www.thkp-c.org Open in urlscan Pro
2606:4700:3035::6815:4ab9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thkp-c.org/iBOA/personal2.html
Submission: On March 03 via api (March 3rd 2023, 2:21:05 am UTC) from JP — Scanned from JP

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::6815:4ab9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thkp-c.org.
TLS certificate: Issued by E1 on January 12th 2023. Valid for: 3 months.

This is the only time www.thkp-c.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 13	2606:4700:303... 2606:4700:3035::6815:4ab9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2

13 2606:4700:3035::6815:4ab9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.thkp-c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thkp-c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	thkp-c.org 1 redirects www.thkp-c.org thkp-c.org	157 KB
12	1

	Domain	Requested by
12	www.thkp-c.org	1 redirects www.thkp-c.org
1	thkp-c.org	www.thkp-c.org
12	2

This site contains no links.

Subject Issuer	Validity	Valid
*.thkp-c.org E1	`2023-01-12` - `2023-04-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.thkp-c.org/iBOA/personal2.html
Frame ID: 7D60CBE44A43B28A00EE588FE31EFF71
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Login

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

155 kB
Transfer

527 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif HTTP 301
https://thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request personal2.html Show response www.thkp-c.org/iBOA/	342 KB 38 KB	644ms 491ms	Document text/html	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thkp-c.org/iBOA/personal2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8ceeb9cac34af2901d2a6f765a030daf456a539714714d857bef78d5866cafa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0, public cf-cache-status DYNAMIC cf-ray 7a1e674e7b39f655-NRT content-encoding br content-type text/html; charset=UTF-8 date Fri, 03 Mar 2023 02:21:01 GMT expires Fri, 03 Mar 2023 02:21:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc%2Ft6lK6%2F8gemgSM6szzAeJDC5vD3sT4y8UX%2Fkgp5PfrUQSFSKM5%2BNNECTB0rw7JEhH2n0r4Ror2HWjquXZ1dUrsr8s1aixJZtYyy4Tu%2Bw8i1qYmjYpjuLpceDeRtqLOS9b708mCKFi1rWRO7g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	mask.js Show response www.thkp-c.org/iBOA/images/	91 KB 23 KB	17ms 16ms	Script application/javascript	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thkp-c.org/iBOA/images/mask.js Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5e84654cdf2b011c4cc2d0b25aeb3ad4ac0135c3e5cc83aa0725ca368b845177` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 34627 cf-polished origSize=149061 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Fri, 28 Oct 2022 14:24:28 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53T%2B3m1DrWBnV3KYB7feL36RSK5aMQZGDJcJhieVW4OposHjoakpYLmwbDM9jEHELxzhNUtnJOz3JF9KeMf%2B8kOIr0uLvkE83sV3aleXtqlC%2ByS73OWaJ9tp429O6Dvp9jyY52RTEyCZ9l1sPg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7a1e67518d6df655-NRT expires Fri, 01 Mar 2024 16:43:54 GMT
GET H3	200	assets-images-global-logos-BofA_rgb-CSX5624a146.svg www.thkp-c.org/iBOA/images/	3 KB 2 KB	12ms 12ms	Image image/svg+xml	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT content-encoding br cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWL2bXOdbaW2KpDCInVaL4rIuWn6G%2FyfymmjrjtUYrRu%2FZMQxkf3DtxgYswRj2%2Bj%2Fh3EFzXLuvhsHmIpeKt9CCm2mNybXV9y3TZDgFt07STM6MNLgrmz%2FlA5%2FPI5EXTJj79Y2LTeiRhctk1DaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=10368000 cf-ray 7a1e67547955b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H3	200	assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg www.thkp-c.org/iBOA/images/	2 KB 2 KB	12ms 11ms	Image image/svg+xml	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT content-encoding br cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNg0KXTeof5QIbyCuNhbQNqBC5qLKg93TDDTdwgGrP3JrDTZsUGL%2F%2BXGK7glJIYjm7bIi%2BljvXuPk%2F6EZrg%2FlVdEUoXszmsw3GKXfYBIRzxWKm6ASXdA6klJrRpKOSkZKApefl7ijXeOpHzdvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=10368000 cf-ray 7a1e67547959b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H2	404	assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif thkp-c.org/iBOA/images/ Redirect Chain https://www.thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif https://thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif	0 0	1553ms 1532ms	Image text/html	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H2 Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Redirect headers date Fri, 03 Mar 2023 02:21:02 GMT cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 x-redirect-by WordPress vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjUCvYouzQBnCRpKS9I5Wi2TQJxxGC4hLfeOLAitINGCFjWyel4NbVodkOC1uSDaw8FwMjRUBUuKsWVFwQJmYu5zQtR%2BBu9gWE3vdWnSRSiImEpPee%2Fh95Gc0zb3gImoCcw0muWIJ5%2Bj03Ktmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location https://thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif cache-control no-cache, must-revalidate, max-age=0 cf-ray 7a1e6754795ab00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H3	200	assets-images-global-header-secure-lock-CSXa09bf5fc.svg www.thkp-c.org/iBOA/images/	353 B 750 B	15ms 15ms	Image image/svg+xml	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT content-encoding br cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EcYU60IzjfOjjsRgOxyvblNX75mioARlZxV7FHzbPNtgLouMcOV49Q5Wx9i9K5Ye18mC05P7oYsLmvR05AzfogUGNOPLCMEbSIWRIL4SZLiqspWkP%2F8OZ5BJpc8bsLFO0PUeQtyax0F7%2FinWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=10368000 cf-ray 7a1e6754896ab00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H3	200	assets-images-global-title-flagscape_red-CSX345e7fd7.svg www.thkp-c.org/iBOA/images/	2 KB 2 KB	16ms 15ms	Image image/svg+xml	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT content-encoding br cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z9ZMaq5X%2Bv6TOv6TfCbnIeyco1XoaiUQqbWQd3kAOh69JG%2F43Os35MNQBEqzmX%2Bbog2CzeWWvA9lEi18X9YEAjpJcM88n2XxSWm3r3NoQM5U1TvealgztUAjd7cweqWF%2BBGStOO2nhSRxybig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=10368000 cf-ray 7a1e6754896cb00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H3	200	cnx-regular.woff2 www.thkp-c.org/iBOA/	11 KB 12 KB	11ms 11ms	Font font/woff2	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thkp-c.org/iBOA/cnx-regular.woff2 Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b` Request headers Referer https://www.thkp-c.org/iBOA/personal2.html Origin https://www.thkp-c.org accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd3cdG7coMdzvPCckK9gUwG%2F%2B76Tw7KBlkrV554bSnvrZ%2BZjEtNgzXxF38e4hFSIbP553ldd9okbJcIRAzRqSsweVvJM4mn9eLEa%2F%2Bh9%2BLSanI7A3P%2FN4YzHdYEQ3RBqu3y%2FzRjFX4KVCatrrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=10368000 cf-ray 7a1e6754896fb00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	cnx-bold.woff2 www.thkp-c.org/iBOA/	12 KB 12 KB	13ms 13ms	Font font/woff2	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thkp-c.org/iBOA/cnx-bold.woff2 Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7` Request headers Referer https://www.thkp-c.org/iBOA/personal2.html Origin https://www.thkp-c.org accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35839 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slF8YiqQgQoAKado2RAgucmTQsidFLJSlDOrX%2FukKiVqtO1Viqfmqgg52OORetplHUYX9JFAyI%2FXBjoUn2YXu864U5jrhRZIWEljTssYL9n3PoDLlFj3k27IMrAxWImsRjE3Tuo78ytxHQG%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=10368000 cf-ray 7a1e67548972b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H3	200	cnx-medium.woff2 www.thkp-c.org/iBOA/	12 KB 12 KB	14ms 13ms	Font font/woff2	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.thkp-c.org/iBOA/cnx-medium.woff2 Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3` Request headers Referer https://www.thkp-c.org/iBOA/personal2.html Origin https://www.thkp-c.org accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4468 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcKCYWJ5YPma9p13lYF2Kx%2B6YxjnbDfSJ5HQjszL703FMoFuV3rlS3MaW9myeWIkZJBDaC%2BTonl0zwHdbSAXM9p9cl29%2FqoA2N%2BgKvaqSuYhm%2BdDJgCjLhDZQ0XQc1SKsUTeOEhmsVW6qDf%2FJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=10368000 cf-ray 7a1e67548973b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 01 Jul 2023 01:06:33 GMT
GET H3	200	assets-images-global-header-lock-CSX1f35fd71.png www.thkp-c.org/iBOA/images/	51 KB 52 KB	11ms 10ms	Image image/png	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-global-header-lock-CSX1f35fd71.png Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmJ5%2B3l%2BQlvEJqCMQwrZUnqBde8VPdxAX8zl%2Frl7I8VI7k3lx0DV14Kb5422AT5u19v4x51rK%2FysLgkcCGq7GCXl4DDE0JpL5L%2FVM8WoT%2BLfEOh1ORn%2FPHMEH21IIfxnBtZWJ57ySaejoGRWLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=10368000 accept-ranges bytes cf-ray 7a1e67549987b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52278 expires Fri, 30 Jun 2023 16:23:41 GMT
GET H3	200	assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png www.thkp-c.org/iBOA/images/	343 B 852 B	14ms 14ms	Image image/png	2606:4700:3035::6815:4ab9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.thkp-c.org/iBOA/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png Requested by Host: www.thkp-c.org URL: https://www.thkp-c.org/iBOA/personal2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:4ab9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.thkp-c.org/iBOA/personal2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 02:21:01 GMT cf-cache-status HIT last-modified Fri, 28 Oct 2022 14:24:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 35840 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe7KlyQveElzbb13kCe5Y2GyAnwYhIpUoPuixcerzxjSnZjByy9s6mcv3y5q2B%2FaatDMUC%2Bq%2FrOTx49WicRBEp57FrSxSf85btrgCOIe3ghhnV%2FFTODiBJUCJhAmEOLd7KLT2WBCis6PVi9rAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=10368000 accept-ranges bytes cf-ray 7a1e67549988b00f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 343 expires Fri, 30 Jun 2023 16:23:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thkp-c.org/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1677810062
www.thkp-c.org/	1969-12-31 23:59:59	Name: apbct_prev_referer Value: https%3A%2F%2Fwww.thkp-c.org%2FiBOA%2Fpersonal2.html
www.thkp-c.org/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1677810062
www.thkp-c.org/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 1
www.thkp-c.org/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252269477ecf692899ba597eb236798bb15e%2522%257D
www.thkp-c.org/	1970-01-20 10:46:42	Name: ct_sfw_pass_key Value: 1ec8da7be8f5a7d4ab6d01cd5f1eda080
thkp-c.org/	1969-12-31 23:59:59	Name: apbct_timestamp Value: 1677810063
thkp-c.org/	1969-12-31 23:59:59	Name: apbct_prev_referer Value: https%3A%2F%2Fwww.thkp-c.org%2F
thkp-c.org/	1969-12-31 23:59:59	Name: apbct_site_landing_ts Value: 1677810063
thkp-c.org/	1969-12-31 23:59:59	Name: apbct_page_hits Value: 1
thkp-c.org/	1969-12-31 23:59:59	Name: apbct_cookies_test Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522284df5e725d738279605461c3741cf4a%2522%257D
.thkp-c.org/	1970-01-20 10:07:49	Name: apbct_urls Value: %7B%22www.thkp-c.org%2FiBOA%2Fimages%2Fassets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif%22%3A%5B1677810062%5D%2C%22thkp-c.org%2FiBOA%2Fimages%2Fassets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif%22%3A%5B1677810063%5D%7D
.thkp-c.org/	1970-01-20 10:07:49	Name: apbct_site_referer Value: https%3A%2F%2Fwww.thkp-c.org%2F
thkp-c.org/	1970-01-20 10:46:42	Name: ct_sfw_pass_key Value: 2eab2c0b718f7f3dd4bf3d8931b8ceb10

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thkp-c.org/iBOA/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

thkp-c.org
www.thkp-c.org
2606:4700:3035::6815:4ab9
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
5e84654cdf2b011c4cc2d0b25aeb3ad4ac0135c3e5cc83aa0725ca368b845177
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3
c8ceeb9cac34af2901d2a6f765a030daf456a539714714d857bef78d5866cafa
d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a

www.thkp-c.org Open in urlscan Pro 2606:4700:3035::6815:4ab9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

92 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

155 kBTransfer

527 kBSize

14 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

14 Cookies

1 Console Messages

Indicators

www.thkp-c.org Open in urlscan Pro
2606:4700:3035::6815:4ab9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

155 kB
Transfer

527 kB
Size

14
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!