![](/screenshots/3af65704-56ae-4585-b20a-cb154abeb1c3.png)
digitalclearsmile.com
Open in
urlscan Pro
199.188.200.84
Malicious Activity!
Public Scan
Effective URL: https://digitalclearsmile.com/wp-content/post/app/user.php7
Submission: On January 09 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2023. Valid for: a year.
This is the only time digitalclearsmile.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fio Banka (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3031::6815:41f7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3035::ac43:c3cf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 29 | 199.188.200.84 199.188.200.84 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
28 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium108-2.web-hosting.com
digitalclearsmile.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
digitalclearsmile.com
2 redirects
digitalclearsmile.com |
469 KB |
3 |
telemart.pk
3 redirects
erp.telemart.pk |
2 KB |
28 | 2 |
Domain | Requested by | |
---|---|---|
29 | digitalclearsmile.com |
2 redirects
digitalclearsmile.com
|
3 | erp.telemart.pk | 3 redirects |
28 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
digitalclearsmile.com Sectigo RSA Domain Validation Secure Server CA |
2023-05-24 - 2024-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://digitalclearsmile.com/wp-content/post/app/user.php7
Frame ID: 76AE9893900F856DA77D519E05721C71
Requests: 28 HTTP requests in this frame
Screenshot
![](/screenshots/3af65704-56ae-4585-b20a-cb154abeb1c3.png)
Page Title
Internetové bankovnictví | Fio bankaPage URL History Show full URLs
-
https://erp.telemart.pk/uploads/vendox
HTTP 301
http://erp.telemart.pk/uploads/vendox/ HTTP 301
https://erp.telemart.pk/uploads/vendox/ HTTP 302
https://digitalclearsmile.com/wp-content/post/index.php7 HTTP 302
https://digitalclearsmile.com/wp-content/post/app/index.php7 HTTP 302
https://digitalclearsmile.com/wp-content/post/app/user.php7 Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://erp.telemart.pk/uploads/vendox
HTTP 301
http://erp.telemart.pk/uploads/vendox/ HTTP 301
https://erp.telemart.pk/uploads/vendox/ HTTP 302
https://digitalclearsmile.com/wp-content/post/index.php7 HTTP 302
https://digitalclearsmile.com/wp-content/post/app/index.php7 HTTP 302
https://digitalclearsmile.com/wp-content/post/app/user.php7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
user.php7
digitalclearsmile.com/wp-content/post/app/ Redirect Chain
|
27 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min-ver-CE8F684A284EDB4E0F59F8333915FFF3.js
digitalclearsmile.com/wp-content/post/app/res/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wicket-ajax-jquery-ver-6C3579C63E0C4EBFA954D232A7F1B943.js
digitalclearsmile.com/wp-content/post/app/res/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper-ver-B88AB82D5D8146BDC5CAC5A91F89C7D3.js
digitalclearsmile.com/wp-content/post/app/res/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tippy-ver-EBD6F8CE46A677E1A4F5F8A8317109A9.css
digitalclearsmile.com/wp-content/post/app/res/ |
1 KB 659 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tippy-ver-9DAE930A24E25D61134B6E5EB6831B36.js
digitalclearsmile.com/wp-content/post/app/res/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keyboard-ver-010269CDA913A412C9FA5EA0B447728B.css
digitalclearsmile.com/wp-content/post/app/res/ |
1 KB 618 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.13.1.min-ver-3809AB2F81BAF761459F5E66F169A5D7.css
digitalclearsmile.com/wp-content/post/app/res/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.13.1.min-ver-1174ABB1D3A146BA5ABD4E6FD5F94B41.js
digitalclearsmile.com/wp-content/post/app/res/ |
317 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_341.min-ver-4BE1CDB6FF8DBD79BE777AD52F309349.css
digitalclearsmile.com/wp-content/post/app/res/ |
119 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_341.min-ver-2F34B630FFE30BA2FF2B91E3F3C322A1.js
digitalclearsmile.com/wp-content/post/app/res/ |
39 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-select.min-ver-2212BC6B437F27E6F6AC3FE2D30BF349.css
digitalclearsmile.com/wp-content/post/app/res/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-select.min-ver-F20D3F02E2FBAD79845F3AB4C458AA20.js
digitalclearsmile.com/wp-content/post/app/res/ |
52 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min-ver-269550530CC127B6AA5A35925A7DE6CE.css
digitalclearsmile.com/wp-content/post/app/res/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultJsFunctions-ver-FA4401E0265BA7A982347E42A49BA273.js
digitalclearsmile.com/wp-content/post/app/res/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultLocalizedJsFunctions-ver-57244FFEF2516F1B0F7E5D0F00C28.js
digitalclearsmile.com/wp-content/post/app/res/ |
415 B 468 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-ver-85610819C8B6A69C1833660A2996E692.css
digitalclearsmile.com/wp-content/post/app/res/ |
70 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_fio-ver-894B2A39F77CABA34D70A4AC4C0FE0B6.png
digitalclearsmile.com/wp-content/post/app/res/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VlajkaCzMala-ver-425A2FE80A90297180F0DCC77B3F66B6.png
digitalclearsmile.com/wp-content/post/app/res/ |
492 B 692 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
digitalclearsmile.com/wp-content/post/app/res/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
digitalclearsmile.com/wp-content/post/app/res/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
digitalclearsmile.com/wp-content/post/app/res/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Platba_na_kontakt_457x125.jpg
digitalclearsmile.com/wp-content/post/app/res/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Platba_na_kontakt_1140x150_CZ.jpg
digitalclearsmile.com/wp-content/post/app/res/ |
99 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jq.js
digitalclearsmile.com/wp-content/post/app/res/ |
287 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print-ver-98E7EA0529EA6D60F27CD68E8A462E77.css
digitalclearsmile.com/wp-content/post/app/res/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fetch.php7
digitalclearsmile.com/wp-content/post/panel/ |
1 B 146 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
fetch.php7
digitalclearsmile.com/wp-content/post/panel/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- digitalclearsmile.com
- URL
- https://digitalclearsmile.com/wp-content/post/panel/fetch.php7
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fio Banka (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| Wicket object| Popper function| tippy function| resizeWidgets function| goBack function| resizeWidgetsCallbackFunction object| resizeChartCallbackFunctions function| numberSeparator function| resizeAllResponsiveTable function| setMinimalContentSize object| docCookies function| moneyFormat string| cd4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
erp.telemart.pk/ | Name: AWSALBTG Value: rflUPfRTfZPKXCalKSBQzHIxX8h5cp0vx+LBs9Oq08qpI6PB/no80GdHD2Zdi1rEfAO1IB/paiqQnj5eUpdRYFJ866zr6wfhmWkIqnSbHKt4n0iY6umPsND3FCuOiUEXBkcgMEDtImuDUDVN7cuipPFLGwB8/tfRqEAPSjwKCnR6 |
|
erp.telemart.pk/ | Name: AWSALBTGCORS Value: rflUPfRTfZPKXCalKSBQzHIxX8h5cp0vx+LBs9Oq08qpI6PB/no80GdHD2Zdi1rEfAO1IB/paiqQnj5eUpdRYFJ866zr6wfhmWkIqnSbHKt4n0iY6umPsND3FCuOiUEXBkcgMEDtImuDUDVN7cuipPFLGwB8/tfRqEAPSjwKCnR6 |
|
erp.telemart.pk/ | Name: PHPSESSID Value: b2jqlruqg1pimp4jfbug8j5j1p |
|
digitalclearsmile.com/ | Name: PHPSESSID Value: r44plralfj4q27a4fevno209ck |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
digitalclearsmile.com
erp.telemart.pk
digitalclearsmile.com
199.188.200.84
2606:4700:3031::6815:41f7
2606:4700:3035::ac43:c3cf
0c3a9e1e0229e0ebb7775f5e4a9900194b1bf13decb9722b9e602919b81f93be
2be858f73793d05ff1980dd8b9b410f78a70177c6392eef579f8d14df51b9ad9
30455d10b77a5e1db27b6da4dc87657d2987407c51c2021e3362befe1708fd5f
394b4a684145da6c3396deb5ad256856ecf9dd87bb475a30a741871650a59c3a
556231337b9758df902a9bf7341e26fcc863fbcc49ce69b115cc89b886b21252
560a2d63240bc09b078dec696e384db86b176515f856243986aa034f44fcb4d3
5909162c02a4a4d0d416ef6c415ef7ac13ce245129596c567cbaaca68aef0d36
5969f497d9158d7682f8219c6f13fa67269cdf5bf50a3931d95327151dee5678
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6cc0e4e3f7b9e472c56d61ab1c22b0cf51bf7f507b2bd73dc06bfacab4ef74c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d318ed1bece7c45e8ce48ebc396abbb731730d04f3917bb4b7d404d40c23337
80504e05cca74721295131958dab58ebc0f94cdbcfbb10569149243a0cace741
821b0cb76cb7e98668728b0e17c8f9a9bf1ea6e864ad33786ff5f092c4c34f64
913a84003c9795bbf288e6dbe0b7568d808d4deb37ca457509b0602b3ec00023
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a151c748951f77e6e14eb957a2c7cd4fd859af01795eac8867de727b9f7ed4af
a58e1dc9c68f4888eabb28a3929fb4123ad4899a9868d583981a5f3c12318a40
af8e4937abd00aa1221f7fdfce9ee9a5c64ead6a48c1d8960f727e1b40218ef5
b111fc877d145c82079ab929d7477713204b35f10bc19b51b6bcd2e3d754c3a2
d1f04d3f33cca07a343088988e82efe33eda8f2a5288ea185bd028652087737a
da6675b4379c9dd5e4377e662a9717c83f6a3fa34849f2668d5ebef901f04db0
ddcabbd5a59030ddbb97e8eef348e1a05460466bd319b495ab1cb8ceb44d28c4
f7b57a93db3a8c8a6a7249fcd51d49c1ce036466d110edc29747cc5cde8cbb62
f8804a47887d84f425ba2664bca43e222eafaaf275a7428c60666c4e21bda5ea
fef6feb74fe0e975fd7fef220538e0d892ab87ba5ed00eb3d11dc52ef370d980