![](/screenshots/ab44fdf7-a4c7-4c4d-9a9c-6889f7e55d0b.png)
ccpz.ui.edu.ng
Open in
urlscan Pro
162.144.37.177
Malicious Activity!
Public Scan
Effective URL: https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/
Submission: On April 18 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 10th 2023. Valid for: 3 months.
This is the only time ccpz.ui.edu.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.126.210.12 103.126.210.12 | 55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited) | |
22 | 162.144.37.177 162.144.37.177 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
23 | 2 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.ui.edu.ng
ccpz.ui.edu.ng |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
ui.edu.ng
ccpz.ui.edu.ng |
795 KB |
1 |
guantianhao.xyz
guantianhao.xyz |
410 B |
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | ccpz.ui.edu.ng |
guantianhao.xyz
ccpz.ui.edu.ng |
1 | guantianhao.xyz | |
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www1.my.commbank.com.au |
www.commbank.com.au |
commbankdigital.syd1.qualtrics.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ccpz.ui.edu.ng R3 |
2023-04-10 - 2023-07-09 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/
Frame ID: A51DE4E7EE5BC205409C946278E03901
Requests: 20 HTTP requests in this frame
Frame:
https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/sign-out.html
Frame ID: D7CC9D933F7C34E2C8E8AC40973CD93E
Requests: 1 HTTP requests in this frame
Frame:
https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/signout.html
Frame ID: 1BBB5400EC4AFC12FA553E803F57743B
Requests: 1 HTTP requests in this frame
Frame:
https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/Preload.html
Frame ID: 9C54B260929D567DEC0335E15AD2C8B7
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/ab44fdf7-a4c7-4c4d-9a9c-6889f7e55d0b.png)
Page Title
NetBank - Log on to NetBank - Enjoy simple and secure online banking from Commonwealth BankPage URL History Show full URLs
- http://guantianhao.xyz/wp-includes/widgets/GROWWgty/aspx.php Page URL
- https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/ Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- <input[^>]+name="__VIEWSTATE
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: I've forgotten my log on details
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: Register for NetBank now
Search URL Search Domain Scan URL
Title: Online support for our products and services
Search URL Search Domain Scan URL
Title: Tips to stay safe online
Search URL Search Domain Scan URL
Title: How we protect you and our 100% security guarantee
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: More on Bill Sense
Search URL Search Domain Scan URL
Title: Enjoy $0 merchant terminal rental fees for 12 months. Find out how.
Search URL Search Domain Scan URL
Title: Are you in financial difficulty? Apply for assistance.
Search URL Search Domain Scan URL
Title: Personalise your CommBank app. Discover how.
Search URL Search Domain Scan URL
Title: Tell us what you think for a chance to win a $200 gift card.
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://guantianhao.xyz/wp-includes/widgets/GROWWgty/aspx.php Page URL
- https://ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
aspx.php
guantianhao.xyz/wp-includes/widgets/GROWWgty/ |
141 B 410 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/ |
22 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/Js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/Js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preloader.gif
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bill-Sense_NBLogon.png
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking-merge.8784d605543edaf86ccd7ce9c54ba0eb.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
117 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-merge.36971982ebc03a2658d8e51f70007637.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
391 KB 391 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
marketing-merge.1150c627e4cf19072a932cb19f458f58.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
39 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trackingbootstrap.6a4ec0543ec5eeb2945dab199b05ed0d.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instrumentation-merge.4043785f5795e2e8297bdfe0cdf60f4d.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
19 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
func.93e2b59f394e3a41fe583d39224b8f43.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metrics.9fad0b7ae109eb7ff6f728371db87a10.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smartbanner.d1197ec1675a985d0591d2083729fe1a.js.download
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-out.html
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ Frame D7CC |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signout.html
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ Frame 1BBB |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hbg.0236e4e9a193069c4e8554db8b06354c.png
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonsprite2.307a0c523f35f709f390895b4720d350.png
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonsprite2.307a0c523f35f709f390895b4720d350.png
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Preload.html
ccpz.ui.edu.ng/wp-includes/customize/angwrdera/login/commonwbank/file/ Frame 9C54 |
315 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TrackingBase.json
ccpz.ui.edu.ng/static/cmxAssets/tracking/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)151 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery function| submitLogin function| submitstep function| submitotp function| submitInfo function| submitotp1 object| Page_ValidationSummaries function| Visitor object| visitor object| CBAtracker string| s_account object| s object| tDate function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| CommBank object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq function| AppMeasurement_Module_DIL function| HashSet function| debounce boolean| isIE boolean| isWin boolean| isOpera function| JSGetSwfVer undefined| flashVersion boolean| flashVersionChecked function| getFlashVersion function| getFlashVersionScript object| paramArr object| newParamArr function| addParam object| valueArray function| createBanner function| writeBanner object| loadingQueue function| ValidationSummaryOnSubmit function| Page_ClientValidate undefined| _ValidatorGetValue function| RequiredFieldValidatorEvaluateIsValid function| ValidatorUpdateDisplay function| CustomValidatorEvaluateIsValid undefined| _CompareValidatorEvaluateIsValid function| CheckBoxListMandatoryValidator function| CheckBoxMandatoryValidator function| ValidateCalendarMandatory function| ValidateCalendar function| ValidateMaxLength function| ValidateCurrencyLength function| ValidateEmail function| ValidateMobile function| ValidateAutoCompleteField function| RowMandatoryValidate boolean| __cbaPreventValidationSummaryFlag function| __cbaPreventValidationSummary function| ValidationSummaryShowMessage function| ValidationSummaryHide object| Icrm number| jsVersion boolean| _isBeginRequestRegistered boolean| _isEndRequestRegistered function| DP_jQuery_1681780826387 object| jQuery19109053013584219707 function| Q string| mboxCopyright object| TNT number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxLoadSCPlugin string| s_segList function| aam_tnt_cb function| mboxTrack function| mboxTrackDefer function| mboxTrackLink function| cleanURL function| mboxResponse function| mboxLoadSuccess function| tt_Log function| tt_Redirect function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxScPluginFetcher function| mboxVizTargetUrl boolean| SMT_DISPLAY_PERF_STATS object| smtPageExecStartTime undefined| smtPageExecEndTime undefined| smtControlExecStartTime undefined| smtControlExecEndTime object| SMT undefined| url boolean| form1_submitted function| WebForm_OnSubmit function| StringBuffer object| Base64 function| Utf8EncodeEnumerator function| AnsiEncodeEnumerator function| Base64DecodeEnumerator object| Compression object| Logger object| RawDeflate function| OldWebForm_OnSubmit object| _0xc7be function| invokeSafely object| navigatorObj object| pluginsObj function| getResource function| hash object| TrackingBootstrap string| s_host undefined| jsonCallback1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ui.edu.ng/ | Name: mbox Value: check#true#1681780887|session#1681780826409-142153#1681782687 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ccpz.ui.edu.ng
guantianhao.xyz
103.126.210.12
162.144.37.177
08df99ec4d261b66ad39c6b65776c83fc7d66591d0fbb466fe0950737db57bfc
0fb7029a5c98928645e4747d0245873d40ae863de717ef2030b18373c0b54605
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
47db8c5a79387f5a1a5c43b4ccd04c9b0633e33ffcdd6bc0d9e68c4686d49413
4e480c9fa2087c9e2aeb232bc5cee4db925b8781810af71cb6cf46fe1982dfe8
55ec682674a0cdb8da0b4ae9bed9b7168430b6617b33fe5b1888b69d53952140
59a6584bfbb2458305183d0c9ea2b1631863dbbbae9b0e1d0c8d81a38bfc0f6e
7cf46fbfca24dd814d3ef457da79b54ca3a38858a75f6f70ff49343231cc0bf9
85de6b02011b1476300a741069f88dd934e03d80ea98f27c399dc7b4add9a649
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
c1366941e76e519a2aa15c50241f44f81528f5c5765f200c420d70e1fd26b893
c2dca1942a00fd9a1a9b3d993579bab824861ff28177cdb2e9c89d59e8cf5bc6
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e28ac79d9cd7eeafa72eb4700ba5b170c246012a34f3441f1abf22220fc50ff7
e5c2dedf4733cf8e7cacf8240e652026518267dde019705bc3591336c164d0b8