sconlb.com
Open in
urlscan Pro
2606:4700:30::681b:82ad
Malicious Activity!
Public Scan
Submission: On December 24 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 12th 2018. Valid for: a year.
This is the only time sconlb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Chartered Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 2606:4700:30:... 2606:4700:30::681b:82ad | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 184.31.81.208 184.31.81.208 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
28 | 2 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sconlb.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-81-208.deploy.static.akamaitechnologies.com
online.standardchartered.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
sconlb.com
sconlb.com |
1 MB |
1 |
standardchartered.com
online.standardchartered.com |
413 B |
28 | 2 |
Domain | Requested by | |
---|---|---|
27 | sconlb.com |
sconlb.com
|
1 | online.standardchartered.com |
sconlb.com
|
28 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-11-12 - 2019-11-12 |
a year | crt.sh |
online.standardchartered.com Verizon Public SureServer CA G14-SHA2 |
2016-07-19 - 2019-07-19 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://sconlb.com/session/B/index
Frame ID: E1E0F37FB014343CD9FE2BEBD7B37B76
Requests: 28 HTTP requests in this frame
Screenshot
Detected technologies
Handlebars (JavaScript Frameworks) ExpandDetected patterns
- script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i
- env /^Handlebars$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index
sconlb.com/session/B/ |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dd.css
sconlb.com/session/B/css/ |
2 KB 613 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ui.core.js
sconlb.com/session/B/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.overlay-1.1.js
sconlb.com/session/B/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ui.datepicker.js
sconlb.com/session/B/js/ |
49 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ui.all.css
sconlb.com/session/B/css/ |
289 B 257 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.dd.js
sconlb.com/session/B/js/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
engine.js
sconlb.com/session/B/js/ |
66 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Handlebars.js
sconlb.com/session/B/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.js
sconlb.com/session/B/js/ |
294 B 232 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonUtils.js
sconlb.com/session/B/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
sconlb.com/session/B/js/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scb_tooltip.js
sconlb.com/session/B/js/ |
2 KB 715 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsScrollbar.js
sconlb.com/session/B/js/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsScroller.js
sconlb.com/session/B/js/ |
1 KB 496 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
sconlb.com/session/B/css/ |
82 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.js
sconlb.com/session/B/js/ |
13 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e2e.js
sconlb.com/session/B/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
sconlb.com/session/B/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonD.js
sconlb.com/session/B/js/ |
1 KB 376 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
sconlb.com/session/B/css/ |
2 KB 866 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
standard-chartered-logo-top.png
sconlb.com/session/B/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
sconlb.com/session/B/img/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ui.base.css
sconlb.com/session/B/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ui.theme.css
sconlb.com/session/B/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
__System.pageLoaded.dwr
online.standardchartered.com/nfsje/dwr/dwr-1.8.0/call/plaincall/ |
232 B 413 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginBg.jpg
sconlb.com/session/B/img/ |
1 MB 1 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jerseyFlag.png
sconlb.com/session/B/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Chartered Bank (Banking)218 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Map object| onselectstart object| onselectionchange function| queueMicrotask object| dwr string| httpMethod object| Handlebars object| handlebars function| get_terms_popup object| commonUtils function| UrlDecode function| errh number| dwrLoadingStackCount function| simplePrehook function| prehook function| posthook function| getArgs function| JerseyDate function| cutNumber object| tabletDeviceList function| isTabletDevice function| hideDownloadLink function| disableDownloadLink4Tablet function| appBrowserInfo function| init function| registRandomNumber function| addCheckboxBehavior function| registHtmlBehavior function| registCheckboxBehavior function| registDropdownBehavior function| initScrollbar function| showLabelInInput function| regHandleBarFunc function| podNavInit function| filterUndefinedNumber function| accAdd function| accSub function| accMul function| accDiv function| formatOrdinalNumber function| getURLParameter function| sortObjectPropertyComparisonFunction function| errorHighlight function| renderHtmlByData function| addHoverStyle function| topScroll object| listMoreClickCountMap function| listMore function| formatDateToString function| validateMoneyField function| showHighLightMessage function| resetErrorMessage function| showErrorMessage function| clearText object| tooltip function| jsScrollbar function| jsScroller object| iBank function| registToolTipBehavior function| setHeightWarrant undefined| checkboxHeight undefined| radioHeight undefined| selectWidth undefined| Custom function| rsaEncrypt function| encrypt function| sha1sum function| getSecureRandom string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA function| sha1 function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt undefined| rng_state object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time undefined| t undefined| z function| rng_get_byte function| rng_get_bytes function| SecureRandom function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize number| TIMEOUT_BUFFER string| TIMEOUT_MSG string| contextPath string| TIMEOUT_REDIRECT function| onKeyPress function| processLinks function| validateBrowser function| clickIE function| clickNS function| displayWidget function| isJSEnabled function| validateCookies function| closeWindow function| AutoSubmit function| URLencode function| displayhidden function| displayhide function| displayEStatementPasswordFields function| hideEStatementPasswordFields function| displayFilterMessage function| showAllElements function| hideAllElements function| setValueUponOnClick function| setValueOnClick function| setValueWhenClick function| uncheck function| setValue function| Get_Cookie function| Set_Cookie function| Delete_Cookie boolean| formSubmited function| checkSubmit function| cancelRegistration function| startSessionTimer function| alertTimeout function| startAutoCloseTimer function| checkParent undefined| htmlTitle undefined| htmlContent function| cloneElement function| printContent function| showPrintLink function| isElementByName function| createDocElement function| createInputElement function| createHiddenElement function| isNotEmpty function| submitForm function| appendRequestId function| submitLinkPopup function| doTabMouseOver function| doTabMouseOut function| startResendTimerCustom function| startResendTimer function| displayResendButton function| replaceSecureInput function| trim function| getLength function| getTrimValue function| appendMask function| appendLength function| appendMac function| appendMacForClientNonce function| appendMacForCurrency function| appendMacForAmount function| appendMacForRecurring function| changeRecurring function| setTransferDate function| blockUI object| commonD2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sconlb.com/ | Name: PHPSESSID Value: qggb9s9lfvv558t3pcb26s2726 |
|
.sconlb.com/ | Name: __cfduid Value: dcdef6336f3d6e24cc2381e96610a3fcc1545673754 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
online.standardchartered.com
sconlb.com
184.31.81.208
2606:4700:30::681b:82ad
03b86774545358a83144ec9843b2142d897faf8262c9073204e48295d6adf5a3
0ad2019ec7390ee34669bf675d84dd1e6496cecc674cca2b52b153f7e64fe8b4
10342dac18e45223203ca9066b2ef46a0733ef2e499fd21bdfa6482d4baf574b
10a788d1e219e9a45b8308f27cbecb94f41548f2ba9e22a93922fa7b949021fa
203d7baa49a9aff96b62d80d1ba3a435eb8a6f513c08348b0bf1fc4f5e3864fa
3561620cbe1a5f4a576201b6231b5782642232b4bd7e447e903fab3bc5c3e897
6dd7f2874eaf443c46211bc587054ed5837c7735fb9c26921d162958b303c6cd
86ccf139235b14e6d2b1d373a6b24de5ee4969d254ab6d28571fa40541112ad9
90c233cf79c27cbdbd789491576861740ac5d9c016cd7eb61319821976aa9a4d
9ab66be27780ca58f2327a7c9f2001f9ad4b0ad22e9ea4134031750dfec00339
a20d72e4852aab0ace47c0b41b0544a026cf83737f60911041b5de5e9499d464
a3b4bc4284ee9c5eb5855cce3a36419774457cde9a35c6b8882472d0d2244920
a72d50622ec3d0b77fd1dc84312ee37cd0069cac75bb80d227489d95685b2387
abc6daa3aef2abee5305f4969a1ac782352179378919c52dbfd96fbab8bb8eb9
ad30f64d59d0f183d2223b053e7fa7f4c38c9d6297fe226057c3646a11bd4eb1
bdd3a4d2f84840bd27445f05bb183d6a4744c259a2e02331ba1a3afcf76da88f
c73fc81922925249c8653555b4c53a41edd31663c3d58433a8fad6b0b73833be
cd4554b0d76eafd9c0686289986f524d3345e16868f00dffd2994d1730ae8d27
cf8e33437b009dafcddd6412b03bfea1191f902763e50c819be88635d2f81f34
d297e3fd1cfb65ecc0eac0643e24ba801f16bce88b07e088c5bb3e9f007266d8
e2be60892bef3d01d4812a88f7ca2e5d945acbf7f7d642cd084acdd96997e64f
e4c241e470cf2620bfe33683b91877c670d50e1657fd9b295401997d57788a1c
e61da2992809b6f48dfd98ad47ab4a039bae493ede4954a63235d27decbc53cc
e9064c19134ede2c732871b855dba7a68570dba0ed0e0ec8491e6701747100b3
f40b2c43c99faa05d5caee2236fd4b6ac9ca4fe7fbb5b7b36d11486a29e843ec
f77ea36963e639daf796cd54474b16ba6cc198f65ec64a99156ced10f2e34008