tkzwhdyk.com
Open in
urlscan Pro
202.254.236.105
Malicious Activity!
Public Scan
Submission: On April 27 via automatic, source openphish
Summary
This is the only time tkzwhdyk.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Square (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 25 | 202.254.236.105 202.254.236.105 | 9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.) | |
24 | 1 |
ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: sv5104.xserver.jp
tkzwhdyk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
tkzwhdyk.com
1 redirects
tkzwhdyk.com |
127 KB |
24 | 1 |
Domain | Requested by | |
---|---|---|
25 | tkzwhdyk.com |
1 redirects
tkzwhdyk.com
|
24 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
squareup.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/
Frame ID: BBC3A380F89A6DE04A4C36C2FAF9E1B2
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863
HTTP 301
http://tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/ Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /authenticity_token/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /authenticity_token/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
New Relic (Analytics) Expand
Detected patterns
- env /^NREUM/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Sign up
Search URL Search Domain Scan URL
Title: Learn how to enable cookies >
Search URL Search Domain Scan URL
Title: Learn more about Square's Information Collection Policies >
Search URL Search Domain Scan URL
Title: Learn More>
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863
HTTP 301
http://tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/ Redirect Chain
|
24 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
71 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
83 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_003.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
834 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_002.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json2.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spin.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracekit.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
field-kit.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
101 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
language-selector.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
1 KB 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
809 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
underscore-min.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new_relic_episodes.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eventstream.js
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/Sign%20In_files/ |
28 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-regular.otf
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-medium.otf
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-regular.woff
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-medium.woff
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-regular.ttf
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sqmarket-medium.ttf
tkzwhdyk.com/sqrup/squareup_com/mysquare/b6b98e8890dba1987369811937101863/fonts/sqmarket/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Square (Financial)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| Spinner object| TraceKit object| FieldKit object| Kicksend object| square function| _ object| NR_QUEUE object| NREUM function| EventstreamClient function| slideDrawer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tkzwhdyk.com
202.254.236.105
29a2ce58d60adec3953087b9868ef22335051b70714608d8f0ed0b32053cca79
34980181cc7961fa9221558b46e83432cef83decbb61ecbca2b714a1783c043e
365127189fcc9c9b4430e6c18dcc7223832f92db0a91601dc18e19861f272a46
459c39ad19d015af430de43a5acf887bc127c8be49c0bd42a870ba787203198a
4695c618b1e98454dc009daf05de10f77b292f92eabbb814b1a97092ccff9e7b
4a62f4dd2e3c28f696ac09dcfba28d768e5867cf4f4e0c2f8065e3f620384a7a
7d132e6bf67770bae138ac6fb763cc70be231b4e2c477933d45bc9e7e7cbcca3
7d95b81762f60e080f10a6a4f419b648a9518d19a9052b7e9a19ad9cbe64ba07
94e7886c9189a874d742c78228c291d6c6419fae7a3bd5985957160240f5a8e5
99cc5dc370fff154123b301ec28c64f60220cca9172da7c25e1a84d8c6a8df7e
a22a1f47acbb477aeff7f59ed53313bdc7101e37bd87817c64d33cfa53869731
abe6fdb2b2cc7939303e91bf2ff70ff17b25bf0ddb32b24271c8abefe38b1a91
b3c5e8f075c8af89a6ef85320e2dcf8be1cae7a3acad17da32e13ba27ab059b1
c5f4c8a9a70d0e79ee14ecc7dff964cb420c5bf24af77364298bb2cf5441ba7a
cfdf3432d0e9f1777a4317e9effe130419f44b4af852cc0284febc5b99ec629d
da5ac7f89cc8ffd2510f4baf7a03bddceb8072430254b7a5eaead875c89e0d74
fd0add913bb90349b41888156fb960d29d208b11b0b75018c326532551233471
fda4b5b044307d3373412c736ab5e183928aef021b742e823b5ab70511ff528b