cloudymike.com
Open in
urlscan Pro
52.58.131.70
Malicious Activity!
Public Scan
Effective URL: https://cloudymike.com/wp-includes/fonts/-/-/SwedBank/
Submission: On May 02 via manual from LT — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 15th 2023. Valid for: 3 months.
This is the only time cloudymike.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swedbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a01:238:20a:... 2a01:238:20a:202:1069:: | 6724 (STRATO ST...) (STRATO STRATO AG) | |
17 | 52.58.131.70 52.58.131.70 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-131-70.eu-central-1.compute.amazonaws.com
cloudymike.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
cloudymike.com
cloudymike.com |
681 KB |
1 |
fischerwiese-baindt.de
1 redirects
er4f45.fischerwiese-baindt.de |
289 B |
17 | 2 |
Domain | Requested by | |
---|---|---|
17 | cloudymike.com |
cloudymike.com
|
1 | er4f45.fischerwiese-baindt.de | 1 redirects |
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cloudymike.com R3 |
2023-04-15 - 2023-07-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloudymike.com/wp-includes/fonts/-/-/SwedBank/
Frame ID: C8342E9FE3DBCE1D2B881327548B3F68
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Tapkite mūsų klientu - SwedbankPage URL History Show full URLs
-
http://er4f45.fischerwiese-baindt.de/
HTTP 301
https://cloudymike.com/wp-includes/fonts/-/-/SwedBank/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://er4f45.fischerwiese-baindt.de/
HTTP 301
https://cloudymike.com/wp-includes/fonts/-/-/SwedBank/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
cloudymike.com/wp-includes/fonts/-/-/SwedBank/ Redirect Chain
|
356 B 540 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
461 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
567.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
92 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
298.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
663.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
208.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
521.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
884.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
407.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
1 MB 341 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
948.js
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/js/ |
96 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swedbank-logo.svg
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/img/ |
102 KB 102 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download.svg
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/img/ |
232 B 533 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
api.php
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/api/ |
170 B 537 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
check.php
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/api/ |
0 375 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
check.php
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/api/ |
0 375 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
check.php
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/api/ |
0 375 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
check.php
cloudymike.com/wp-includes/fonts/-/-/SwedBank/app-assets/api/ |
0 375 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swedbank (Banking)74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| a0_0x5267 function| a0_0x4147 function| a0_0x471b object| webpackChunksweedbnk function| a1_0x4adc85 function| a1_0x3e51 function| a1_0x2eda function| a1_0x2927 function| a1_0x1e74bc function| a1_0xecdc88 function| a1_0xfb119a function| a1_0xbf35af function| a4_0x530e7f function| a4_0x3216c0 function| a4_0x897ef8 function| a4_0xf135e8 function| a4_0x300e7b function| a4_0x2e99 function| a4_0x4f43 function| a4_0x2e06 function| a3_0x29f8a7 function| a3_0x50d894 function| a3_0x317153 function| a3_0x4fea6b function| a3_0x3b54b5 function| a3_0x7488ff function| a3_0x5ca5 function| a3_0x75f9 function| a3_0x13bb function| a7_0x39ef function| a7_0x1afcba function| a7_0x163c03 function| a7_0x36a1 function| a7_0x1354dd function| a7_0x3519ce function| a7_0x194c30 function| a7_0x44b72e function| a7_0x2cfe function| a6_0x19b7b8 function| a6_0xdb9a03 function| a6_0x18a5 function| a6_0x22a67c function| a6_0x3bf67f function| a6_0x5143fc function| a6_0x54e4d2 function| a6_0x59ae function| a6_0x4441 function| a5_0x3381e4 function| a5_0x34681c function| a5_0x583f function| a5_0x23f25c function| a5_0x4c081b function| a5_0x677141 function| a5_0x4f478b function| a5_0x2323 function| a5_0x25ca function| a2_0x2d31 function| a2_0x561a03 function| a2_0x4868f8 function| a2_0x1b9baf function| a2_0x5c0b function| a2_0x59e1ee function| a2_0x4f3b70 function| a2_0x37cc function| a8_0x12c7 function| a8_0x5eaf10 function| a8_0xdb9bdd function| a8_0x4219 function| a8_0x1ee6b6 function| a8_0x5aea64 function| a8_0x595d function| a8_0x2eb5c2 function| a8_0x442f1c0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cloudymike.com
er4f45.fischerwiese-baindt.de
2a01:238:20a:202:1069::
52.58.131.70
245e7e8a7ee0f7049ee58bb2b6cf2132ecad1578eab4dd522eb4303e565f7ea6
2e79d3098c63506181c29dd4bb2783c2c1a8da072e9fa16637e865bdac22e5b5
4b4933ebec49735539e4d79cbc9b757b39d1d8a30bfbc4d4f348f27e60109d62
63a56efe9dc6b6755c271e11d7c83bf2e290a20b1fd60c6d8f37a9dd8f6220f4
6f3441686f61a86086b3fecb2e51d2dea062342f5cbc2c86c5e28dc60e35bc9c
8784549611e2d56dc680730fa2cda8730ade2a5225a25bbc020b11b481dde6b2
9c336c787d587bc94f1efa2a0e69461ca7858f99dcdde131612b795fbbe65a7b
9e38ea6a85bd2cc50a1807c9a48070dc9469336d4f55f7ee2a7dd94a34c7b620
ab78d9c91966b35924e439a319bbebcf018a53a2a58b5bd5c7b9c2321d47a519
ab8b0dd8ccac59b01524b6a45fa7101075c042f8750c34948415a2cdb320eede
d4231c2bafaa27cd53f863754b3042aa82327ab040aba93fef98910c4355d5a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b1d8010475eb3b552a635b5238bb165de77e1b21633aaa03fd550a786fb0ae
edc4f2eb43f2eff28663d96c63ff86b7f6f5f1cc5f46eb61ba3f6d09036e1705