98
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
a48e55eba408d92c3a2653ca845937678c75eabe60cad691debf89c0a2b94872
c511a38838f14cd23a3e2a7c7c9b7f2864a2a6b9e548053bb71b432a677966e2
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
d7b357b45c059e27290a30897598068559273330a2aa58efd8970b8bd11f3b7f
d98835978aaf8b44c47da4452bce0189666cc5b751fb2cc914c869241f17d5a6
dc80296aab249d244bfb398a38af488c23434f139fe97cdff319df61b5da79ae