bgoneapp.com
Open in
urlscan Pro
2606:4700:3037::6815:1296
Malicious Activity!
Public Scan
Effective URL: https://bgoneapp.com/
Submission: On April 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.
This is the only time bgoneapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:20:... 2606:4700:20::681a:5da | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 8 | 2606:4700:303... 2606:4700:3037::6815:1296 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
bgoneapp.com
1 redirects
bgoneapp.com |
97 KB |
1 |
backonego.xyz
1 redirects
backonego.xyz |
585 B |
7 | 2 |
Domain | Requested by | |
---|---|---|
8 | bgoneapp.com |
1 redirects
bgoneapp.com
|
1 | backonego.xyz | 1 redirects |
7 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.centos.org |
wiki.centos.org |
bugs.centos.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-04 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bgoneapp.com/
Frame ID: AF2698DE884A047353CC5471DB9C7935
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Welcome to CentOSPage URL History Show full URLs
-
http://backonego.xyz/
HTTP 302
https://bgoneapp.com/ Page URL
-
https://bgoneapp.com/cdn-cgi/phish-bypass?atok=gg00vF5OyuJclejJMUYUm7C59t.DinJLSldFw8ZvatM-168134...
HTTP 301
https://bgoneapp.com/ Page URL
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: Wiki
Search URL Search Domain Scan URL
Title: Mailing Lists
Search URL Search Domain Scan URL
Title: Mirror List
Search URL Search Domain Scan URL
Title: IRC
Search URL Search Domain Scan URL
Title: Forums
Search URL Search Domain Scan URL
Title: Bugs
Search URL Search Domain Scan URL
Title: Donate
Search URL Search Domain Scan URL
Title: SIGs
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://backonego.xyz/
HTTP 302
https://bgoneapp.com/ Page URL
-
https://bgoneapp.com/cdn-cgi/phish-bypass?atok=gg00vF5OyuJclejJMUYUm7C59t.DinJLSldFw8ZvatM-1681345924-0-%2F
HTTP 301
https://bgoneapp.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://backonego.xyz/ HTTP 302
- https://bgoneapp.com/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bgoneapp.com/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
bgoneapp.com/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
bgoneapp.com/cdn-cgi/images/ |
452 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
bgoneapp.com/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
centos-logo.png
bgoneapp.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
html-background.png
bgoneapp.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header-background.png
bgoneapp.com/img/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bgoneapp.com/ | Name: __cf_mw_byp Value: gg00vF5OyuJclejJMUYUm7C59t.DinJLSldFw8ZvatM-1681345924-0-/ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
backonego.xyz
bgoneapp.com
2606:4700:20::681a:5da
2606:4700:3037::6815:1296
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
14a76d84a155acadb5d84695e7e6f2ba8042d2527fadf4e71ee1c84581164e8c
150e321740534a530722cf504781d5a3c6cd4da6c00b88fe7864ac6e04f82fdd
4fee32fb8b130a7d5c4b176767a85ab4c5bd6cb1f6cd0a7c506aa476ccfaec0e
69dbbb0073c44a64da2de10dc969dd5b0118bc09a28f77be63a62ddaf382d6e4
79dda1a317f732bc2e6c15013254e833d65ecbb99feb572df0309a2c14f1b7d3
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016