www.checkdetailssecurity.info Open in urlscan Pro
45.61.58.221  Malicious Activity! Public Scan

URL: https://www.checkdetailssecurity.info/
Submission: On June 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 45.61.58.221, located in United States and belongs to KAMATERA, US. The main domain is www.checkdetailssecurity.info.
TLS certificate: Issued by E6 on June 13th 2024. Valid for: 3 months.
This is the only time www.checkdetailssecurity.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
9 45.61.58.221 36007 (KAMATERA)
9 2
Apex Domain
Subdomains
Transfer
9 checkdetailssecurity.info
www.checkdetailssecurity.info
173 KB
9 1
Domain Requested by
9 www.checkdetailssecurity.info www.checkdetailssecurity.info
9 1

This site contains links to these domains. Also see Links.

Domain
www.commbank.com.au
www2.my.commbank.com.au
Subject Issuer Validity Valid
www.checkdetailssecurity.info
E6
2024-06-13 -
2024-09-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.checkdetailssecurity.info/
Frame ID: 1BCBF9959776C760665C30114C3F98C8
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Commbank-Log on to NetBank

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

173 kB
Transfer

352 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.checkdetailssecurity.info/
637 B
795 B
Document
General
Full URL
https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
000db6210e4ebbb52b01a4936ed98324303b886b2ffecd07ca41a036a26f8b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
637
content-type
text/html
date
Thu, 13 Jun 2024 16:56:57 GMT
etag
"666b2382-27d"
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
strict-transport-security
max-age=31536000
chunk-vendors.bf9a7309.js
www.checkdetailssecurity.info/static/js/
159 KB
62 KB
Script
General
Full URL
https://www.checkdetailssecurity.info/static/js/chunk-vendors.bf9a7309.js
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
2b7cfa6a0f05847022955ff79df340aeee0e31692a7a6693a5e41f0451146e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
W/"666b2382-27b5a"
vary
Accept-Encoding
content-type
application/javascript
app.9b30709d.js
www.checkdetailssecurity.info/static/js/
16 KB
6 KB
Script
General
Full URL
https://www.checkdetailssecurity.info/static/js/app.9b30709d.js
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
a4565a25d956275eafc7fa46fc4b5a6e0de18eaec7554a04f6658c68456187f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
W/"666b2382-3f22"
vary
Accept-Encoding
content-type
application/javascript
app.2e015462.css
www.checkdetailssecurity.info/static/css/
137 KB
63 KB
Stylesheet
General
Full URL
https://www.checkdetailssecurity.info/static/css/app.2e015462.css
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
277817e1a5711071a41e340ae8a9fa0f1d17fb02dd8f3e8595b40cea137f1f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
W/"666b2382-22206"
vary
Accept-Encoding
content-type
text/css
cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.afd199ec.svg
www.checkdetailssecurity.info/static/img/
5 KB
6 KB
Image
General
Full URL
https://www.checkdetailssecurity.info/static/img/cba_mainlogo.552c5a58c5e8e13c837eac9f362e571a.afd199ec.svg
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
3b4eb9868fb9248fa543a745027ca5ccc80741eaa4751fd86f0c4d778f2af786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:58 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
"666b2382-15c2"
content-type
image/svg+xml
accept-ranges
bytes
content-length
5570
nb_messaging.5b577269.jpg
www.checkdetailssecurity.info/static/img/
19 KB
19 KB
Image
General
Full URL
https://www.checkdetailssecurity.info/static/img/nb_messaging.5b577269.jpg
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
84ecea0bc8922edb4eaca036bf1f172a64d7034d04b274f45dfa1d59047a9295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:58 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
"666b2382-4ced"
content-type
image/jpeg
accept-ranges
bytes
content-length
19693
fish
www.checkdetailssecurity.info/api/api/
45 B
348 B
XHR
General
Full URL
https://www.checkdetailssecurity.info/api/api/fish
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/static/js/chunk-vendors.bf9a7309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
da27c6d2608faec72fccc0429ad4293c7e0f3b10aac3c02476f3abc9d6571f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://www.checkdetailssecurity.info/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
openresty
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.checkdetailssecurity.info
access-control-allow-credentials
true
x-xss-protection
1; mode=block
truncated
/
254 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0755c4aa02ff90cf951d4752166ce52ea98cb85b86186f954dcc5d9d9cd02c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logonsprite2.307a0c523f35f709f390895b4720d350.3b865cda.png
www.checkdetailssecurity.info/static/img/
14 KB
14 KB
Image
General
Full URL
https://www.checkdetailssecurity.info/static/img/logonsprite2.307a0c523f35f709f390895b4720d350.3b865cda.png
Requested by
Host: www.checkdetailssecurity.info
URL: https://www.checkdetailssecurity.info/static/css/app.2e015462.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/static/css/app.2e015462.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:58 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
"666b2382-377f"
content-type
image/png
accept-ranges
bytes
content-length
14207
favicon.ico
www.checkdetailssecurity.info/
1 KB
1 KB
Other
General
Full URL
https://www.checkdetailssecurity.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.61.58.221 , United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
openresty /
Resource Hash
36e05a2b5df523e6317a42a4276109408a39d01391db4497cca1849f04b23afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.checkdetailssecurity.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 16:56:58 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jun 2024 16:51:14 GMT
server
openresty
etag
"666b2382-47e"
content-type
image/x-icon
accept-ranges
bytes
content-length
1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunkwaibao12

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://www.checkdetailssecurity.info/static/js/app.9b30709d.js
Message:
Mixed Content: The page at 'https://www.checkdetailssecurity.info/#/' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://43.228.126.101:7890/websocket/null'. This request has been blocked; this endpoint must be available over WSS.
recommendation verbose URL: https://www.checkdetailssecurity.info/#/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000