![](/screenshots/afe2e070-896e-43f0-882a-6db51d957e89.png)
sellabanco.freewebhostmost.com
Open in
urlscan Pro
2600:1900:4000:e094:0:b::
Malicious Activity!
Public Scan
Submission: On June 21 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by E5 on June 6th 2024. Valid for: 3 months.
This is the only time sellabanco.freewebhostmost.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2600:1900:400... 2600:1900:4000:e094:0:b:: | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
3 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 34.132.146.171 34.132.146.171 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
15 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sellabanco.freewebhostmost.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: server1.webhostmost.com
sellabanco.freewebhostmost.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
freewebhostmost.com
sellabanco.freewebhostmost.com |
131 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
33 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
12 | sellabanco.freewebhostmost.com |
sellabanco.freewebhostmost.com
|
3 | cdnjs.cloudflare.com |
sellabanco.freewebhostmost.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
freewebhostmost.com E5 |
2024-06-06 - 2024-09-04 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sellabanco.freewebhostmost.com/log/de/login.php
Frame ID: 652042928584354C948E1D68FA972488
Requests: 15 HTTP requests in this frame
Screenshot
![](/screenshots/afe2e070-896e-43f0-882a-6db51d957e89.png)
Page Title
KontoDetected technologies
Detected patterns
- \.php(?:$|\?)
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
sellabanco.freewebhostmost.com/log/de/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
sellabanco.freewebhostmost.com/log/de/res/ |
855 B 374 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.css
sellabanco.freewebhostmost.com/log/de/res/ |
336 B 265 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.creditCardValidator.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-creditcardvalidator/1.2.0/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-lg.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-md.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header-sm.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header-xs.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer-lg.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer-md.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer-sm.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer-xs.png
sellabanco.freewebhostmost.com/log/de/res/html/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
sellabanco.freewebhostmost.com/ |
796 B 903 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| $jscomp function| sendLog0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | block-all-mixed-content |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
sellabanco.freewebhostmost.com
104.17.24.14
2600:1900:4000:e094:0:b::
34.132.146.171
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2b92e992de80846754a54ea6114a643bdcbb5cc788083e7e76b93dd1ddf2a061
36f850f9246f5c029f1e01468d3cbd924b4ece9dd39654915b1f3eda7759ae76
407860bab82b6752c93ac9e22085f7452b9cf6f1a41ccd3ff331ea6275d572ae
4e76144ae96552d80af9f87f19ff795f4798b0f27d7d10c329bd9db18c43ff57
a4a1237bd77825e434a1ecc0cc74aa6644fcd177248f490fcfe060f18a841b77
a4b2d54b515910c617710c2c902f96242f122a9809588d1936119d0b6caaab18
af38004d8721e7e2af09f087562e58be2ce898455c34360444fc4ea8815ffb73
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
c514794da5c1d374f6d37d2fd777312b81c753e39b4c8e5c4d75263ee37ae582
c52722d2092a454f801fb5437774f4f4e5779d461ff8616bbdbe4ef3e12d597e
e58abf898f0ea6cca30f448a2b00a132238292cf11006da844b3184587e767ac
f7c5602bc2b35cfb46106f1f8cbf61f644c40e36f5b5eaaf4f7afdf1d64e2f81
f7f6a6ab21052e14ef5c4f99f6ca2052ee8401c7008d8f8a7794b2349f721ec5
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a