lnterc-etrans.live
Open in
urlscan Pro
104.21.75.140
Malicious Activity!
Public Scan
Submission Tags: #phishing @ecarlesi Search All
Submission: On October 27 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on October 26th 2022. Valid for: 3 months.
This is the only time lnterc-etrans.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: HSBC (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 104.21.75.140 104.21.75.140 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
lnterc-etrans.live
lnterc-etrans.live |
678 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | lnterc-etrans.live |
lnterc-etrans.live
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.lnterc-etrans.live E1 |
2022-10-26 - 2023-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lnterc-etrans.live/HSBC/login.php
Frame ID: 23BCE46200649AED85A3FACC82579F7F
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
lnterc-etrans.live/HSBC/ |
53 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hey.js
lnterc-etrans.live/HSBC/login_files/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ursula.css
lnterc-etrans.live/HSBC/login_files/ |
203 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightbox.css
lnterc-etrans.live/HSBC/login_files/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
lnterc-etrans.live/HSBC/login_files/ |
1 KB 768 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsbc-logo.gif
lnterc-etrans.live/HSBC/login_files/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
lnterc-etrans.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.js
lnterc-etrans.live/HSBC/login_files/ |
369 B 469 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
lnterc-etrans.live/HSBC/login_files/ |
660 B 664 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
top.gif
lnterc-etrans.live/HSBC/login_files/images/background/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
lnterc-etrans.live/HSBC/login_files/images/background/ |
504 KB 505 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_gradient_red.gif
lnterc-etrans.live/HSBC/login_files/images/masthead/ |
280 B 280 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpIcon.png
lnterc-etrans.live/HSBC/login_files/images/background/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-important.png
lnterc-etrans.live/HSBC/login_files/images/background/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forward.gif
lnterc-etrans.live/HSBC/login_files/images/button/ |
157 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact.png
lnterc-etrans.live/HSBC/login_files/images/background/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support.png
lnterc-etrans.live/HSBC/login_files/images/background/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniversNextforHSBCW02-Bd.woff
lnterc-etrans.live/HSBC/login_files/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniversNextforHSBCW02-Rg.woff
lnterc-etrans.live/HSBC/login_files/fonts/ |
28 KB 28 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniversNextforHSBCW02-Th.woff
lnterc-etrans.live/HSBC/login_files/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniversNextforHSBCW02-Lt.woff
lnterc-etrans.live/HSBC/login_files/fonts/ |
27 KB 27 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: HSBC (Banking)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| BotDetector function| callback object| botDetector0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lnterc-etrans.live
104.21.75.140
063d9b4c36da382acfed33e2dc4699fa07e67df161bc7dddadf8cd823b7d7329
0e470a24cfcdfa42487418070681845219a16cfedb62c5101514d96faf510c9c
22fdd2a96213c0e4106f2c5b813694a88c2c6fd270fb3c2fa406ca197f441ec1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3ca4c611122139116732aafee0d6b732e940db7f9af0ec85d2e587b3081cfde4
4e873d2e039671b18917d7e43c26cbeb94fea1f0db4affc090990b9a80b01347
55e422dd8c45794b8df9234c0ac6faa3067894813a80dfb69cde87190625618a
5d440479ec71444a943034e70590192fdd5a2ad4127276ddf6d92b538b9637d5
5e374a4728135e50373b688e3afa97e16f8cd4684a6a494d36cb2c192b26ae00
6197f7ae191cb4b28ec55b5cf74a92db66a1a8e43f76abe3863ab3c51cb7667b
6dd707605c9478deb2f30dc776b825914ab09fbffcfba778e0542669da1e91dc
97550e44b6ccefdecd57974f79c6f151bd10d2bfe39953c74a07fa610ca1bb71
98cc46567a13941df03fa362953f04581df49f728bcf2341a1549b43c91759ef
b5b8499d4d791bfd19f474e33dc833a802b27b9f7b5ab1a4457fefe9233872c1
b8eb6518d6ca91d70af4c467de4510b9e2697417ebd12231953b200b3a72e1e2
cea15e74895d241ecd563e18cdf3e1bed4f95d024664b9701aab31c0f7b634fb
de3d97e032670a85e7ca5fb03c15e872dff225b284593db22d79aaa07ccf8116
e77ae5d5258964f58d0a4370abeed852837a0f274ea6c8948b146f4c0c9fee67
f24ffecde742428bc4a3c04b57d983229f4f9a2cf0a859d71bb310975a91bda9
f507fdcddbd04d580179990ab8601cb42ad1b05c568dba0f20d639f3808a8568