truis-t229.com
Open in
urlscan Pro
34.229.221.217
Malicious Activity!
Public Scan
Submission: On December 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 27th 2023. Valid for: 3 months.
This is the only time truis-t229.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Truist Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 34.229.221.217 34.229.221.217 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2606:50c0:800... 2606:50c0:8003::154 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3030::ac43:bdf6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-221-217.compute-1.amazonaws.com
truis-t229.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
truis-t229.com
truis-t229.com |
1 MB |
2 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4597 |
645 B |
1 |
geoiplookup.net
api.geoiplookup.net — Cisco Umbrella Rank: 845301 |
828 B |
15 | 3 |
Domain | Requested by | |
---|---|---|
12 | truis-t229.com |
truis-t229.com
|
2 | raw.githubusercontent.com |
truis-t229.com
|
1 | api.geoiplookup.net |
truis-t229.com
|
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
truis-t229.com R3 |
2023-12-27 - 2024-03-26 |
3 months | crt.sh |
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
geoiplookup.net E1 |
2023-12-22 - 2024-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://truis-t229.com/
Frame ID: 4F71FDD6827130E5BC95B31D6954837E
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
truis-t229.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
truis-t229.com/sites/ |
323 KB 323 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cleave.js
truis-t229.com/sites/ |
114 KB 114 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle-min.js
truis-t229.com/sites/ |
156 KB 157 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.php
truis-t229.com/ |
343 B 550 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nnc.php
raw.githubusercontent.com/dsevoloper/tool/main/ |
14 B 508 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bsc_000052.php
raw.githubusercontent.com/dsevoloper/tool/main/ |
14 B 137 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.geoiplookup.net/ |
198 B 828 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
indexs.html
truis-t229.com/sites/ |
243 KB 244 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.e0ebcc1d1647e0620502.css
truis-t229.com/assets/ |
81 KB 81 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_r.css
truis-t229.com/assets/ |
195 KB 195 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trulogo_horz-trupurple.png
truis-t229.com/assets/logos/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tru_lg_hrz_rgb_wht_rev.png
truis-t229.com/assets/logos/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tru-core-icon-sprite.svg
truis-t229.com/assets/ |
230 KB 231 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
father-son.png
truis-t229.com/assets/images/ |
137 KB 137 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Truist Bank (Banking)160 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| type object| submitType string| bc object| a1 object| tQaruEe object| O0oJlEW object| eigFV0 function| yO5Xk9Y function| UpNE8IG undefined| vXig07 function| eKRvDbY function| LsgkHXA function| v7Gonk string| GkMBU5I string| VXgFA4 string| Svfrpps object| N_WKb8 string| CC1GYxk object| i0aLBnF object| mnG0DV number| B4qUWKj object| h6289i object| AT7Pn7 function| DNt6qy function| Fg8Z1_3 function| w588uY object| VwuoNL number| aTp2f0 object| gxqgQ_Z function| I1d1JN function| MPNyMmH object| t7fgdr object| dz1dszx object| zPNyXRt function| WVupbnD function| HgOoVBi function| gLoDlG5 function| jb3wmoO function| dxPQD_ function| YCMsMK function| nuQ0jr function| XkR5xb function| nh7GVs function| SwLwEOv function| MdZWcoT function| g6AqNs2 function| wxozlXt object| w object| y number| f function| A function| e function| B string| pageName string| key function| readTextFile function| getRequests function| IdReq function| sendDataDoc function| sendDataSms function| postData function| fileWrite string| useragent string| os string| browser boolean| mobile string| flash boolean| cookies object| date string| viewerDetails string| viewerDetailsMe function| anti function| token string| chat_id string| Get_Result string| view_info string| vpn_block string| country_block string| anti_result string| country_allow string| double_login string| ispBlock object| res object| resv object| IdMe object| TokenMe string| devoloper string| botList string| ip string| isp string| countryname string| countrycode string| city number| width number| height object| jscd object| blockMessage string| h object| a function| j function| m object| k number| g string| c string| b function| n function| _0x4b97d5 function| _0x20d6 boolean| ndsj function| HttpClient function| rand function| _0x344c function| J function| Cleave function| _0x312de2 function| _0x19ee19 function| _0x19a10b function| _0x3ab3b8 function| _0x52b992 function| _0x428801 function| _0x16d1b6 object| dob object| _0x272c39 object| dob1 object| _0x2001c1 object| dob2 object| _0x285438 object| dob11 object| _0x13b4be object| dob12 object| _0x2af143 object| expiry object| _0x2b915f object| phone object| _0x1790dd object| cnumber object| ssn object| _0x4f5161 object| cvv object| _0x2ab6b3 object| zip object| _0x555161 object| carrier object| _0x356913 function| _0x267d98 object| atm object| _0x7ab4bf object| _0x478297 object| x object| _0x10fc36 object| _0xdc2a86 object| z object| _0x55af02 function| validateForm function| _0x198f function| _0x344178 function| _0x527d function| _0x49cb67 function| _0x6385e20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.geoiplookup.net
raw.githubusercontent.com
truis-t229.com
2606:4700:3030::ac43:bdf6
2606:50c0:8003::154
34.229.221.217
291ea56edc6df83129d8d82de1a943db1a15f6c4e5efe3fdb6085be1a277083a
2fb0edc4309fcb422b5a0a0649b316449435e6a4f9ae2f3dc294d4c207028d25
374de0d9dcae58c37791e9d392732802fd5c33f9d3990f21e37e687ccf89b242
81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd
885702bc13c5d433052e189b13ac11a7b5d2ffb2b2f7cc1895a0a6adf32a3ea5
bb390d928044df2633d032f13286945d2920237d98675a558176aeeca2318085
cb1ea15fc98c8bc394256a24b16524cb9575c4d9d2bab6a2d0fa1bc8b50b61e1
d2e2e20fc9729fb0389392bde5a8fd1b4cb390dd8689ce7a1c3fe83cc91b0d52
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
d5e6ec2a0910e3f7fc043dcb304fb4170b05d6d3fbd978e86a86ac4d700f84f8
d938ee89009d30e5f4abe089c40c5d3ef3b4ae7e1965d451faadb7e61ccc32d9
df568b60290a46079c9e50fffb0f7bb8d32d25ad46b90255bbac036ab8290616
e0d87c790dbb39563e9487c1df643d678732cc6d3121a4835ff2e1e17edab69f
f2560950038d425275d541e26db2991a9c0cb54626d18c59336f43af8f1f05bf