www.webcomicbookcreator.com
Open in
urlscan Pro
2a02:c207:2020:6234::10
Malicious Activity!
Public Scan
Effective URL: https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang/
Submission: On July 10 via manual from NO — Scanned from NO
Summary
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.
This is the only time www.webcomicbookcreator.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BankID (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 2a02:c207:202... 2a02:c207:2020:6234::10 | 51167 (CONTABO) (CONTABO) | |
4 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
webcomicbookcreator.com
2 redirects
www.webcomicbookcreator.com |
36 KB |
4 | 1 |
Domain | Requested by | |
---|---|---|
6 | www.webcomicbookcreator.com |
2 redirects
www.webcomicbookcreator.com
|
4 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webcomicbookcreator.com R3 |
2023-05-19 - 2023-08-17 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang/
Frame ID: 30DB0E5BDC76EECB92996C96C37534B2
Requests: 9 HTTP requests in this frame
Frame:
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang/passid_files/a.html
Frame ID: 86F9C511B2BE4E31E50BB08FCE0A7564
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
OIDC Client - BankIDPage URL History Show full URLs
-
https://www.webcomicbookcreator.com/wp-admin/user/Nars/po/card.php
HTTP 302
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang HTTP 301
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.webcomicbookcreator.com/wp-admin/user/Nars/po/card.php
HTTP 302
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang HTTP 301
https://www.webcomicbookcreator.com/wp-admin/user/Nars/gang/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.webcomicbookcreator.com/wp-admin/user/Nars/gang/ Redirect Chain
|
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oidc-client.min.css
www.webcomicbookcreator.com/wp-admin/user/Nars/gang/passid_files/ |
55 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.html
www.webcomicbookcreator.com/wp-admin/user/Nars/gang/passid_files/ Frame 86F9 |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
997 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
167 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
240 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
366 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
296 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid_201910240825.css
www.webcomicbookcreator.com/wp-admin/user/Nars/gang/passid_files/ Frame 86F9 |
157 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
0 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
296 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
172 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
172 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
310 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 86F9 |
200 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BankID (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.webcomicbookcreator.com/ | Name: PHPSESSID Value: s741eveqkld7f48uit09n1hgkm |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.webcomicbookcreator.com
2a02:c207:2020:6234::10
05963eb01688d9d70b3580fa1be7b11d99a66087656a2b6af1d80bd9670ef1e6
2020a87eac20868292ed2224cd0ce3142862fd19b2530b63431c7d9122cf6511
254868d92f9456d518064051d29f9ff0532bf9a5da291b06f8accb0900e40072
296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab
2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766
5f68455f39e6815ced50ce0f66071153a04d44415287847634ce25aeac4fbe00
5fb598258367467cd553791c19f53f62da36726d218734d18366ef75d5c32769
6a191c4d1f4adbef09018df519205cc8696e1f0f00a67196f0677e8484d949f2
bc795cf00117d34096de8876731329301cb631c7cc5b33cd34d56ec87b917822
c575ff79d199955e3aba19296142cf49cd7bcdcf7317f8a17bed8d349f9a7388
cbee76f080a3f8638f8d1cc0e1457adf5588a5ca44b56c5bf719bb5f57f0f2de
d7851c7c8eee9bd33f92ee9b8fab868298f78dd296fd36402c0b37b9a8e67666
dc197b30cca0477fd82b1c175af0ed1008687e12d9dff7f75c417f959c1830ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b34f791c5cd99ac34b1957d9183e4bb99d6136c8ca4428c781b1fb18c0616b