m.ub-account-helps.com
Open in
urlscan Pro
172.67.137.187
Malicious Activity!
Public Scan
Effective URL: https://m.ub-account-helps.com/
Submission: On September 11 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on September 4th 2023. Valid for: 3 months.
This is the only time m.ub-account-helps.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UBank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.54.95 104.21.54.95 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 11 | 172.67.137.187 172.67.137.187 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 1 |
ASN13335 (CLOUDFLARENET, US)
ub-account-helps.com | |
m.ub-account-helps.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ub-account-helps.com
2 redirects
ub-account-helps.com m.ub-account-helps.com |
351 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | m.ub-account-helps.com |
m.ub-account-helps.com
|
2 | ub-account-helps.com | 2 redirects |
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ub-account-helps.com GTS CA 1P5 |
2023-09-04 - 2023-12-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://m.ub-account-helps.com/
Frame ID: 8BDFEB4147812B0029E819B53AF4EE68
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
ubankPage URL History Show full URLs
-
http://ub-account-helps.com/
HTTP 301
https://ub-account-helps.com/ HTTP 301
https://m.ub-account-helps.com/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ub-account-helps.com/
HTTP 301
https://ub-account-helps.com/ HTTP 301
https://m.ub-account-helps.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
m.ub-account-helps.com/ Redirect Chain
|
707 B 660 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.4bf52a9b.js
m.ub-account-helps.com/js/ |
1 MB 280 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.85aa3ba5.js
m.ub-account-helps.com/js/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.ab49d789.css
m.ub-account-helps.com/css/ |
206 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.a2354aed.css
m.ub-account-helps.com/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkIp
m.ub-account-helps.com/api/card/fish/ |
41 B 453 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visits
m.ub-account-helps.com/api/num/record/ |
41 B 381 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ubank-logo-reversed.3dde4917.svg
m.ub-account-helps.com/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arctic%20Fox%20Regular.618462ff.woff2
m.ub-account-helps.com/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user
m.ub-account-helps.com/api/card/websocket-domain/ |
114 B 384 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UBank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunkubank function| clearImmediate function| setImmediate function| Hammer function| _ object| $cookies4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m.ub-account-helps.com/api | Name: JSESSIONID Value: 8A981C89ED9128C3B042143970221F51 |
|
m.ub-account-helps.com/ | Name: token Value: null |
|
m.ub-account-helps.com/ | Name: domainName Value: wss%3A%2F%2Fss.blt-ly.site%2Fapi%2Fapprove%2F |
|
m.ub-account-helps.com/ | Name: userIp Value: 66.203.112.162 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
m.ub-account-helps.com
ub-account-helps.com
104.21.54.95
172.67.137.187
0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70
1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb
20dfc900c1a420e37d3f927022783b152ee0984233bff9e7455a127d97b9c6f3
3257184422df1f9d09206254ff0a9b4a6ab0ef1cad53cade638b160984370fba
93046d103d7eb84c8c527ddef77e82505f6891700075489811541ce49d7cf87f
b6d8c19a1a00d9ac27eaae3e8cba9d53fcb6b076d35a5068dc4cdfa62d647da9
c1266ab5027e68005bf33635672314bd8349ae481a2a12ee01241e8a15fb35fb
d310cc9a575659f46afe99fb7328b3803176a34e7fd02f9a5b9f4d287064536f
d91d642795d08dce47f60c9ae4712ae6dbd71f9931a16b79dd1ede9d5dbfbc19