inter-deposit.com
Open in
urlscan Pro
66.235.200.147
Malicious Activity!
Public Scan
Submission: On October 24 via automatic, source openphish
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 23rd 2020. Valid for: a year.
This is the only time inter-deposit.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: National Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 66.235.200.147 66.235.200.147 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 4 |
ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com
inter-deposit.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
inter-deposit.com
inter-deposit.com |
1 MB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
32 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
14 | inter-deposit.com |
inter-deposit.com
|
4 | www.gstatic.com |
inter-deposit.com
|
2 | fonts.gstatic.com |
inter-deposit.com
|
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nbc.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
inter-deposit.com Cloudflare Inc ECC CA-3 |
2020-10-23 - 2021-10-22 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://inter-deposit.com/banks/directing/nbc/questions.html?GAREASONCODE=-1&GARESOURCEID=SbipBncA&GAURI=https://bvi.bnc.ca/bnc/page?aliasDispatcher=startup
Frame ID: B39C38D58A26F66FEE70F48EB441FA85
Requests: 10 HTTP requests in this frame
Frame:
https://inter-deposit.com/banks/directing/nbc/files/dest5.htm
Frame ID: CBF7BEFB93AEC7784BF9F06673B1F5E4
Requests: 1 HTTP requests in this frame
Frame:
https://inter-deposit.com/banks/directing/nbc/files/bframe.htm
Frame ID: 4A198907C1F4BC5D79E1DDF3CD8944EE
Requests: 9 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Consult our Frequently Asked Questions (FAQ).
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
questions.html
inter-deposit.com/banks/directing/nbc/ |
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ebcca20.css
inter-deposit.com/banks/directing/nbc/files/ |
160 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-705dd2e073e48aac6d392f2de76226665f309e5d.js
inter-deposit.com/banks/directing/nbc/files/ |
76 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
inter-deposit.com/banks/directing/nbc/files/ |
762 B 578 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
inter-deposit.com/banks/directing/nbc/files/ |
3 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1552285980763/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gilroy-regular-webfont.e2732807.woff2
inter-deposit.com/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gilroy-medium-webfont.bc511f39.woff2
inter-deposit.com/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gilroy-medium-webfont.eadb7586.woff
inter-deposit.com/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gilroy-regular-webfont.fa7bbe74.woff
inter-deposit.com/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.htm
inter-deposit.com/banks/directing/nbc/files/ Frame CBF7 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe.htm
inter-deposit.com/banks/directing/nbc/files/ Frame 4A19 |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles__ltr.css
inter-deposit.com/banks/directing/nbc/files/bframe_data/ Frame 4A19 |
137 KB 92 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
inter-deposit.com/banks/directing/nbc/files/ Frame 4A19 |
261 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NXGzsqXGpKpPYWkeLYDoK8sE2xL0Rv2uhcEkxjwQg38.js
inter-deposit.com/banks/directing/nbc/files/bframe_data/ Frame 4A19 |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
refresh_black.png
www.gstatic.com/recaptcha/api2/ Frame 4A19 |
251 B 328 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
audio_black.png
www.gstatic.com/recaptcha/api2/ Frame 4A19 |
230 B 563 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
info_black.png
www.gstatic.com/recaptcha/api2/ Frame 4A19 |
323 B 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A19 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A19 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: National Bank (Banking)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| IntlPolyfill1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.inter-deposit.com/ | Name: __cfduid Value: d325bf18759186ebdc2bf39aa46f66b961603503396 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
inter-deposit.com
www.gstatic.com
2a00:1450:4001:816::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81f::2003
66.235.200.147
21920b794c051e1d0fe56f2ac14d49e106cec66b245a4663f09234da0d2ff4fd
23fccdb05b145fea1486378a35f6a24f4543d246455e1abec14822d151efb7f8
3571b3b2a5c6a4aa4f61691e2d80e82bcb04db12f446fdae85c124c63c10837f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
50cfdb493f5548d95ceb748592cca444b5087a4d564cc6f08ac869343f4a15aa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
788e95b3979d67d869d9bc73b2d9d9bfcc5db35f32f2ee5acb035b7c9d1e572d
802248062600554e6013a94e57fc83ad912dfbc041f9a85d64260aeb420d9c85
8f426a316b2c89ade1f3985d4f4308f05e833ea13de0d469fe7864645fcaafff
93cf72a9736c9c0abef4e6ba102756478dcf675095172b0ef00f5138556d0cc0
964316515e398dd8f85f64f77cbc08b31e1a9d656ec1f679d37b810398f37e20
aaf477af3af5315e79b44555b2fb6a1a5aecf3eb638032a55ea7b2795dde1cd5
b92e6333f689aaebfb2e77b845e25ffacd2da8d12f6eedf698419500fef6496e
ba77a48b415b6e5a813393a57239205e0cafb54bf93b5f1591a7ac321200ef63
cfa64b87f3ac51a795d69b7189d19e2c51d57c2f1f8361393b9f0301557ec873