verify-commbank.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 202.165.66.21, located in Sydney, Australia and belongs to GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU. The main domain is verify-commbank.com.
TLS certificate: Issued by R3 on December 18th 2021. Valid for: 3 months.

This is the only time verify-commbank.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
5	202.165.66.21 202.165.66.21		137409 (GSLNETWOR...) (GSLNETWORKS-AS-AP GSL Networks Pty LTD)
5	1

5 202.165.66.21 (Sydney, Australia)

ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU)
PTR: priority911.co.uk

verify-commbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	verify-commbank.com verify-commbank.com	28 KB
5	1

	Domain	Requested by
5	verify-commbank.com	verify-commbank.com
5	1

This site contains links to these domains. Also see Links.

Domain
www.commbank.com.au

Subject Issuer	Validity	Valid
verify-commbank.com R3	`2021-12-18` - `2022-03-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://verify-commbank.com/cba?user=61404914352
Frame ID: ACA27452B32E9160356E6119990AF958
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log on to Verify

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

28 kB
Transfer

53 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.commbank.com.au/personal/netbank/terms-and-conditions/terms.aspx
Title: Terms of use

Search URL Search Domain Scan URL

URL: http://www.commbank.com.au/security-privacy/default.aspx
Title: Security

Search URL Search Domain Scan URL

URL: http://www.commbank.com.au/security-privacy/general-security/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request cba Show response verify-commbank.com/	3 KB 2 KB	905ms 299ms	Document text/html	202.165.66.21 GSLNETWORKS-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://verify-commbank.com/cba?user=61404914352 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 202.165.66.21 Sydney, Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU), Reverse DNS priority911.co.uk Software Apache/2.4.29 (Ubuntu) / Resource Hash `5b9689771b81883c51d5df06d0c1cc3580cf998f9bf17fe76a07499839bc110a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 18 Dec 2021 05:29:02 GMT Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Encoding gzip Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	logon-merge.css verify-commbank.com/static/	31 KB 7 KB	250ms 250ms	Stylesheet text/css	202.165.66.21 GSLNETWORKS-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://verify-commbank.com/static/logon-merge.css Requested by Host: verify-commbank.com URL: https://verify-commbank.com/cba?user=61404914352 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 202.165.66.21 Sydney, Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU), Reverse DNS priority911.co.uk Software Apache/2.4.29 (Ubuntu) / Resource Hash `c8a403906a6b3cbe415a5a528c49f581d3224058df5aad556146db6cb6b3713f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://verify-commbank.com/cba?user=61404914352 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 05:29:02 GMT Content-Encoding gzip Last-Modified Fri, 17 Dec 2021 11:25:25 GMT Server Apache/2.4.29 (Ubuntu) ETag "7b37-5d355cba3fd43-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7101
GET H/1.1	200 OK	cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif verify-commbank.com/static/	5 KB 5 KB	512ms 249ms	Image image/gif	202.165.66.21 GSLNETWORKS-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://verify-commbank.com/static/cba_mainlogo.ac9de6fb5214be84653367c74ba0b5f0.gif Requested by Host: verify-commbank.com URL: https://verify-commbank.com/cba?user=61404914352 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 202.165.66.21 Sydney, Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU), Reverse DNS priority911.co.uk Software Apache/2.4.29 (Ubuntu) / Resource Hash `4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820` Request headers Accept-Language de-DE,de;q=0.9 Referer https://verify-commbank.com/cba?user=61404914352 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 05:29:03 GMT Last-Modified Fri, 17 Dec 2021 11:25:24 GMT Server Apache/2.4.29 (Ubuntu) ETag "12f4-5d355cb96fcdd" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4852
GET H/1.1	404 NOT FOUND	hbg.0236e4e9a193069c4e8554db8b06354c.png verify-commbank.com/images/	232 B 232 B	475ms 248ms	Image text/html	202.165.66.21 GSLNETWORKS-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://verify-commbank.com/images/hbg.0236e4e9a193069c4e8554db8b06354c.png Requested by Host: verify-commbank.com URL: https://verify-commbank.com/static/logon-merge.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 202.165.66.21 Sydney, Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU), Reverse DNS priority911.co.uk Software Apache/2.4.29 (Ubuntu) / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://verify-commbank.com/static/logon-merge.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 05:29:03 GMT Server Apache/2.4.29 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 232 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	logonsprite2.png verify-commbank.com/static/	14 KB 14 KB	495ms 250ms	Image image/png	202.165.66.21 GSLNETWORKS-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://verify-commbank.com/static/logonsprite2.png Requested by Host: verify-commbank.com URL: https://verify-commbank.com/static/logon-merge.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 202.165.66.21 Sydney, Australia, ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU), Reverse DNS priority911.co.uk Software Apache/2.4.29 (Ubuntu) / Resource Hash `c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341` Request headers Accept-Language de-DE,de;q=0.9 Referer https://verify-commbank.com/static/logon-merge.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 05:29:03 GMT Last-Modified Fri, 17 Dec 2021 11:25:25 GMT Server Apache/2.4.29 (Ubuntu) ETag "377f-5d355cba3fd43" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 14207

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://verify-commbank.com/images/hbg.0236e4e9a193069c4e8554db8b06354c.png Message: Failed to load resource: the server responded with a status of 404 (NOT FOUND)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

verify-commbank.com
202.165.66.21
4620bea7b8db9ffe1747e9c29910d7ea2ec84a7a3c7416e7a8a70e450073d820
5b9689771b81883c51d5df06d0c1cc3580cf998f9bf17fe76a07499839bc110a
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
c3787cbabd5c9acf9bfdc72c8e706754d644a14d5bd538e675c1885ccae87341
c8a403906a6b3cbe415a5a528c49f581d3224058df5aad556146db6cb6b3713f

verify-commbank.com Open in urlscan Pro 202.165.66.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

28 kBTransfer

53 kBSize

0 Cookies

3 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

verify-commbank.com Open in urlscan Pro
202.165.66.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

28 kB
Transfer

53 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!