chainukkad.in Open in urlscan Pro
2606:4700:30::681b:8e8d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chainukkad.in/cyy/regions.com/index.html
Effective URL:
https://chainukkad.in/cyy/regions.com/index.html
Submission: On February 06 via automatic, source openphish (February 6th 2019, 10:42:11 am UTC)

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 38 HTTP transactions. The main IP is 2606:4700:30::681b:8e8d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is chainukkad.in.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 2nd 2018. Valid for: a year.

This is the only time chainukkad.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Regions Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681b:8f8d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
26	2606:4700:30:... 2606:4700:30::681b:8e8d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 6	31.186.231.25 31.186.231.25	11944 (WEBTRENDS...) (WEBTRENDS-CORP - Webtrends Corporation)
3	35.177.225.67 35.177.225.67	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	205.255.100.101 205.255.100.101	10801 (REGIONS-A...) (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION)
1 2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
38	8

1 2606:4700:30::681b:8f8d (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

chainukkad.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:30::681b:8e8d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

chainukkad.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.186.231.25 (United Kingdom) 2 redirects

ASN11944 (WEBTRENDS-CORP - Webtrends Corporation, US)
PTR: statse.webtrendslive.com

statse.webtrendslive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.225.67 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-225-67.eu-west-2.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.255.100.101 (Birmingham, United States)

ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US)
PTR: onlinebanking.regions.com

onlinebanking.regions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	chainukkad.in 1 redirects chainukkad.in	343 KB
6	webtrendslive.com 2 redirects statse.webtrendslive.com	4 KB
3	ensighten.com nexus.ensighten.com	3 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	regions.com onlinebanking.regions.com	9 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
38	8

	Domain	Requested by
27	chainukkad.in	1 redirects chainukkad.in ajax.cloudflare.com
6	statse.webtrendslive.com	2 redirects chainukkad.in onlinebanking.regions.com
3	nexus.ensighten.com	chainukkad.in
2	www.google-analytics.com	1 redirects chainukkad.in
1	stats.g.doubleclick.net
1	onlinebanking.regions.com	chainukkad.in
1	www.googletagmanager.com	chainukkad.in
1	ajax.cloudflare.com	chainukkad.in
38	8

This site contains links to these domains. Also see Links.

Domain
onlinebanking.regions.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-02` - `2019-10-02`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
statse.webtrendslive.com Entrust Certification Authority - L1K	`2018-10-09` - `2020-10-09`	2 years	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2018-10-17` - `2020-01-05`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
onlinebanking.regions.com DigiCert SHA2 Extended Validation Server CA	`2018-08-22` - `2020-08-22`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://chainukkad.in/cyy/regions.com/index.html
Frame ID: 76F0ADF70F76322303199E19DF564F3B
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://chainukkad.in/cyy/regions.com/index.html HTTP 301
https://chainukkad.in/cyy/regions.com/index.html Page URL