![](/screenshots/b83756d5-f3de-42d4-9e51-b6550e30af8d.png)
webbankingcomerica.org
Open in
urlscan Pro
104.21.84.205
Malicious Activity!
Public Scan
Effective URL: https://webbankingcomerica.org/login.php
Submission: On May 03 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on May 1st 2024. Valid for: 3 months.
This is the only time webbankingcomerica.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Comerica (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 104.21.84.205 104.21.84.205 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.105.95 142.250.105.95 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.40.28 104.16.40.28 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 3 |
ASN15169 (GOOGLE, US)
PTR: yt-in-f95.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
webbankingcomerica.org
webbankingcomerica.org |
794 KB |
1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 4137 |
559 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
31 KB |
29 | 3 |
Domain | Requested by | |
---|---|---|
27 | webbankingcomerica.org |
webbankingcomerica.org
|
1 | fast.fonts.net |
webbankingcomerica.org
|
1 | ajax.googleapis.com |
webbankingcomerica.org
|
29 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webbankingcomerica.org GTS CA 1P5 |
2024-05-01 - 2024-07-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
fonts.net GTS CA 1P5 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://webbankingcomerica.org/login.php
Frame ID: EF22D4635E07F44D153647D4FCC7F460
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/b83756d5-f3de-42d4-9e51-b6550e30af8d.png)
Page Title
Log InPage URL History Show full URLs
-
http://webbankingcomerica.org/login.php
HTTP 307
https://webbankingcomerica.org/login.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- <input[^>]+name="__VIEWSTATE
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://webbankingcomerica.org/login.php
HTTP 307
https://webbankingcomerica.org/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
webbankingcomerica.org/ Redirect Chain
|
27 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NewUIWide.css
webbankingcomerica.org/login_files/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NewUIstandard.css
webbankingcomerica.org/login_files/ |
101 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
webbankingcomerica.org/login_files/ |
35 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DESGetFiles.aspx
webbankingcomerica.org/login_files/ |
1 KB 1 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.gif
webbankingcomerica.org/login_files/ |
85 B 464 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Calendar.gif
webbankingcomerica.org/login_files/ |
963 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ArrowLeft.gif
webbankingcomerica.org/login_files/ |
53 B 541 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ArrowRight.gif
webbankingcomerica.org/login_files/ |
53 B 580 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-error-x.png
webbankingcomerica.org/login_files// |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
global_print.css
webbankingcomerica.org/login_files/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
standard_print.css
webbankingcomerica.org/login_files/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-comerica.png
webbankingcomerica.org/login_files/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comerica-logout-message.png
webbankingcomerica.org/login_files/ |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-error-x(1).png
webbankingcomerica.org/login_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Login.css
webbankingcomerica.org/login_files/ |
916 B 887 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footerImg.png
webbankingcomerica.org/login_files/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/lt/ |
0 559 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
background-login.png
webbankingcomerica.org/login_files/images/ |
349 KB 350 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reveal.png
webbankingcomerica.org/login_files/images/ |
276 B 765 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-sprite.png
webbankingcomerica.org/login_files/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ehl.png
webbankingcomerica.org/login_files/images/ |
619 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f51d24dd-8256-43c6-ba1a-6aeae9d3f262.woff
webbankingcomerica.org/Fonts/675331/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
537b145a-6a7d-4787-81d9-7228d3a42458.woff
webbankingcomerica.org/login_files/Fonts/ |
53 KB 53 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c4aef0d4-bfcf-4790-acf5-909881f411e8.woff
webbankingcomerica.org/login_files/Fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
955ee494-66b2-4eb2-8f19-bc3a088df16d.ttf
webbankingcomerica.org/Fonts/675331/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f51d24dd-8256-43c6-ba1a-6aeae9d3f262.woff
webbankingcomerica.org/login_files/Fonts/ |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
webbankingcomerica.org/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Comerica (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fonts.net/ | Name: __cf_bm Value: Uf.VpbMxtikMYv2dbSFhHTixHY6GhR7K888ywG7DrOc-1714736271-1.0.1.1-c.f3vjw8gKHIb3Ndmzb9W2Q3J5X.76_Goc8IHQ0BslAuFSzWZyddH5DNHteoB_keT3NP2H_cOrZjW960SmM_9A |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fast.fonts.net
webbankingcomerica.org
104.16.40.28
104.21.84.205
142.250.105.95
0908bea60c9909c70cd95c830797994c4d2353a499bc147e4a971dc9a31cbdc5
2351b298da68aa4465151842ce741a1d52ef2b724862399f16f86b2fdfa7a088
29225404ca60a9a2c3e46a3c4f15e7009c785ccfcb2107fba10d25795e7f783b
2d87090789850de7886f5aa42a0f6fcf0d7f7328488597e4d91e98ce595167f3
2e8a2657c3314ad1756b7a26d06534663ff35543c2319f1a59df89f157dc8a7b
3161bc7d98f9903c1e8104748ec7f832843addf37a828ae9560e60dd62a4aa69
3c2b8c10b9fc0ae5387cdd7f6194ed1d2616911ea1387dbab4670748407c654d
41ab960fec516122f556238c9b396467d380e46cbc0f65af415025d47ee8bb19
444a994a7199892907f7c5064bf44880530bac2bcdb9cfb03ca8973a99db7fc3
46cf256159e7d5808dade95a82b5b6540bf4a963e29a58de7dbb37e327b7a346
523c55ffe58d944645046f295bf69e694c734ae5779f011aea22e885b7fc91d3
5d2b6389f468a404d4b960bc98e2f046cd7c81413bb625b95b54eb96ecdec680
5da7cc0c9eb09e7ad8bf6e032b1894b7875e1b991cf9d9500885f6226afa0ae8
5f274d8647268eef0852b51a5a29b3aa79455da772d205a9f2373607a8427f02
7b96aa335f4c59b38e537317cdc8d966f9f3ab2ab2e8790410599e45c738f849
9c8158de31a4991d75f19d52de32770ec5cc20e65164478a89087a8bfe8559a1
a42ffd481b01cda6a1bf2feffa89b0f066d8f3db9316fd490a28d551b967c30c
c5afda6e1aa7aab87fc31ad064388a0775636a65cc5360c83f5dcee42318c79a
c886bbaacfaa7c75a4e1079c4fbaea532b5f03d69c5664fea5b077f37b230999
d512d74290b7d4c96348719c747086028c03f05c6041fd440d16cdabefdd9a3c
ddc3c6a70a9d1acef13649d2dd13ba2478e5a2b6a9a5e0b53d274d5cc888a817
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ffbf31fcfbf2e085db12416e0dd8ea75f3b8d5dd8809b336d921829672f8de
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd9ab26c30a31d706f6cc6abb034e8c5b4074ac2926e68572df857447fd4d6ad
ff94747dac73e59df08492f29990d5a05c607b0bba2c74f370eb06f15af96af4