transfeerwise.xyz
Open in
urlscan Pro
92.119.112.72
Malicious Activity!
Public Scan
Effective URL: https://transfeerwise.xyz/wiseaccount-document/login/c2192/
Submission: On February 06 via manual from SA — Scanned from NL
Summary
TLS certificate: Issued by R3 on February 6th 2022. Valid for: 3 months.
This is the only time transfeerwise.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wise (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 24 | 92.119.112.72 92.119.112.72 | 204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands) | |
18 | 2 |
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm3115887.bs.had.pm
www.redirectpass.xyz | |
transfeerwise.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
transfeerwise.xyz
4 redirects
transfeerwise.xyz |
236 KB |
2 |
redirectpass.xyz
2 redirects
www.redirectpass.xyz |
202 B |
18 | 2 |
Domain | Requested by | |
---|---|---|
22 | transfeerwise.xyz |
4 redirects
transfeerwise.xyz
|
2 | www.redirectpass.xyz | 2 redirects |
18 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
transfeerwise.xyz R3 |
2022-02-06 - 2022-05-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://transfeerwise.xyz/wiseaccount-document/login/c2192/
Frame ID: 287B97CCE918E94DDCF69544D80F739D
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
TransferWise - LoginPage URL History Show full URLs
-
https://www.redirectpass.xyz/ws
HTTP 301
https://www.redirectpass.xyz/ws/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/login HTTP 301
https://transfeerwise.xyz/wiseaccount-document/login/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/login/c2192 HTTP 301
https://transfeerwise.xyz/wiseaccount-document/login/c2192/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.redirectpass.xyz/ws
HTTP 301
https://www.redirectpass.xyz/ws/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/login HTTP 301
https://transfeerwise.xyz/wiseaccount-document/login/ HTTP 302
https://transfeerwise.xyz/wiseaccount-document/login/c2192 HTTP 301
https://transfeerwise.xyz/wiseaccount-document/login/c2192/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
transfeerwise.xyz/wiseaccount-document/login/c2192/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
244 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
another.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
77 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
93e40ded.1d7bae32.chunk.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
249 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.1be146a5.chunk.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
75 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ff5735789605c4b6b6001d2e9f90758a881417e0_CSS.e22120fc.chunk.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
105 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
efd0886afd67bccda49e149e8fcfa1183a503573_CSS.a70d5076.chunk.css
transfeerwise.xyz/wiseaccount-document/login/c2192/css/ |
56 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inverse.svg
transfeerwise.xyz/wiseaccount-document/login/c2192/img/ |
983 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dingo.png
transfeerwise.xyz/wiseaccount-document/login/c2192/img/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
77 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
433 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
417 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
947 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Bold-0ba8a14820a94bbecfeb5c043ddfd409.woff2
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Regular-68f06d694edcfab46fe56aaa33f07cf2.woff2
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Semibold-e0037ebb1d64dbfb4521af1ae0ec656b.woff2
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Bold-fc3e4a7ec72f95c49514fe7112878854.woff
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Regular-d19822d886630bdb27029ccc068057c5.woff
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Semibold-1d6d0aa41e2fb4b0073132359b508d13.woff
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Regular-cfc5d4b830a3857c2365834792aeb698.ttf
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Bold-227bddcf6067a5fcebe19653694a358c.ttf
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TW-Averta-Semibold-acd8b3778d5a69f36f11e6b9f1e44058.ttf
transfeerwise.xyz/static-assets/app/_next/static/chunks/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wise (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
transfeerwise.xyz
www.redirectpass.xyz
92.119.112.72
042e08ce5a48b76e3e639d8b507d1f24cdf850981e303978e518f676e55ccde3
16dda0331d978757e75dfca7d9d091c053139ebffd0e3f3af9322bff8ef10cdd
2e00cbfd24122fb52bfbdb536f8dd60307965495241d5feecab30320136d4b1f
3030bd19161016ad067611f0be335d23c74bfc2daf3a02f3a9b89596e2b6c7bb
3654c9cf52fe535d9318210918ad766fae532fe390c9524c27166952109622c5
546fa150497f7cc25af4bcb65eaa5ffe30120dd034b61078292c13127d83a157
8174473f58d77d728047c3935a0fbd3f8333734bcb37eb91811c58757d29d0d9
90d6281e201564268ac285eb97962fffc8a6d3214791d2e2865c95321057d7ce
a0dd3fd72fe862a813c5b8774575c4c3de5c6b3cb47ae3f958710717448d9df2
a20206ed30d2cce387a99dc7a18cd484845c1163eee4d6aa1fbbbec44ff6abb1
aa0b9e22a33ee0dbad1d4b3287276ded422dd6ea1ddc5f5afd05398af41ff148
c01b5bbf62158a5f066afb2bcc86996c3383caf0367f1f78448204978ab650d4
dc7d7b639c8a558e06957a008ba8e021da6dd57bff8c895af72a276a21e67bb4
e501649277a35a591914c1eedce7467f67778d1c2f39255a6ee57d6d9da5aa78