nartsokb.com
Open in
urlscan Pro
45.34.24.83
Malicious Activity!
Public Scan
Submission: On September 21 via manual from JP
Summary
This is the only time nartsokb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Seven Bank (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 45.34.24.83 45.34.24.83 | 40676 (AS40676) (AS40676) | |
19 | 1 |
ASN40676 (AS40676, US)
PTR: unassigned.psychz.net
nartsokb.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
nartsokb.com
nartsokb.com |
123 KB |
19 | 1 |
Domain | Requested by | |
---|---|---|
19 | nartsokb.com |
nartsokb.com
|
19 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://nartsokb.com/sevenBank/
Frame ID: C2E21567A3A2932A75521F7209B9E128
Requests: 19 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
nartsokb.com/sevenBank/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
nartsokb.com/sevenBank/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.css
nartsokb.com/sevenBank/css/ |
41 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PageCustom.css
nartsokb.com/sevenBank/css/ |
42 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
nartsokb.com/sevenBank/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
nartsokb.com/sevenBank/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prototype.ashx
nartsokb.com/ajaxpro/ |
4 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.ashx
nartsokb.com/ajaxpro/ |
16 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converter.ashx
nartsokb.com/ajaxpro/ |
5 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sevenBank_login,App_Web_login.aspx.d2a3fba6.ashx
nartsokb.com/ajaxpro/ |
557 B 877 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01C_logo_kihon_J_C.gif
nartsokb.com/sevenBank/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_first_time_users.png
nartsokb.com/sevenBank/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spc.gif
nartsokb.com/sevenBank/img/ |
43 B 289 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
nartsokb.com/sevenBank/js/ |
90 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seven_pattern.gif
nartsokb.com/sevenBank/img/ |
65 B 311 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_sec_alart.gif
nartsokb.com/sevenBank/img/ |
387 B 634 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bullet_blank.gif
nartsokb.com/sevenBank/img/ |
112 B 359 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bullet_arrow_down_02.png
nartsokb.com/sevenBank/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bullet_arrow_01.gif
nartsokb.com/sevenBank/img/ |
260 B 507 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Seven Bank (Financial)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| addEvent function| removeEvent object| MS object| AjaxPro object| progids object| progid undefined| ie7xmlhttp undefined| o object| Ajax function| sevenBank_login_class object| sevenBank_login function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nartsokb.com
45.34.24.83
0cf5b34acf8dcf06e9a3b5558e32b111abf61a2a8b45f39601e4b812772c0061
2e96ea5c7d9ff19bc6b314bb10741d961ec044431f1cb2bf15d2e8994276b570
37805b01f4e505c90d012bf045090beb9a17fa90437584b864341bd4f3ecb800
39115625a2e61da07f85bb7d45a0da43e79231e118b4323cf4de078cd3e4a691
460f31f787a5cdf5c50865ab30ae5c2115e9bce0d5420b4220b45d3e9070416e
541ee8723cae47d6b3a410ff31844204e7ed9c52ba651e42f80c88be54ffb5b3
59607272ab00f82adb7fde211ded1cbb2c43eb191e8cb8b8446cb180ca5de4b0
7ddf1f1cf4533e4827c7b84e6b3f25f263bb00d93e0bc81c76cf1ac9657b38f5
82140bb64b2d29aaa0d41d7179fb0c74c04a144276ef77b21e78266bfdade412
8b911f13ce10688d5c193a22bda4a42e34aa805e3cbc328ac736d997976074ac
9248ea7361b095e11de7764bfd16ca8a16ed6d893f0f306ea323bac2577a68c0
a1947fe271709a15ef560b247b5062f7668dc5cf97e923dd702e7e13f3fce4a0
b05cc7a2e455ef35b4afd25fc484017692ec7d34cbfa7fc01f85ecdd8a87c8f9
b68480a643588ac020fecb27b7624acccd0948ad81606650c4835cae815e1de3
b84750cc5a395288fcfd0cf42e3a60d6135e2f14db83fce05e97e5abacc2f9b4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d56a410fb4c0777040386bf7a8c7caf2bad4fa4e2afdbd6c80771d619b34d2ba
ed882a854daf53f120ea274b04614a57b0a3a9bd5a328e4a0170ca81b4aa92d5
fe72f8bd0f4c37dbda2bab83afcffe6dcaa2c1dbfc4ec9a7acb0153ac55eb6d2