bisai.love Open in urlscan Pro
157.7.189.53 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/kwqHtCsO
Effective URL:
https://bisai.love/wp-themes/id-no/siffer.html
Submission: On May 30 via api (May 30th 2023, 9:49:28 am UTC) from US — Scanned from NO

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 157.7.189.53, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is bisai.love.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.

This is the only time bisai.love was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BankID (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	157.7.189.53 157.7.189.53	7506 (INTERQ GM...) (INTERQ GMO Internet)
15	1

1 2606:4700:10::6816:e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 157.7.189.53 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: users225.vip.heteml.jp

bisai.love	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bisai.love 1 redirects bisai.love	384 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 77221	410 B
15	2

	Domain	Requested by
16	bisai.love	1 redirects bisai.love
1	cutt.ly	1 redirects
15	2

This site contains no links.

Subject Issuer	Validity	Valid
bisai.love R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bisai.love/wp-themes/id-no/siffer.html
Frame ID: 350ACA0CECC81DD6459EC0703B311E83
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BankID

Page URL History Show full URLs

https://cutt.ly/kwqHtCsO HTTP 301
https://bisai.love/wp-themes/id-no/ HTTP 302
https://bisai.love/wp-themes/id-no/siffer.html Page URL

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

384 kB
Transfer

425 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/kwqHtCsO HTTP 301
https://bisai.love/wp-themes/id-no/ HTTP 302
https://bisai.love/wp-themes/id-no/siffer.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request siffer.html Show response bisai.love/wp-themes/id-no/ Redirect Chain https://cutt.ly/kwqHtCsO https://bisai.love/wp-themes/id-no/ https://bisai.love/wp-themes/id-no/siffer.html	22 KB 4 KB	300ms 300ms	Document text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `eb506afafefc86a9446640ead966acf9ee91d07ba2605983af2e71c9acc5971b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language no-NO,no;q=0.9 Response headers accept-ranges none content-encoding gzip content-length 4108 content-type text/html date Tue, 30 May 2023 09:49:22 GMT last-modified Mon, 22 May 2023 16:06:26 GMT server Apache vary Range,Accept-Encoding Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:21 GMT location siffer.html server Apache x-powered-by PHP/8.1.19
GET H2	404	730.b65b407e.js bisai.love/wp-themes/id-no/	0 0	892ms 891ms	Script text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://bisai.love/wp-themes/id-no/730.b65b407e.js Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	authorization.fd5ca072.js bisai.love/wp-themes/id-no/	0 0	594ms 593ms	Script text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://bisai.love/wp-themes/id-no/authorization.fd5ca072.js Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	a.css bisai.love/wp-themes/id-no/style/	23 KB 5 KB	303ms 303ms	Stylesheet text/css	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Full URL https://bisai.love/wp-themes/id-no/style/a.css Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `377bc04828d1fcd903182b78f9070848f44dd8e8d773c303bd14950319c0b134` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 30 May 2023 09:49:22 GMT content-encoding gzip last-modified Mon, 22 May 2023 09:20:16 GMT server Apache vary Range,Accept-Encoding content-type text/css accept-ranges none content-length 4630
GET H2	200	bankid-logo.28f35de5.svg bisai.love/wp-themes/id-no/	3 KB 1 KB	305ms 302ms	Image image/svg+xml	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/bankid-logo.28f35de5.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `484e8282229f40d3e277f96ca4584b7d6c863f4270f5294bc52c365f5e6473fc` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 30 May 2023 09:49:22 GMT content-encoding gzip last-modified Mon, 22 May 2023 09:21:50 GMT server Apache vary Range,Accept-Encoding content-type image/svg+xml accept-ranges none content-length 1113
GET H2	404	x.45f41414.svg bisai.love/wp-themes/id-no/	28 KB 28 KB	889ms 883ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/x.45f41414.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `63ae6b51179b67355bde7713c47e2f1037daa3a299eb0c97941480a2c83c91da` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	bankid-symbol-animated.ee3b536a.svg bisai.love/wp-themes/id-no/	3 KB 852 B	316ms 311ms	Image image/svg+xml	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/bankid-symbol-animated.ee3b536a.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `fd4987d3c28600002249d858a9033cf5a15178b0a366dac7fa081fbeef106ce3` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 30 May 2023 09:49:22 GMT content-encoding gzip last-modified Mon, 22 May 2023 09:22:04 GMT server Apache vary Range,Accept-Encoding content-type image/svg+xml accept-ranges none content-length 680
GET H2	404	helper-text-error.b85af04c.svg bisai.love/wp-themes/id-no/	64 KB 64 KB	1174ms 1169ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/helper-text-error.b85af04c.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `da1da86fbacdc53796a0959efbf09827cad122474ccd331efe4fa7aaf2c2e02a` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	polling-animation.bdad460a.svg bisai.love/wp-themes/id-no/	28 KB 28 KB	1174ms 1169ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/polling-animation.bdad460a.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `163d1c8dca23e6ac895c4305cbf52d2c1cae2048f078158c6cea93d10c92697f` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	spinner.5e60a438.svg bisai.love/wp-themes/id-no/	866 B 465 B	308ms 303ms	Image image/svg+xml	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/spinner.5e60a438.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `2b359eb8551d76761f71a08a1cef93b2ba3242712c48d5afccff8ceadad2ea13` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 30 May 2023 09:49:22 GMT content-encoding gzip last-modified Mon, 22 May 2023 13:22:58 GMT server Apache vary Range,Accept-Encoding content-type image/svg+xml accept-ranges none content-length 293
GET H2	404	x-red.8665253e.svg bisai.love/wp-themes/id-no/	60 KB 60 KB	1174ms 1169ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/x-red.8665253e.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `b99e7f4616132b311b9b44d63b5de4fe065a534de07c393647baadef452ca964` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	checkmark.c5e73030.svg bisai.love/wp-themes/id-no/	64 KB 64 KB	1175ms 1170ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/checkmark.c5e73030.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `56bc91e331062d44a937383b053bac40f23f26bccafbc28639a4d1c5fbbd2012` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	exclamation-mark.e46cfb1d.svg bisai.love/wp-themes/id-no/	64 KB 64 KB	1174ms 1170ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/exclamation-mark.e46cfb1d.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `e002b66ac6944c7cd8da89e15ab83c36b431f925677371c611c07ec4d4f95bfb` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	bankid-dna.dc1ccc43.svg bisai.love/wp-themes/id-no/	2 KB 763 B	888ms 884ms	Image image/svg+xml	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/bankid-dna.dc1ccc43.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / Resource Hash `52b6c6215cd8ff9ccbbab3118579ae46f69b11db719832c2b81d95110be8353c` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 30 May 2023 09:49:22 GMT content-encoding gzip last-modified Mon, 22 May 2023 09:21:34 GMT server Apache vary Range,Accept-Encoding content-type image/svg+xml accept-ranges none content-length 591
GET H2	404	no-image.c3b3f789.svg bisai.love/wp-themes/id-no/	64 KB 64 KB	1174ms 1170ms	Image text/html	157.7.189.53 INTERQ GMO Internet
General Check archive.org Show headers Download Go to Show image Full URL https://bisai.love/wp-themes/id-no/no-image.c3b3f789.svg Requested by Host: bisai.love URL: https://bisai.love/wp-themes/id-no/siffer.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.7.189.53 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP), Reverse DNS users225.vip.heteml.jp Software Apache / PHP/8.1.19 Resource Hash `3db851762f78000b5450283db1f2dfb6e231194d14722c72fa956a140f1bf72e` Request headers accept-language no-NO,no;q=0.9 Referer https://bisai.love/wp-themes/id-no/siffer.html User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-type text/html; charset=UTF-8 date Tue, 30 May 2023 09:49:22 GMT cache-control no-cache, must-revalidate, max-age=0 server Apache x-powered-by PHP/8.1.19 link <https://bisai.love/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BankID (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless boolean| doesNotUseCsp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: a3blpnbo3fp998cj0ompq4cet9

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bisai.love/wp-themes/id-no/authorization.fd5ca072.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/x.45f41414.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/730.b65b407e.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/helper-text-error.b85af04c.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/polling-animation.bdad460a.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/x-red.8665253e.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/no-image.c3b3f789.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/exclamation-mark.e46cfb1d.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bisai.love/wp-themes/id-no/checkmark.c5e73030.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bisai.love
cutt.ly
157.7.189.53
2606:4700:10::6816:e8
163d1c8dca23e6ac895c4305cbf52d2c1cae2048f078158c6cea93d10c92697f
2b359eb8551d76761f71a08a1cef93b2ba3242712c48d5afccff8ceadad2ea13
377bc04828d1fcd903182b78f9070848f44dd8e8d773c303bd14950319c0b134
3db851762f78000b5450283db1f2dfb6e231194d14722c72fa956a140f1bf72e
484e8282229f40d3e277f96ca4584b7d6c863f4270f5294bc52c365f5e6473fc
52b6c6215cd8ff9ccbbab3118579ae46f69b11db719832c2b81d95110be8353c
56bc91e331062d44a937383b053bac40f23f26bccafbc28639a4d1c5fbbd2012
63ae6b51179b67355bde7713c47e2f1037daa3a299eb0c97941480a2c83c91da
b99e7f4616132b311b9b44d63b5de4fe065a534de07c393647baadef452ca964
da1da86fbacdc53796a0959efbf09827cad122474ccd331efe4fa7aaf2c2e02a
e002b66ac6944c7cd8da89e15ab83c36b431f925677371c611c07ec4d4f95bfb
eb506afafefc86a9446640ead966acf9ee91d07ba2605983af2e71c9acc5971b
fd4987d3c28600002249d858a9033cf5a15178b0a366dac7fa081fbeef106ce3

bisai.love Open in urlscan Pro 157.7.189.53 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

384 kBTransfer

425 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

9 Console Messages

Indicators

bisai.love Open in urlscan Pro
157.7.189.53 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

384 kB
Transfer

425 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!