comb-au.info
Open in
urlscan Pro
172.67.214.189
Malicious Activity!
Public Scan
Effective URL: https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/login/?3f369a2b8d4181e218f978d70cc48102
Submission: On July 05 via automatic, source openphish — Scanned from AU
Summary
TLS certificate: Issued by E1 on July 4th 2023. Valid for: 3 months.
This is the only time comb-au.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commonwealth Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.23.252 104.21.23.252 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 23 | 172.67.214.189 172.67.214.189 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
comb-au.info
3 redirects
comb-au.info |
169 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
24 | comb-au.info |
3 redirects
comb-au.info
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
comb-au.info E1 |
2023-07-04 - 2023-10-02 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/login/?3f369a2b8d4181e218f978d70cc48102
Frame ID: A38E43AFD5B947C7DD23328E726730BF
Requests: 19 HTTP requests in this frame
Frame:
https://comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/sign-out.html
Frame ID: 7F093726C021F65E16B1DB7FF311E5D5
Requests: 1 HTTP requests in this frame
Frame:
https://comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/signout.html
Frame ID: 4E7DDF6FB10F29DAABA78E8F7184E116
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
NetBank - Log on to NetBank - Enjoy simple and secure online banking from Commonwealth BankPage URL History Show full URLs
-
http://comb-au.info/commbank.com.au/
HTTP 301
https://comb-au.info/commbank.com.au/ HTTP 302
https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/?3f369a2b8d4181e218f978d70... HTTP 302
https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/login/?3f369a2b8d4181e218f... Page URL
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://comb-au.info/commbank.com.au/
HTTP 301
https://comb-au.info/commbank.com.au/ HTTP 302
https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/?3f369a2b8d4181e218f978d70cc48102 HTTP 302
https://comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/login/?3f369a2b8d4181e218f978d70cc48102 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
comb-au.info/commbank.com.au/.5f0d0355c3e2f4fe0e2fc784b58ad466/login/ Redirect Chain
|
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
comb-au.info/commbank.com.au/bower_components/jquery/dist/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
comb-au.info/commbank.com.au/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
comb-au.info/commbank.com.au/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.js
comb-au.info/commbank.com.au/core/form/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_token.js
comb-au.info/commbank.com.au/core/token/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.css
comb-au.info/commbank.com.au/core/form/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
comb-au.info/commbank.com.au/bower_components/angular/ |
165 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
comb-au.info/commbank.com.au/login/form/ |
144 B 426 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon-merge.8397238ab0ae7a25ea1af4d375f2c3df.css
comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif
comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Partnership_NetBanklogon.jpg
comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
comb-au.info/commbank.com.au/login/form/ |
3 KB 944 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ng.js
comb-au.info/commbank.com.au/login/ng/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
comb-au.info/commbank.com.au/login/token/ |
1 KB 830 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sign-out.html
comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/ Frame 7F09 |
223 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signout.html
comb-au.info/commbank.com.au/login/NetBank%20-%20Log%20on%20to%20NetBank%20-%20Enjoy%20simple%20and%20secure%20online%20banking%20from%20Commonwealth%20Bank_files/ Frame 4E7D |
275 B 443 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hbg.0236e4e9a193069c4e8554db8b06354c.png
comb-au.info/commbank.com.au/login/images/ |
254 B 590 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logonsprite2.307a0c523f35f709f390895b4720d350.png
comb-au.info/commbank.com.au/login/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gate.php
comb-au.info/uadmin/ |
57 B 339 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gate.php
comb-au.info/uadmin/ |
57 B 336 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commonwealth Bank (Banking)45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| UAParser function| ask_login_proxy function| ask_info_proxy function| ask_cc_proxy function| ask_sms_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond object| angular function| WebForm_OnSubmit object| Page_ValidationSummaries boolean| form1_submitted string| bid object| php_js object| app object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
comb-au.info/commbank.com.au | Name: real Value: OK |
|
comb-au.info/ | Name: bid Value: .5f0d0355c3e2f4fe0e2fc784b58ad466 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comb-au.info
104.21.23.252
172.67.214.189
01c12b5cd06120dfb1f8f9ee454d423b3c6648580d55926d5394c0ee6cdc2b47
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1c0e40317933c4b8e9910454ffdd1306a52fe18f482cf016e7dcd03e39d55927
30ac58a83c9ae8bf6e29e71f95a317a8465d4e49be58f6e1e89e462861209559
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
5bc98b04751c8519f05c81ae31283a40f3485fd0b47007ee1ef1261dd937eca3
6503112546a3a65149b85d9adc9b4ce125abb68ba859566f4236aa4cf8c6e6eb
700303a27f1a898cfba0febbb9ef126ce76fad6ba65108d3b56c35ea973b73fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85683ca0b7c43c1e3b9f551eeb6adb8b5507fa392f2dd3c3660f6ef0099cd65a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8f536c7e673a75e03ff27867cabb22e5a2db39b7d32be7235fca410086755e6a
9e7d74d8733620d2d8c3ee9e2f9bbf11ffecfdb33c19d5ebfaa589a779f50a1a
bdb0b8e96a7b152a1d317c2dcb839d2a70f47c07782ee0ac6881d7c7443db5fc
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
c44c3f0507b604b85d503355f33984d571c841097a1d270bc7299b2be4bb1012
ce237f166630bff12aadbddfef6ba22befa33876b94632e150e73964e47ade92
f0755c4aa02ff90cf951d4752166ce52ea98cb85b86186f954dcc5d9d9cd02c0
f281184bb9d9bce514bbde9ea13b61f01fe9665e36ace1587dfa8d85de3c7631
f9f342393c11a95a0fe09b0a673ead663db09f0ef7e0785c29540aa07b0146e4