kdna.ml
Open in
urlscan Pro
162.240.221.204
Malicious Activity!
Public Scan
Submission: On September 12 via api from US — Scanned from DE
Summary
This is the only time kdna.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Comerica (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 162.240.221.204 162.240.221.204 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
9 | 104.111.246.52 104.111.246.52 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2606:4700::68... 2606:4700::6811:e14e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-52.deploy.static.akamaitechnologies.com
webbanking.comerica.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
comerica.com
webbanking.comerica.com — Cisco Umbrella Rank: 435660 |
455 KB |
5 |
kdna.ml
1 redirects
kdna.ml |
111 KB |
1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 5233 |
551 B |
20 | 3 |
Domain | Requested by | |
---|---|---|
9 | webbanking.comerica.com |
kdna.ml
webbanking.comerica.com |
5 | kdna.ml |
1 redirects
kdna.ml
|
1 | fast.fonts.net |
webbanking.comerica.com
|
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
webbanking.comerica.com |
www.comerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.comerica.com DigiCert SHA2 Extended Validation Server CA |
2022-07-20 - 2023-07-23 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-05 - 2023-06-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://kdna.ml/anything/
Frame ID: 345F59C9F2E42F14BA316561EC649EE4
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Log InPage URL History Show full URLs
-
http://kdna.ml/anything
HTTP 301
http://kdna.ml/anything/ Page URL
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Your Password?
Search URL Search Domain Scan URL
Title: Set Up Web Banking
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: E-mail
Search URL Search Domain Scan URL
Title: Learn more about mobile banking
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Consumer Complaint Notice
Search URL Search Domain Scan URL
Title: Security Protection
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Comerica.com
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kdna.ml/anything
HTTP 301
http://kdna.ml/anything/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
kdna.ml/anything/ Redirect Chain
|
110 KB 111 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NewUIstandard.css
webbanking.comerica.com/Comerica/Themes/NewUI/CSS/ |
106 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global_print.css
webbanking.comerica.com/Comerica/Themes/NewUI/CSS/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard_print.css
webbanking.comerica.com/Comerica/Themes/NewUI/CSS/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DESGetFiles.aspx
kdna.ml/Comerica/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.gif
kdna.ml/anything/Images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comerica-logout-message.png
kdna.ml/anything/Themes/NewUI/Images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-error-x.png
webbanking.comerica.com/Comerica/Themes/NewUI/Images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-error-x.png
webbanking.comerica.com//Comerica/Themes/NewUI/Images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footerImg.png
webbanking.comerica.com/Comerica/App_Themes/NewUI/Images/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/lt/ |
0 551 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-login.png
webbanking.comerica.com/Comerica/Themes/NewUI/images/ |
349 KB 350 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sprite.png
webbanking.comerica.com/Comerica/Themes/NewUI/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ehl.png
webbanking.comerica.com/Comerica/Themes/NewUI/images/ |
619 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
f51d24dd-8256-43c6-ba1a-6aeae9d3f262.woff
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675331/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
537b145a-6a7d-4787-81d9-7228d3a42458.woff
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675355/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
c4aef0d4-bfcf-4790-acf5-909881f411e8.woff
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675364/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8e50278c-45cd-4808-b774-24767d958f17.ttf
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675355/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e741f29c-bc18-4343-bff3-db2465a0be3e.ttf
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675364/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
955ee494-66b2-4eb2-8f19-bc3a088df16d.ttf
webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675331/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675331/f51d24dd-8256-43c6-ba1a-6aeae9d3f262.woff
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675355/537b145a-6a7d-4787-81d9-7228d3a42458.woff
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675364/c4aef0d4-bfcf-4790-acf5-909881f411e8.woff
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675355/8e50278c-45cd-4808-b774-24767d958f17.ttf
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675364/e741f29c-bc18-4343-bff3-db2465a0be3e.ttf
- Domain
- webbanking.comerica.com
- URL
- https://webbanking.comerica.com/Comerica/Themes/NewUI/Fonts/675331/955ee494-66b2-4eb2-8f19-bc3a088df16d.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Comerica (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fonts.net/ | Name: __cf_bm Value: cxGpTyU0.VfPnoc4fcdEigBXwqiO.bi.BGpEflbpJE4-1662988473-0-AZXCZbRPUMpWLp0kIT3TG2fSGW281ihNlEP6UDLSzhW1BD3pLoKvJxz44AbrsqoqUKjnQE6+TQGNQe+H6xzT6Y8= |
|
.comerica.com/ | Name: dtCookie Value: v_4_srv_1_sn_E991A454BFCBEE84C116439EBE968E7A_perc_100000_ol_0_mul_1_app-3A7305bc05c8d1d8e1_1_rcs-3Acss_0 |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fast.fonts.net
kdna.ml
webbanking.comerica.com
webbanking.comerica.com
104.111.246.52
162.240.221.204
2606:4700::6811:e14e
3c2b8c10b9fc0ae5387cdd7f6194ed1d2616911ea1387dbab4670748407c654d
523c55ffe58d944645046f295bf69e694c734ae5779f011aea22e885b7fc91d3
5d2b6389f468a404d4b960bc98e2f046cd7c81413bb625b95b54eb96ecdec680
858679aec5501d6f3fe4938ceb800c2d083795a6cf00bc22e3768b699068c82c
8708a3a08100537d107ccbf9932726dfbf378ef64d6a75c8832672f5e4ee2714
895a197339576f01389985edc50247d8e7d55226e13efc85def087738fbffa2a
c886bbaacfaa7c75a4e1079c4fbaea532b5f03d69c5664fea5b077f37b230999
d512d74290b7d4c96348719c747086028c03f05c6041fd440d16cdabefdd9a3c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f66dfd2a219a4130f66a6d9dac7a6b30724f15d917f67ef559d20f62b23c2db0
ff94747dac73e59df08492f29990d5a05c607b0bba2c74f370eb06f15af96af4