commbanok.xyz Open in urlscan Pro
176.32.32.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://commbanok.xyz/
Submission Tags: @ecarlesi threat #phishing #ausgov Search All
Submission: On June 18 via api (June 18th 2023, 4:28:29 am UTC) from FR — Scanned from FR

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 176.32.32.247, located in Moscow, Russian Federation and belongs to ASBAXET, RU. The main domain is commbanok.xyz.

This is the only time commbanok.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
10	176.32.32.247 176.32.32.247		51659 (ASBAXET) (ASBAXET)
10	1

10 176.32.32.247 (Moscow, Russian Federation)

ASN51659 (ASBAXET, RU)
PTR: uud.onlinecub.us

commbanok.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	commbanok.xyz commbanok.xyz	170 KB
10	1

	Domain	Requested by
10	commbanok.xyz	commbanok.xyz
10	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://commbanok.xyz/
Frame ID: B351AD058B0D15C7F2927B20A9C3E397
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in with myGov - myGov

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

221 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response commbanok.xyz/	548 B 624 B	798ms 197ms	Document text/html	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Full URL http://commbanok.xyz/ Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `f7f6877a7cdbacbc6cb44cf0e027e28d1b1e620ceeb421faab1418fa9f0c5e78` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 18 Jun 2023 04:28:24 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	index-7e85c2ae.js Show response commbanok.xyz/assets/	87 KB 38 KB	83ms 83ms	Script application/javascript	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Full URL http://commbanok.xyz/assets/index-7e85c2ae.js Requested by Host: commbanok.xyz URL: http://commbanok.xyz/ Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `2930192f59026a983640b099bcff16d5909558d9af11e867e149a645685bef89` Request headers Referer http://commbanok.xyz/ Origin http://commbanok.xyz accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:24 GMT Content-Encoding gzip Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag W/"648ddebd-15b21" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Sun, 18 Jun 2023 16:28:24 GMT
GET H/1.1	200 OK	index-1e2c8bba.css commbanok.xyz/assets/	7 KB 2 KB	157ms 79ms	Stylesheet text/css	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Full URL http://commbanok.xyz/assets/index-1e2c8bba.css Requested by Host: commbanok.xyz URL: http://commbanok.xyz/ Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `1e2c8bba64b18cc688f3b3a471399b4852b9162c41254021aed39130e47de7af` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Content-Encoding gzip Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag W/"648ddebd-1b17" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Sun, 18 Jun 2023 16:28:25 GMT
GET H/1.1	200 OK	lahei Show response commbanok.xyz/api/Anzz.Userlist/	0 633 B	266ms 266ms	Fetch text/html	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Full URL http://commbanok.xyz/api/Anzz.Userlist/lahei Requested by Host: commbanok.xyz URL: http://commbanok.xyz/assets/index-7e85c2ae.js Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Content-Encoding gzip Server nginx Access-Control-Max-Age 1800 Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
GET H/1.1	200 OK	setpagetotal commbanok.xyz/api/Anzz.Userlist/	0 0	252ms 251ms	Fetch text/html	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Full URL http://commbanok.xyz/api/Anzz.Userlist/setpagetotal Requested by Host: commbanok.xyz URL: http://commbanok.xyz/assets/index-7e85c2ae.js Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Content-Encoding gzip Server nginx Access-Control-Max-Age 1800 Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
GET H/1.1	200 OK	myGov-cobranded-logo-black-954aa858.svg commbanok.xyz/assets/	63 KB 63 KB	162ms 83ms	Image image/svg+xml	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Show image Full URL http://commbanok.xyz/assets/myGov-cobranded-logo-black-954aa858.svg Requested by Host: commbanok.xyz URL: http://commbanok.xyz/ Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag "648ddebd-fa8f" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 64143
GET H/1.1	200 OK	myGov-cobranded-logo-white-10b11a7c.svg commbanok.xyz/assets/	63 KB 63 KB	167ms 82ms	Image image/svg+xml	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Show image Full URL http://commbanok.xyz/assets/myGov-cobranded-logo-white-10b11a7c.svg Requested by Host: commbanok.xyz URL: http://commbanok.xyz/ Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag "648ddebd-fa8c" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 64140
GET H/1.1	200 OK	blugov-left-chevron-dark-af454d27.svg commbanok.xyz/assets/	256 B 491 B	174ms 89ms	Image image/svg+xml	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Show image Full URL http://commbanok.xyz/assets/blugov-left-chevron-dark-af454d27.svg Requested by Host: commbanok.xyz URL: http://commbanok.xyz/assets/index-1e2c8bba.css Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/assets/index-1e2c8bba.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag "648ddebd-100" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 256
GET H/1.1	200 OK	icon-blugov-info-8c6fcb4f.svg commbanok.xyz/assets/	583 B 818 B	232ms 77ms	Image image/svg+xml	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Show image Full URL http://commbanok.xyz/assets/icon-blugov-info-8c6fcb4f.svg Requested by Host: commbanok.xyz URL: http://commbanok.xyz/assets/index-1e2c8bba.css Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/assets/index-1e2c8bba.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag "648ddebd-247" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 583
GET H/1.1	200 OK	icon-external-link-e891c017.svg commbanok.xyz/assets/	1022 B 1 KB	142ms 78ms	Image image/svg+xml	176.32.32.247 ASBAXET
General Check archive.org Show headers Download Go to Show image Full URL http://commbanok.xyz/assets/icon-external-link-e891c017.svg Requested by Host: commbanok.xyz URL: http://commbanok.xyz/assets/index-1e2c8bba.css Protocol HTTP/1.1 Server 176.32.32.247 Moscow, Russian Federation, ASN51659 (ASBAXET, RU), Reverse DNS uud.onlinecub.us Software nginx / Resource Hash `e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812` Request headers accept-language fr-FR,fr;q=0.9 Referer http://commbanok.xyz/assets/index-1e2c8bba.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sun, 18 Jun 2023 04:28:25 GMT Last-Modified Sat, 17 Jun 2023 16:26:37 GMT Server nginx ETag "648ddebd-3fe" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 1022

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			commbanok.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: bca0b9f1eead3a3f5bd3d1facb5a9540

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

commbanok.xyz
176.32.32.247
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
1e2c8bba64b18cc688f3b3a471399b4852b9162c41254021aed39130e47de7af
2930192f59026a983640b099bcff16d5909558d9af11e867e149a645685bef89
8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812
f7f6877a7cdbacbc6cb44cf0e027e28d1b1e620ceeb421faab1418fa9f0c5e78

commbanok.xyz Open in urlscan Pro 176.32.32.247 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

170 kBTransfer

221 kBSize

1 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

commbanok.xyz Open in urlscan Pro
176.32.32.247 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

221 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!