m.ub-account-helps.com Open in urlscan Pro
172.67.137.187 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ub-account-helps.com/
Effective URL:
https://m.ub-account-helps.com/
Submission: On September 11 via manual (September 11th 2023, 9:40:30 pm UTC) from AU — Scanned from AU

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 10 HTTP transactions. The main IP is 172.67.137.187, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.ub-account-helps.com.
TLS certificate: Issued by GTS CA 1P5 on September 4th 2023. Valid for: 3 months.

This is the only time m.ub-account-helps.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UBank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.54.95 104.21.54.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	172.67.137.187 172.67.137.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	1

1 104.21.54.95 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ub-account-helps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.137.187 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ub-account-helps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.ub-account-helps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ub-account-helps.com 2 redirects ub-account-helps.com m.ub-account-helps.com	351 KB
10	1

	Domain	Requested by
10	m.ub-account-helps.com	m.ub-account-helps.com
2	ub-account-helps.com	2 redirects
10	2

This site contains no links.

Subject Issuer	Validity	Valid
ub-account-helps.com GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://m.ub-account-helps.com/
Frame ID: 8BDFEB4147812B0029E819B53AF4EE68
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ubank

Page URL History Show full URLs

http://ub-account-helps.com/ HTTP 301
https://ub-account-helps.com/ HTTP 301
https://m.ub-account-helps.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

349 kB
Transfer

1297 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ub-account-helps.com/ HTTP 301
https://ub-account-helps.com/ HTTP 301
https://m.ub-account-helps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response m.ub-account-helps.com/ Redirect Chain http://ub-account-helps.com/ https://ub-account-helps.com/ https://m.ub-account-helps.com/	707 B 660 B	22ms 15ms	Document text/html	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d91d642795d08dce47f60c9ae4712ae6dbd71f9931a16b79dd1ede9d5dbfbc19` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 805311a46acdaad7-SYD content-encoding br content-type text/html date Mon, 11 Sep 2023 21:40:24 GMT last-modified Sat, 09 Sep 2023 08:29:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmp4ic4wI6Iu0f5o5viZheRV43eygnnrlNVejNbuwyi7QfYPOQ6YE%2BV6vY6pGLFsI%2F4BaiZlUec1XphQmNVI9tHNE04jyFBK1vZBn7UbiE7Ii4PLiMyt1SWBwZznwbTaRbkBKxNbTjF0"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=3600 cf-ray 805311a45abcaad7-SYD date Mon, 11 Sep 2023 21:40:24 GMT expires Mon, 11 Sep 2023 22:40:24 GMT location https://m.ub-account-helps.com/#/m nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0%2FpNnD0k73%2FPb%2BO0x0%2FviTNj76B%2BfUlBDN5o9gUhCod3LBcMwIIFIvWSqmUB03df4c5Pc82RFV5KPTD4zQvMbgFP5nOYXM2kToEhaMIQ8JPfh9DW2RlUAGzWoL8U3YK1pDfXEbTlA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	chunk-vendors.4bf52a9b.js Show response m.ub-account-helps.com/js/	1 MB 280 KB	22ms 21ms	Script application/javascript	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/js/chunk-vendors.4bf52a9b.js Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b6d8c19a1a00d9ac27eaae3e8cba9d53fcb6b076d35a5068dc4cdfa62d647da9` Request headers accept-language en-AU,en;q=0.9 Referer https://m.ub-account-helps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 41113 etag W/"64fc2cf8-10030b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB5OGUSPGQ%2BVEwwwy5ghYd6znI3bDxsxWcg%2FS3qkfxTy60mmXB5ZAyiuJfOs5LnWI9ZUpj9ILhMQeeaEPaJVqzVJH%2B%2FL%2FsDx8cZsRVzFqEXEl5jD11COUnI8o7ZY9xBGIedgjm%2BaEMzP"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 805311a48ae7aad7-SYD alt-svc h3=":443"; ma=86400 expires Mon, 11 Sep 2023 22:15:11 GMT
GET H2	200	app.85aa3ba5.js Show response m.ub-account-helps.com/js/	40 KB 12 KB	12ms 12ms	Script application/javascript	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/js/app.85aa3ba5.js Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93046d103d7eb84c8c527ddef77e82505f6891700075489811541ce49d7cf87f` Request headers accept-language en-AU,en;q=0.9 Referer https://m.ub-account-helps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 41113 etag W/"64fc2cf7-a09a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy7zFhK8Rlpf51w38uO1qoCIBiAJDxAyJPPsRhpEGh7C%2FHwAWY3OQmmU0akY1ghuIdO%2FcWqtmNgTM942vFjZvF51dU5qFGMlfwLJ%2FZ3tWqHAD9DWGQeoomzA4xfw8II0opUEMI2CwSNe"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 805311a48aeaaad7-SYD alt-svc h3=":443"; ma=86400 expires Mon, 11 Sep 2023 22:15:11 GMT
GET H2	200	chunk-vendors.ab49d789.css m.ub-account-helps.com/css/	206 KB 35 KB	15ms 14ms	Stylesheet text/css	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/css/chunk-vendors.ab49d789.css Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70` Request headers accept-language en-AU,en;q=0.9 Referer https://m.ub-account-helps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 41113 etag W/"64fc2cf9-337ac" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB4m9JV270mDq%2FvLC%2BBk41BWF82IDjmeA5ROyb0%2FdwUNo4UFmTMCYO8eHccFehCSyIJWEo3oS%2FwB8TDSap5aqacS0OKrsyJ3YeyoCZXzIEvUZYVDSo1YzZbE7X5L6X9uq6c7ZtBm%2BN51"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 805311a48ae8aad7-SYD alt-svc h3=":443"; ma=86400 expires Mon, 11 Sep 2023 22:15:11 GMT
GET H2	200	app.a2354aed.css m.ub-account-helps.com/css/	7 KB 2 KB	11ms 11ms	Stylesheet text/css	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/css/app.a2354aed.css Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3257184422df1f9d09206254ff0a9b4a6ab0ef1cad53cade638b160984370fba` Request headers accept-language en-AU,en;q=0.9 Referer https://m.ub-account-helps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 41111 etag W/"64fc2cf9-1be7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5Qhcl%2BOTLiFUO%2BPLqmZZ5Ia7tjSImYAZismXrxk5yj7QQlg1oIGJZNbrZAhPbKnxXUanhf8YJjwXxTPnhASIMfPyt%2BGY7ioFQ3Rs6DeZMgO4tlt%2BM5xlS9VdU2lyLIHEsoHg7%2BX4B5I"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 805311a48ae9aad7-SYD alt-svc h3=":443"; ma=86400 expires Mon, 11 Sep 2023 22:15:13 GMT
GET H2	200	checkIp Show response m.ub-account-helps.com/api/card/fish/	41 B 453 B	19ms 18ms	XHR application/json	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/api/card/fish/checkIp?key=111 Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/js/chunk-vendors.4bf52a9b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb` Request headers Accept application/json, text/plain, / Referer https://m.ub-account-helps.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cyo0o5mHPdphDzJ9jowpo9xPsQzJ%2F5e37jlfYvjF8nAkZ5nkn7bJPsGG%2Bkw%2BKTPau0bMvM%2BZ03thslzW7J5DQOsKNgofNA2C5x1CtzmSwVkQmLv61XzJEgsPW5S4LSMx77kYMwZ15ocq"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 805311a54b6faad7-SYD alt-svc h3=":443"; ma=86400
GET H2	200	visits Show response m.ub-account-helps.com/api/num/record/	41 B 381 B	289ms 289ms	XHR application/json	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/api/num/record/visits Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/js/chunk-vendors.4bf52a9b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb` Request headers Accept application/json, text/plain, / Referer https://m.ub-account-helps.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzIMduwYWFpRMCF8%2BWBvGb5KBPzDDDpXcjYjNSnO2Zx9fZnklLaGueGybmlMsp83hlBbsBSw46HY%2Bp3WLXDy%2F9jjbGmfLvP7bnzUsWdghIQHrJ5ByNymOOPa9cKxwRBTof9MaC%2FwEe2a"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 805311a54b74aad7-SYD alt-svc h3=":443"; ma=86400
GET H2	200	ubank-logo-reversed.3dde4917.svg m.ub-account-helps.com/img/	2 KB 1 KB	11ms 11ms	Image image/svg+xml	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.ub-account-helps.com/img/ubank-logo-reversed.3dde4917.svg Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d310cc9a575659f46afe99fb7328b3803176a34e7fd02f9a5b9f4d287064536f` Request headers accept-language en-AU,en;q=0.9 Referer https://m.ub-account-helps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7159 etag W/"64fc2cf6-861" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3kPXbwsj5T8hb3UrJlAvYi3gOSTuA%2Fg5SoYy7L0dR22Bk9BugEU0mtdfpqHPL9MIxYexwLhRlmGjilxCKdvsGEd%2FyAm10%2B%2BVd480oC%2FrZsv%2Baqsit5V0PF7JIrcUuh86KSzTlabTn9I"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 805311a54b75aad7-SYD alt-svc h3=":443"; ma=86400
GET H2	200	Arctic%20Fox%20Regular.618462ff.woff2 m.ub-account-helps.com/fonts/	17 KB 17 KB	10ms 10ms	Font font/woff2	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/fonts/Arctic%20Fox%20Regular.618462ff.woff2 Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/css/app.a2354aed.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `20dfc900c1a420e37d3f927022783b152ee0984233bff9e7455a127d97b9c6f3` Request headers Referer https://m.ub-account-helps.com/css/app.a2354aed.css Origin https://m.ub-account-helps.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT cf-cache-status HIT last-modified Sat, 09 Sep 2023 08:29:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7158 etag "64fc2cf9-423c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qINk3nbrLjNNYh90R8h31IAbvVO7UwDei2ZZ7MXro%2BxD%2BcdAssXffBQAI5FL0m42ZULZlfz6M%2BMw%2BREMJ2ptBNHqiCk%2Bjov4kThQB9M6gS%2BNJO5q6FmodFzcR0IUcwqTIA23noZA9NBr"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 805311a54b77aad7-SYD alt-svc h3=":443"; ma=86400 content-length 16956
GET H2	200	user Show response m.ub-account-helps.com/api/card/websocket-domain/	114 B 384 B	21ms 20ms	XHR application/json	172.67.137.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m.ub-account-helps.com/api/card/websocket-domain/user Requested by Host: m.ub-account-helps.com URL: https://m.ub-account-helps.com/js/chunk-vendors.4bf52a9b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.137.187 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1266ab5027e68005bf33635672314bd8349ae481a2a12ee01241e8a15fb35fb` Request headers Accept application/json, text/plain, / Referer https://m.ub-account-helps.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 21:40:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XS7OQkUjVHYwgFF1iwvW%2Fem7onDD3PcVcODe0n4TnsamAhju5EFNOtCl9un24KFmWWIqnomyWoyD3UikoEFNQWsYjm9623Wezo83Tlk%2B2W6QHvVBT595Tndv%2FVCIH6nugV2jByvsDzkH"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 805311a58b96aad7-SYD alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UBank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.ub-account-helps.com/api	1969-12-31 23:59:59	Name: JSESSIONID Value: 8A981C89ED9128C3B042143970221F51
m.ub-account-helps.com/	1970-01-20 14:41:12	Name: token Value: null
m.ub-account-helps.com/	1970-01-20 14:41:12	Name: domainName Value: wss%3A%2F%2Fss.blt-ly.site%2Fapi%2Fapprove%2F
m.ub-account-helps.com/	1970-01-20 14:42:34	Name: userIp Value: 66.203.112.162

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

m.ub-account-helps.com
ub-account-helps.com
104.21.54.95
172.67.137.187
0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70
1d26fb4550d79ddd00ed695c52e9f888abac94e0d3bc3ed161dffbe8b07d9bdb
20dfc900c1a420e37d3f927022783b152ee0984233bff9e7455a127d97b9c6f3
3257184422df1f9d09206254ff0a9b4a6ab0ef1cad53cade638b160984370fba
93046d103d7eb84c8c527ddef77e82505f6891700075489811541ce49d7cf87f
b6d8c19a1a00d9ac27eaae3e8cba9d53fcb6b076d35a5068dc4cdfa62d647da9
c1266ab5027e68005bf33635672314bd8349ae481a2a12ee01241e8a15fb35fb
d310cc9a575659f46afe99fb7328b3803176a34e7fd02f9a5b9f4d287064536f
d91d642795d08dce47f60c9ae4712ae6dbd71f9931a16b79dd1ede9d5dbfbc19

m.ub-account-helps.com Open in urlscan Pro 172.67.137.187 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

2 Countries

349 kBTransfer

1297 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

4 Cookies

Indicators

m.ub-account-helps.com Open in urlscan Pro
172.67.137.187 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

349 kB
Transfer

1297 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!