chase.bank-com.xyz
Open in
urlscan Pro
172.67.212.217
Malicious Activity!
Public Scan
Effective URL: https://chase.bank-com.xyz/Signin.php
Submission: On June 26 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 26th 2024. Valid for: 3 months.
This is the only time chase.bank-com.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 172.67.212.217 172.67.212.217 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
bank-com.xyz
1 redirects
chase.bank-com.xyz |
500 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
12 | chase.bank-com.xyz |
1 redirects
chase.bank-com.xyz
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bank-com.xyz WE1 |
2024-06-26 - 2024-09-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://chase.bank-com.xyz/Signin.php
Frame ID: 537946A7619EA812BC2ED3AB33673D50
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Chase OnlinePage URL History Show full URLs
-
https://chase.bank-com.xyz/
HTTP 302
https://chase.bank-com.xyz/Signin.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://chase.bank-com.xyz/
HTTP 302
https://chase.bank-com.xyz/Signin.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
Signin.php
chase.bank-com.xyz/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blue-ui.css
chase.bank-com.xyz/style/css/ |
493 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fonto.css
chase.bank-com.xyz/style/css/ |
1 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logon.css
chase.bank-com.xyz/style/css/ |
177 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordmark-white.svg
chase.bank-com.xyz/style/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
background.desktop.day.4.jpeg
chase.bank-com.xyz/style/img/ |
299 KB 300 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-regular.woff
chase.bank-com.xyz/style/css/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dcefont.woff
chase.bank-com.xyz/style/css/ |
69 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-bold.woff
chase.bank-com.xyz/style/css/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-semibold.woff
chase.bank-com.xyz/style/css/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chasefavicon.ico
chase.bank-com.xyz/style/img/ |
31 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| acticheck function| togtoken function| load function| stopload function| disperr function| clrerr function| writerr function| validate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
chase.bank-com.xyz/ | Name: PHPSESSID Value: tn2qm6in2btbfn6adrcvst5o0g |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
chase.bank-com.xyz
172.67.212.217
01978e63789284edde4bb064e7d3215fad57fb5b7ea373b031b5b97021868085
0634f735018d63980fb935914bd910ebd51ed5ed0a03c8811607aca0c2e7c532
4c2991816cbd382d7a0699c55c3fed48bc50aba2bd812e9f2e63d3bb8af4f533
580c90efe26580ec49d22036bd0d25bd26d2fff974c0af3f037cc82a15e46aeb
5a517beb619ad73d6d9569ffe52749a751a691219d5a3550c4cfd01ce6ddd57a
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9
6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
f6fe62b14142bfdc891aee08042f256bcff25fecdcf2067d6db0c002cd2cb6a5