creativemarketlibrary.com
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Effective URL: https://creativemarketlibrary.com/par/Iogin/home/particulares
Submission: On July 26 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on July 24th 2022. Valid for: 3 months.
This is the only time creativemarketlibrary.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 195.210.46.50 195.210.46.50 | 48716 (PSKZ-ALA) (PSKZ-ALA) | |
1 15 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
creativemarketlibrary.com
1 redirects
creativemarketlibrary.com |
777 KB |
2 |
too-kontur.kz
2 redirects
too-kontur.kz |
554 B |
14 | 2 |
Domain | Requested by | |
---|---|---|
15 | creativemarketlibrary.com |
1 redirects
creativemarketlibrary.com
|
2 | too-kontur.kz | 2 redirects |
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.creativemarketlibrary.com E1 |
2022-07-24 - 2022-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://creativemarketlibrary.com/par/Iogin/home/particulares
Frame ID: 808CB6D13177F16881E530B7C91F4B8B
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Home BankingPage URL History Show full URLs
-
http://too-kontur.kz/wp-admin/har
HTTP 301
http://too-kontur.kz/wp-admin/har/ HTTP 302
https://creativemarketlibrary.com/par/Iogin/home/ HTTP 302
https://creativemarketlibrary.com/par/Iogin/home/particulares Page URL
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://too-kontur.kz/wp-admin/har
HTTP 301
http://too-kontur.kz/wp-admin/har/ HTTP 302
https://creativemarketlibrary.com/par/Iogin/home/ HTTP 302
https://creativemarketlibrary.com/par/Iogin/home/particulares Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
particulares
creativemarketlibrary.com/par/Iogin/home/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.a5beaad1.css
creativemarketlibrary.com/par/Iogin/home/style// |
314 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
angular.min.js
creativemarketlibrary.com/par/Iogin/home/style/js/ |
163 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
creativemarketlibrary.com/par/Iogin/home/style/js/ |
286 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.validate.min.js
creativemarketlibrary.com/par/Iogin/home/style/js/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.js
creativemarketlibrary.com/par/Iogin/home/style/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
smarbannerimg.png
creativemarketlibrary.com/par/Iogin/home/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spring_afternoon_p.jpg
creativemarketlibrary.com/par/Iogin/home/style/ |
371 KB 372 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico3.ttf
creativemarketlibrary.com/par/Iogin/home/style// |
41 KB 26 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico.ttf
creativemarketlibrary.com/par/Iogin/home/style// |
27 KB 17 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Regular.woff
creativemarketlibrary.com/par/Iogin/home/style// |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Light.woff
creativemarketlibrary.com/par/Iogin/home/style// |
35 KB 35 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Semibold.woff
creativemarketlibrary.com/par/Iogin/home/style// |
38 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Bold.woff
creativemarketlibrary.com/par/Iogin/home/style// |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| angular function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
creativemarketlibrary.com/ | Name: PHPSESSID Value: 30d257f7c206f5a87db7545b4e36c114 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
creativemarketlibrary.com
too-kontur.kz
195.210.46.50
2a06:98c1:3121::3
15f0dbfdc7e0142e35e0cfad279b9162494ebe5d2d2f0dcd19b079c4e4a48682
1845ede5d9bfae1cae119fe3a69e89ab429421712ad1623c5fbc8f29e7146366
1b52e8efb42bc0849b0f75fb64eea8c25035d624a4bd507db661b41ba89bd552
34a85643617aca507bef2c232955d2b27a131b39dd8cff33d567148024e7b460
47378272154e50107f0f3ffa755ca6fcd1495fdc931e922f880d7240f998029c
65b5e9af6fe2f36bf2978fb062ac3f0844156e1b4880c01f615fba2354ddfa87
692d421d5c163409a5918e802f507abbaa6bec90baa454c5252977a5b3b7ff0d
7436e24f0ca98b1513bd86f14395355cfb1873c6a6cfa309af8bdd822b9c2baf
8194873b3cd30305dda0b8b5e8db89e48a977f086b7f22781f2e53e34fe362e5
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
ce0fe7f95d80802ce6db03b2d255ca1878f0f4be17048aaed326946d30804b61
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
ee25342f45423d2d69e15fdfda470f1dc1fa575087642ee7cab540cd28fe9055