![](/screenshots/05f87600-7fa0-49e3-b868-84d59a34be13.png)
anmeldung-ubs-ebnking.aba.ae
Open in
urlscan Pro
85.17.26.65
Malicious Activity!
Public Scan
Effective URL: http://anmeldung-ubs-ebnking.aba.ae/826e974cac58adc61ecf38d763d46ca8/Billing.html?id=update_rlod?%27.974bbb03e8c380e03beac2bae6c0559...
Submission: On November 03 via automatic, source openphish
Summary
This is the only time anmeldung-ubs-ebnking.aba.ae was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UBS (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 85.17.26.65 85.17.26.65 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
7 22 | 193.5.104.212 193.5.104.212 | 8883 (Switzerland) (Switzerland) | |
6 6 | 193.5.105.211 193.5.105.211 | 8883 (Switzerland) (Switzerland) | |
1 7 | 193.5.105.213 193.5.105.213 | 8883 (Switzerland) (Switzerland) | |
1 1 | 193.5.104.211 193.5.104.211 | 8883 (Switzerland) (Switzerland) | |
26 | 4 |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: mail.aba.ae
anmeldung-ubs-ebnking.aba.ae |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
ubs.com
15 redirects
ebanking-ch1.ubs.com ebanking-ch.ubs.com ebanking-ch2.ubs.com |
623 KB |
1 |
aba.ae
anmeldung-ubs-ebnking.aba.ae |
5 KB |
26 | 2 |
Domain | Requested by | |
---|---|---|
22 | ebanking-ch1.ubs.com |
7 redirects
anmeldung-ubs-ebnking.aba.ae
ebanking-ch2.ubs.com |
7 | ebanking-ch2.ubs.com |
1 redirects
anmeldung-ubs-ebnking.aba.ae
ebanking-ch2.ubs.com |
7 | ebanking-ch.ubs.com | 7 redirects |
1 | anmeldung-ubs-ebnking.aba.ae | |
26 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.aba.ae |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ebanking-ch.ubs.com DigiCert Global CA G2 |
2018-07-05 - 2019-03-15 |
8 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://anmeldung-ubs-ebnking.aba.ae/826e974cac58adc61ecf38d763d46ca8/Billing.html?id=update_rlod?%27.974bbb03e8c380e03beac2bae6c05596.5b2ccaab8b66d8cc9d2bf1291ebd9c2a8bcaa976.%27
Frame ID: DBAF708D280C426F358489BF722A3455
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/05f87600-7fa0-49e3-b868-84d59a34be13.png)
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/RequireJS.png)
Detected patterns
- script /require.*\.js/i
- env /^requirejs$/i
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: استضافة مجانية
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/behavioweb_form.js HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/behavioweb_form.js HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/behavioweb_form.js?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.css HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.css HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.css?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/css/default.css HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/css/default.css HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/css/default.css?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/jquery.js HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/jquery.js HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/jquery.js?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/default.js HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/default.js HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/default.js?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/require.js HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/require.js HTTP 302
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/require.js?NavLB_EBCH=1541265760
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.js HTTP 302
- https://ebanking-ch.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.js HTTP 302
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/uwr.js?NavLB_EBCH=1541265760
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/images/illustrations-login_keychain.png HTTP 302
- https://ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/images/illustrations-login_keychain.png
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Billing.html
anmeldung-ubs-ebnking.aba.ae/826e974cac58adc61ecf38d763d46ca8/ |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
behavioweb_form.js
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/ Redirect Chain
|
21 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uwr.css
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/ Redirect Chain
|
186 KB 186 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/css/ Redirect Chain
|
38 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/ Redirect Chain
|
90 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.js
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/script/ Redirect Chain
|
15 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
require.js
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/ Redirect Chain
|
14 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uwr.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/ Redirect Chain
|
10 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Doormat_de.png
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/images/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
526 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
409b4bec-c67e-4764-a141-054db8df81d2.woff
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/shared/modules/ |
16 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
526 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.1-migrate.min.uwr.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/external/jquery-1.12.1/ |
102 KB 103 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modalDialog.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/ModalDialog/js/ |
22 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustrations-login_keychain.png
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/images/ Redirect Chain
|
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
59d9a83f-4045-4d43-af46-655f845461ee.woff
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initState.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/shared/modules/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frames.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/shared/modules/ |
9 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
f901b503-9104-414a-a856-af9bcc802b5c.ttf
ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
input.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Input/js/ |
7 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
template.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/shared/modules/ |
492 B 851 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inputView.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Input/js/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inputMessageUtil.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Input/js/ |
6 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inputFormattingUtil.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Input/js/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mustache-0.8.1-min.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/external/mustache-0.8.1/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
messageBox.js
ebanking-ch1.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/MessageBox/js/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ebanking-ch2.ubs.com
- URL
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/409b4bec-c67e-4764-a141-054db8df81d2.woff
- Domain
- ebanking-ch2.ubs.com
- URL
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/59d9a83f-4045-4d43-af46-655f845461ee.woff
- Domain
- ebanking-ch2.ubs.com
- URL
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf
- Domain
- ebanking-ch2.ubs.com
- URL
- https://ebanking-ch2.ubs.com/login/resources/nevislogrend/applications/ebanklr/webdata/ubswidgets/widgets/Common/fonts/ubs-latin-extended/f901b503-9104-414a-a856-af9bcc802b5c.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UBS (Banking)55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Monitor object| bw function| readyState function| $ function| jQuery function| focusNextWhenFullOrEmpty function| setFocus function| getCaret function| selectCurrentElem function| upperCaseContent function| hasCssClass function| removeCssClass function| addCssClass function| updatePasswordStrengthIndicator function| validateFieldSameAs function| validateFieldMarkAsInvalid function| numpadShow function| numpadHide function| numpadClick string| lowerCaseRegEx string| upperCaseRegEx string| numberRegEx string| specialCharRegEx string| whiteSpaceRegEx object| pwRegex object| whiteSpaceRegExFunction function| cgvCheckPwQuality function| isConsecutiveNumbers function| isNumber function| getMaskEl function| showModalMask function| isMaskShown function| lrGetElementsByClassName function| dialogRules function| disableFormElements function| showConfirmationBox function| baseSubmitHandler function| extSubmitHandler function| getContractNumberAndFetch function| ubsDropdownMenu function| showHelpWnd function| mobileCRFrame function| setValues function| poscursor function| fitModalMaskToScreen function| requirejs function| require function| define function| WidgetList object| uwr object| antiClickjack function| selectFirstFormInput function| $uwr function| jQueryUwr boolean| initialized0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anmeldung-ubs-ebnking.aba.ae
ebanking-ch.ubs.com
ebanking-ch1.ubs.com
ebanking-ch2.ubs.com
ebanking-ch2.ubs.com
193.5.104.211
193.5.104.212
193.5.105.211
193.5.105.213
85.17.26.65
0dd911732e6e15be780494546fd1d8e43dca6b36cf5123ce54c3e0d63910b4dd
0f23cebd466a788c8dcc2f0267dc772c587d6c0a36865a6b58a76eed7c0166cc
167d91249d9000e337cbaaaa58a6f446f0beba3fa2b62eaef0fddd2a82f82263
1dce88edda64a55c48e375ae444d8eff7dbd27949fe90e75eee21f4086e1cdf3
2192281c5f07f6a11781f3f980f4cc3542ca6cbf29c417c0eb5d1636c84863a4
2591c5a814c2fc72748edecb4701e1f9b20050a79712cad0b60587ee6002d968
329a54a4d1966abb2a846911add2bbee0944c6afd17cff49f3a86cb24a2e2c37
42cdec361e8b72647e3aad315c162eff8959fd67a70b328397e1c24214bd76cf
4d5def35a7bde878db29da0fd70337799d059dd91b6fd298308bc930a0757395
591f73fde2f532eea82183f7d275f64ae775b65aef52b7220e047024807f1d3d
6316f169cdaca66a077a4e1e2f5b1a7d611d1a91bef441e186cc38a239e9e9d6
644f4aaba5dffbdaaeb78777f92fbb671f9f51f74930cf8f27dcd19a48ee7518
7400c7fab7f720c946eaf4979ba94f6a613b5bc36794e520ca6845fc62fbf0d9
77989e7588211d89aa39b6b950132d568c627cbeb80869fa293c4de63be6017f
80a57ce9e47761df90463391c2fb538c0da1e24b8da19df8d7970ed72d75663f
9c5eec6aa8a39e50b938c309a937cb6803ba0a092e8cb1f94eba880b6d19ab3f
a2c184327d173007b0121c90434dc3dd458e1914e31fbb13a95f7519c0e736e9
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
ac96685017dbfd4401a53d488c84a1db7e41a97f8ceecfd9f6989c3e00ca1214
b4168a38d441c40eb401098f207e56ec5f72b53c126c77966d972cf9a5a27b7f
c44e7b5858cc0b526ddeaee901ed4077567073a10dfd7d62b13e99206bc3b4f8
e4733bb38bff36d99f8eb15ab5b1f399b3f1da3eda89a5d4dc3981523ac2545c
e66213482b3366dfae45e60a8fc3700cf5086cf3f4629d378069c5b711d9d4e6
fbf6b47dc791c3b5b8ca6a8bed40a95d3e1e8cc04740d78742daccd330b58a00
fe203f9dfdd018366784307dd7da578236a0dcf9d984d001b90cd29f8f4f46f6