urlscan.io logo urlscan.io
SecurityTrails logo

praxishc.com Open in urlscan Pro
216.10.244.121  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://praxishc.com/
Submission Tags: @phish_report
Submission: On August 23 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 216.10.244.121, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is praxishc.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 6th 2024. Valid for: 3 months.
This is the only time praxishc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Industrial and Commercial Bank of China (Banking)

Domain & IP information

IP Address AS Autonomous System
5 216.10.244.121 394695 (PUBLIC-DO...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 34.117.59.81 396982 (GOOGLE-CL...)
9 4
Apex Domain
Subdomains		 Transfer
5 praxishc.com
praxishc.com
73 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
167 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5710
465 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2512
155 B
9 4
Domain Requested by
5 praxishc.com praxishc.com
2 cdnjs.cloudflare.com praxishc.com
cdnjs.cloudflare.com
1 ipinfo.io praxishc.com
1 api.ipify.org praxishc.com
9 4

This site contains no links.

Subject Issuer Validity Valid
praxishc.com
cPanel, Inc. Certification Authority		 2024-08-06 -
2024-11-04		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
ipify.org
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
ipinfo.io
R11		 2024-08-17 -
2024-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://praxishc.com/
Frame ID: CC26007F97E29ABB686A957357DBB91D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bienvenido

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

240 kB
Transfer

319 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
praxishc.com/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://praxishc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.10.244.121 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
4a55ef04c86c7cab66b2aebef7accbf41314651e7371ff5c2823aceda2f03aeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
12818
Content-Type
text/html
Date
Fri, 23 Aug 2024 03:23:39 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 15 Aug 2024 15:28:32 GMT
Server
Apache
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://praxishc.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
30220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18716
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-491c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0w%2FOJbdxxhJhgBmiic7c%2F3v1GBFfCnAs2gGn5xgdWpWorU4OcB7jL2%2BJlgjShlzJi4oF1%2FC%2BwQ%2F961pTWFGZWswrKl87QC87rNbVnyXG4KkTbs2P%2FE1VHtzyhLu6WS5wQRedMoUD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b77fc354a742e00-ARN
expires
Wed, 13 Aug 2025 03:23:39 GMT
ICBC_logoBU.png
praxishc.com/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://praxishc.com/assets/ICBC_logoBU.png
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.10.244.121 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
923c99e1b1340bbf2615529e4004e2eeebcf3cd297930f3d16db2bdecf84d22a

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 03:23:39 GMT
Last-Modified
Mon, 11 Mar 2024 13:13:36 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2403
notaloginaccess362x130.jpg
praxishc.com/assets/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://praxishc.com/assets/notaloginaccess362x130.jpg
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.10.244.121 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
4d855118d9c0f76582a8d3b7de33ac596ddd8b9eb7c4687fdea7cfee3a225002

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 03:23:39 GMT
Last-Modified
Mon, 11 Mar 2024 13:13:36 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
47903
201712atencionTelefonica362x130px.png
praxishc.com/assets/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://praxishc.com/assets/201712atencionTelefonica362x130px.png
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.10.244.121 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
a70b5040a41f3e10d78e3e99cd65dad855a5f82d0d1b11c1aa0715840e237d56

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 03:23:39 GMT
Last-Modified
Mon, 11 Mar 2024 13:13:36 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10187
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 		147 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://praxishc.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:23:39 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150516
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-24bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARWTOBLPviMl%2BFJySTOAg%2BNJ1a0BASe5XY7oL1aUkhJiNGk7sJKVcyt2dZPBG31rJQB9NXRjVqgRfrWeDrs9DBhZLvmQ9u%2B9%2FqIs3uGVyp%2BiFa%2FQ%2BAE0qgw0Tj8TubvUlos2OZDG"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b77fc35eacb2e00-ARN
expires
Wed, 13 Aug 2025 03:23:39 GMT
/
api.ipify.org/ 		22 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e8ae12bc6effa05f576422c40f7f751031676e3be04441d518020010b7c03d

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:23:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b77fc3a2b412da0-KBP
content-length
22
favicon.ico
praxishc.com/ 		315 B
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://praxishc.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
216.10.244.121 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 03:23:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
json
ipinfo.io/ 		263 B
465 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=46da206f1311c9
Requested by
Host: praxishc.com
URL: https://praxishc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
23a517c5c5a985eecbf4bfd906704b97288b740d754a1d78d7efa3be963e78e8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://praxishc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:23:40 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
via
1.1 google
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Industrial and Commercial Bank of China (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| today string| now object| user object| pass function| _0x1997 function| fetchIPData function| sendMessageToTelegram function| validForm function| _0xa695 function| closePopup

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://praxishc.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://praxishc.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)