uaa.ojadjfdjkcn.top
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On November 09 via automatic, source openphish — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on November 8th 2023. Valid for: 3 months.
This is the only time uaa.ojadjfdjkcn.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
ojadjfdjkcn.top
uaa.ojadjfdjkcn.top |
142 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | uaa.ojadjfdjkcn.top |
uaa.ojadjfdjkcn.top
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ojadjfdjkcn.top GTS CA 1P5 |
2023-11-08 - 2024-02-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://uaa.ojadjfdjkcn.top/?gclid=EAIaIQobChMIi5zyyfyzggMVxKpmAh0p2Q0NEAMYASAAEgKy6fD_BwE/
Frame ID: 2B70E1F53C5DF31C2362A8E1BBE95C35
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uaa.ojadjfdjkcn.top/ |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zcvdgha.css
uaa.ojadjfdjkcn.top/css/ |
114 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bo382.css
uaa.ojadjfdjkcn.top/css/ |
91 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e1ufu.css
uaa.ojadjfdjkcn.top/css/ |
226 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vio22.js
uaa.ojadjfdjkcn.top/js/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i6fre.js
uaa.ojadjfdjkcn.top/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qoihv62.js
uaa.ojadjfdjkcn.top/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcagjq8.js
uaa.ojadjfdjkcn.top/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| QRCode function| guid function| getLocation function| sock function| qrcode function| qrcode2 function| refreshqrcode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
uaa.ojadjfdjkcn.top
2a06:98c1:3120::3
144f9b1e972d0b908fee7dc4e93471b73033d05a20c40eb42d1ac879525331ce
2387f96fe7aaf2261b5eb5845dd7b2c8410a006d9de81c5bb1764e93ad2e0b2b
455f7bef247c7bd3cad535a636bfc25f89cb3371a728b14f048c21e4b9cc0580
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
55c173330e36aaceaf268be4fe4421376a4e9eab4ce0de8e32aeb1c75f1181af
9cbfd4f00c4210688faaecdace3d2877e5c789a7c8d06f1d0c49507b55de6a2b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
e2d96116dfecaa1440e9ce61b47332b775f6043a0381777c6b820310c234c13c