![](/screenshots/9c229884-3a50-4e4e-a7ce-f7cc5ebcf705.png)
m.commbank-faq.net
Open in
urlscan Pro
104.21.87.100
Malicious Activity!
Public Scan
Effective URL: https://m.commbank-faq.net/
Submission: On November 12 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.
This is the only time m.commbank-faq.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
9 | 104.21.87.100 104.21.87.100 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
commbank-faq.net
m.commbank-faq.net |
331 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6111 |
286 B |
9 | 2 |
Domain | Requested by | |
---|---|---|
9 | m.commbank-faq.net |
m.commbank-faq.net
|
1 | bit.ly | 1 redirects |
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
commbank-faq.net GTS CA 1P5 |
2023-11-07 - 2024-02-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://m.commbank-faq.net/
Frame ID: 17509DD6CAC5B86A170DE956593C177D
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/9c229884-3a50-4e4e-a7ce-f7cc5ebcf705.png)
Page Title
commPage URL History Show full URLs
-
https://bit.ly/3shbo1P
HTTP 301
https://m.commbank-faq.net/ Page URL
Detected technologies
Detected patterns
- <div [^>]*id="__nuxt"
![](/vendor/wappa/icons/Vue.js.png)
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3shbo1P
HTTP 301
https://m.commbank-faq.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
m.commbank-faq.net/ Redirect Chain
|
656 B 759 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.6bd942ea.js
m.commbank-faq.net/js/ |
970 KB 262 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.dfe4ad8b.js
m.commbank-faq.net/js/ |
24 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.10dd4e95.css
m.commbank-faq.net/css/ |
206 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.1c4b802b.css
m.commbank-faq.net/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkIp
m.commbank-faq.net/api/card/fish/ |
41 B 446 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visits
m.commbank-faq.net/api/num/record/ |
41 B 380 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tuchu.458967d3.2fe75ea7.jpg
m.commbank-faq.net/img/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user
m.commbank-faq.net/api/card/websocket-domain/ |
114 B 506 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunkcomm function| clearImmediate function| setImmediate function| _ object| $cookies5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m.commbank-faq.net/api | Name: JSESSIONID Value: 11194218F1BEB86687F8D9D58D23A966 |
|
.bit.ly/ | Name: _bit Value: nacnrb-38677a7d0365b11ce3-007 |
|
m.commbank-faq.net/ | Name: token Value: null |
|
m.commbank-faq.net/ | Name: domainName Value: wss%3A%2F%2Fss.blt-ly.site%2Fapi%2Fapprove%2F |
|
m.commbank-faq.net/ | Name: userIp Value: 66.203.112.162 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
m.commbank-faq.net
104.21.87.100
67.199.248.10
17aec1d79a40be3dce35f66f593a80a1f5dc74d861f53101ca338746eb2fb4a8
1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb
3468a37943155c215a61aac1cfaabca313e9d4ac7e48276c6a2bec085d84fb80
458967d3ac2e85cd5c2f4c53201fa95c49819e705dd9f04966fa38804569ae86
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
8c9b15b03779b9cf5a3bb85fa04c24740184ad55c354b484c1568baa90bd802b
a1ca51f398be1526a214125bf6e378003715be82a7e80dd8634e1b0c96040f00
c1266ab5027e68005bf33635672314bd8349ae481a2a12ee01241e8a15fb35fb
fa6f1d96e529b170226115b7eb039ed98b1c74687495207ff4bf95a8a2ced3bc