comdirect.mailsetbox.com
Open in
urlscan Pro
139.64.247.162
Malicious Activity!
Public Scan
Submission: On August 05 via manual from DE — Scanned from CA
Summary
TLS certificate: Issued by R10 on August 3rd 2024. Valid for: 3 months.
This is the only time comdirect.mailsetbox.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 139.64.247.162 139.64.247.162 | 31798 (DATACITY) (DATACITY) | |
10 | 2 |
ASN31798 (DATACITY, CA)
PTR: c999963690-cloudpro-635650797.cloudatcost.com
comdirect.mailsetbox.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
mailsetbox.com
comdirect.mailsetbox.com |
399 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | comdirect.mailsetbox.com |
comdirect.mailsetbox.com
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
comdirect.mailsetbox.com R10 |
2024-08-03 - 2024-11-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://comdirect.mailsetbox.com/
Frame ID: C5DD9CB79695442887D64083351CAFDD
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
comdirect.mailsetbox.com/ |
21 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-regular.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-medium.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-bold.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styleguide-comdirect4ad9.css
comdirect.mailsetbox.com/ccf2/lsg/css/ |
1006 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svg-symbol.svg
comdirect.mailsetbox.com/ |
213 KB 214 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-regular.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
235 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-medium.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarkWeb-latin-bold.woff2
comdirect.mailsetbox.com/ccf2/lsg/assets/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_196px.png
comdirect.mailsetbox.com/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comdirect.mailsetbox.com
139.64.247.162
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
2951168aac40a2d1e9023d69bdbc1744753a34b5d8d83662d8f1d6598bb667ac
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
50a8a658db0466dcb0753d32e25a987e5233fafe28e433650db32df20780d0b1
5446b75fd5ed897edeb953679201ba504621bda69bd73565faa10abcc7b4e0f0
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3
ac5ac242b3f016122c1a24c3f98e79a832912a742387a814f10ba6b1ae9de599
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773