klondikeagency.info
Open in
urlscan Pro
2606:4700:3031::6815:4e55
Malicious Activity!
Public Scan
Effective URL: https://klondikeagency.info/?23b20fa263581aa7395885d9cecdfedb
Submission: On April 19 via api from GB — Scanned from FR
Summary
TLS certificate: Issued by GTS CA 1P5 on March 13th 2023. Valid for: 3 months.
This is the only time klondikeagency.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Orange (Telecommunication) Customer Survey Spam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 117.120.7.23 117.120.7.23 | 7595 (READYSPAC...) (READYSPACE-SG Readyspace Cloud Services) | |
1 | 31.222.255.87 31.222.255.87 | 398343 (BAXET-GROUP) (BAXET-GROUP) | |
1 1 | 2606:4700:303... 2606:4700:3032::ac43:d5a3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 2606:4700:303... 2606:4700:3031::6815:4e55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
23 | 4 |
ASN7595 (READYSPACE-SG Readyspace Cloud Services, SG)
PTR: genesis0.thewebpeople.asia
ace-ceramics.com.sg |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
klondikeagency.info
klondikeagency.info |
309 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607 |
30 KB |
1 |
yardoffgrass.com
1 redirects
yardoffgrass.com |
686 B |
1 |
utilestrange.com
utilestrange.com |
442 B |
1 |
ace-ceramics.com.sg
ace-ceramics.com.sg |
413 B |
23 | 5 |
Domain | Requested by | |
---|---|---|
20 | klondikeagency.info |
utilestrange.com
klondikeagency.info |
1 | ajax.googleapis.com |
klondikeagency.info
|
1 | yardoffgrass.com | 1 redirects |
1 | utilestrange.com | |
1 | ace-ceramics.com.sg | |
23 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
utilestrange.com R3 |
2023-03-19 - 2023-06-17 |
3 months | crt.sh |
*.klondikeagency.info GTS CA 1P5 |
2023-03-13 - 2023-06-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://klondikeagency.info/?23b20fa263581aa7395885d9cecdfedb
Frame ID: 444526975745D98A0EBE2753D2321D85
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Lots destinés aux membres de OrangePage URL History Show full URLs
- http://ace-ceramics.com.sg/oternehee.html Page URL
- https://utilestrange.com/0/0/0/5138d098cae09221c092db4ba22cd9b2 Page URL
-
https://yardoffgrass.com/index2.php?s1=351396&s2=968532623&s3=2792&ow=60&p=fr5org1a
HTTP 302
https://klondikeagency.info/?23b20fa263581aa7395885d9cecdfedb Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://ace-ceramics.com.sg/oternehee.html Page URL
- https://utilestrange.com/0/0/0/5138d098cae09221c092db4ba22cd9b2 Page URL
-
https://yardoffgrass.com/index2.php?s1=351396&s2=968532623&s3=2792&ow=60&p=fr5org1a
HTTP 302
https://klondikeagency.info/?23b20fa263581aa7395885d9cecdfedb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
oternehee.html
ace-ceramics.com.sg/ |
171 B 413 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5138d098cae09221c092db4ba22cd9b2
utilestrange.com/0/0/0/ |
146 B 442 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
klondikeagency.info/ Redirect Chain
|
24 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
klondikeagency.info/master/org/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle_fr.css
klondikeagency.info/master/org/css/ |
42 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custome1.js
klondikeagency.info/master/org/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
klondikeagency.info/master/org/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custome2.js
klondikeagency.info/master/org/js/ |
73 B 468 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Color-Orange-Logo.jpg
klondikeagency.info/master/org/img/ |
151 KB 151 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
or-ico.png
klondikeagency.info/master/org/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image.php
klondikeagency.info/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr5.jpg
klondikeagency.info/master/org/img/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr2.jpg
klondikeagency.info/master/org/img/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr3.jpg
klondikeagency.info/master/org/img/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr4.jpg
klondikeagency.info/master/org/img/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr1.jpg
klondikeagency.info/master/org/img/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facefr6.jpg
klondikeagency.info/master/org/img/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rta.gif
klondikeagency.info/master/org/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle_oranges.js
klondikeagency.info/master/org/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
system3.js
klondikeagency.info/master/org/js/ |
110 B 658 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
x.png
klondikeagency.info/master/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modal.js
klondikeagency.info/master/js/ |
673 B 750 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Orange (Telecommunication) Customer Survey Spam (Consumer)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery object| Helper function| replaceUrlParam function| _typeof object| Jingle object| Timer object| Magic undefined| Quiz object| tingle3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
utilestrange.com/ | Name: uid2792 Value: 968532623-20230419095241-4d72f832f4486158392a4ab7967ec271-2311 |
|
yardoffgrass.com/ | Name: PHPSESSID Value: 90a2d5e907ba4161764ef7373f36e280 |
|
klondikeagency.info/ | Name: PHPSESSID Value: 1b3e952c86f4969b1c446f030b8ed623 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ace-ceramics.com.sg
ajax.googleapis.com
klondikeagency.info
utilestrange.com
yardoffgrass.com
117.120.7.23
2606:4700:3031::6815:4e55
2606:4700:3032::ac43:d5a3
2a00:1450:4001:811::200a
31.222.255.87
0d300e20890903b0cd0fb8634406fd9f71929ce0a1891d7a942310ce88273216
0fb5645b21ae2882589314a1defc2aa5ccb64787f96b9c0cc5756bf2b6620b82
1f0078598b57b6b905078c2ac3b0bb2965d72a93c950aaac7ba88505c4e62dee
21c1b31eca7945eededcc831b27b321d64348e06ed68b076e46b0c350fb8d5a4
31da977422a452c01ba8b24e8dda1658ebf71b5dff03e7f643d129d2cb989108
36f7ca2744784d6ab870204186c251b4b9a092c63f2afc997439f384537809c5
3f47180c6e4934bb9f79c525552b6e7c1f23cb4313abcd698cf308b7fa693274
4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5
499175a98fdc121418bb1f6376bcebe88a18b6c1de8aa078e608cc8a3c134bff
4a28cbc1a26c8e8a7f0d724944c0bf7f06151be8dd2d876d15f4efaa889a9e9d
4f7c7d00ea4eea8f7d92dfee97b560071df580bbb4112ad6159922f1134e53fe
5cfbaebd7aaba1cb317cc76931a6061b7550a3aad9bac7aedc49ad2b500462ba
6f48b07e84a6a3ab3059b3c7182019c4140fc9af3ed1cab3a10f005260e7b5e6
8067cdc615d23cfa9b43ebfb9bdc01c918de46319507f524725deafad23f10aa
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8981c52fdaa5ebb95c324ec53b7fedb0149ff80f7b2d0ec81cca00b5ae02b04f
938d5358105ff714b8590ece35474901de556c620a6564fd9af928eec8782b8a
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
b077ea547ebefd1a7f9188013c625568f36833267e57582a1ea67bb912b6a466
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
ca701fac89264e7f4d5944c5627d5bdd04675e8d8a96bcce283222e24282ee88
df91cd843f42ad524624c097d0553ec4cb46a871d28b2e537f361f393a7cc127