![](/screenshots/3fde2150-aa92-4f3c-ae0f-bf7221aa9a18.png)
contact-trasnferwise.com
Open in
urlscan Pro
37.233.101.135
Malicious Activity!
Public Scan
Submission: On September 29 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 29th 2022. Valid for: 3 months.
This is the only time contact-trasnferwise.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wise (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 37.233.101.135 37.233.101.135 | 198717 (TECHSTORAGE) (TECHSTORAGE) | |
1 2 | 2606:4700:20:... 2606:4700:20::ac43:4ad5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.31.50 104.18.31.50 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 5 |
ASN198717 (TECHSTORAGE, PL)
PTR: adnvaiff.blackwine.p4.tiktalik.io
contact-trasnferwise.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
contact-trasnferwise.com
contact-trasnferwise.com |
301 KB |
2 |
tailwindcss.com
1 redirects
cdn.tailwindcss.com — Cisco Umbrella Rank: 106432 |
97 KB |
1 |
wise.com
wise.com — Cisco Umbrella Rank: 46115 |
1 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 284 |
34 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
6 | contact-trasnferwise.com |
contact-trasnferwise.com
|
2 | cdn.tailwindcss.com |
1 redirects
contact-trasnferwise.com
|
1 | wise.com |
contact-trasnferwise.com
|
1 | ajax.googleapis.com |
contact-trasnferwise.com
|
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
contact-trasnferwise.com R3 |
2022-09-29 - 2022-12-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-10 - 2023-08-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://contact-trasnferwise.com/
Frame ID: 79372C1A8C86B863ED911C0CA529A202
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cdn.tailwindcss.com/ HTTP 302
- https://cdn.tailwindcss.com/3.1.8
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
contact-trasnferwise.com/ |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.1.8
cdn.tailwindcss.com/ Redirect Chain
|
319 KB 97 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
contact-trasnferwise.com/assets/ |
2 KB 732 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wise.png
contact-trasnferwise.com/assets/ |
207 KB 208 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand_logo.svg
wise.com/public-resources/assets/logos/wise/ |
985 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fa.png
contact-trasnferwise.com/assets/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
code.png
contact-trasnferwise.com/assets/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
contact-trasnferwise.com/ |
2 KB 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
741 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
947 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wise (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| tailwind function| $ function| jQuery string| /template.html function| sendcode1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wise.com/ | Name: __cf_bm Value: WQ2QI2ooqw3JJ6Z.0PR7wPrQ2_6xlWwNEF1S0NvuMZg-1664472100-0-AQleTbxUWY6V1W7zsQmSzIwa65rXpVbKwTFgLTUqf7fjZanjFR610Lk79A58AWPZaJBwaj8FJvmPLR27CoomkohUOZYleROBPxzyWgSK6QAj |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.tailwindcss.com
contact-trasnferwise.com
wise.com
104.18.31.50
2606:4700:20::ac43:4ad5
2a00:1450:4001:82b::200a
37.233.101.135
2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b
315607e8ea06ac28fb54e0affd09f0facd805ccd1d631dc57050dc856f7cefa4
3654c9cf52fe535d9318210918ad766fae532fe390c9524c27166952109622c5
54e4117f8085c3dddefcc8766883ec8ea9c2bd354b3cbf6c1cc91b3790ac47fa
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8a960397540aef8f0d0c43b6dd9b9db40fea05f1c1871c56c808f7610a1bdf95
96b0ec9a85efeb687fa292ae788bb2e67aaf0ce134131bb0abca48533d6fd3f4
a3373de7d6210fe5ad031dff3f456008feebed35d5e76821de013103e6c24f1f
a78c9e170e339d1c8ff65b90eabbb3678da1726b7b953bed0e8149f851fae9e3
c32b6681302c9688e8c7597a688a9908c3dbbcf3880adcaf33b3e236153169a6
c6a0adb7a7dd0831ba88788e67622c3976bed2ef76cb214f34e2cbceffb425d3
d55468352f5ae50dabbdfcb7eb584f2c85198d125047453912d0bbf322ba6605