confirm-activity-help.com
Open in
urlscan Pro
185.246.221.60
Malicious Activity!
Public Scan
Effective URL: https://confirm-activity-help.com/pages
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 28th 2023. Valid for: 3 months.
This is the only time confirm-activity-help.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Suncorp (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 185.246.221.60 185.246.221.60 | 211252 (AS_DELIS) (AS_DELIS) | |
16 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
confirm-activity-help.com
1 redirects
confirm-activity-help.com |
241 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
17 | confirm-activity-help.com |
1 redirects
confirm-activity-help.com
|
16 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
confirm-activity-help.com R3 |
2023-02-28 - 2023-05-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://confirm-activity-help.com/pages
Frame ID: 1BF055697D1DF80A7191A491F99B0029
Requests: 15 HTTP requests in this frame
Frame:
https://confirm-activity-help.com/front_end/front_end_files/dest5.html
Frame ID: DA47BC9ABAC395E6D0046112842B17A3
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
https://confirm-activity-help.com/
HTTP 302
https://confirm-activity-help.com/pages Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://confirm-activity-help.com/
HTTP 302
https://confirm-activity-help.com/pages Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pages
confirm-activity-help.com/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
confirm-activity-help.com/front_end/front_end_files/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suncorpnew-uama.css
confirm-activity-help.com/front_end/front_end_files/ |
2 MB 107 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
confirm-activity-help.com/js/cntdjs/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
confirm-activity-help.com/js/cntdjs/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
confirm-activity-help.com/js/cntdjs/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
confirm-activity-help.com/js/shared/ |
2 KB 911 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online_status.js
confirm-activity-help.com/js/shared/ |
998 B 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo-header.svg
confirm-activity-help.com/front_end/front_end_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-lock.svg
confirm-activity-help.com/front_end/front_end_files/ |
2 KB 778 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AtlasGrotesk-Light.woff2
confirm-activity-help.com/front_end/front_end_files/ |
40 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-question.svg
confirm-activity-help.com/front_end/front_end_files/ |
2 KB 872 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-arrowRight.svg
confirm-activity-help.com/front_end/front_end_files/ |
2 KB 728 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AtlasGrotesk-Medium.woff2
confirm-activity-help.com/front_end/front_end_files/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
confirm-activity-help.com/front_end/front_end_files/ Frame DA47 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon-security--default-security.svg
confirm-activity-help.com/front_end/front_end_files/ |
920 B 633 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Suncorp (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
confirm-activity-help.com/ | Name: PHPSESSID Value: np87dihtq9sbmhpvo10pg2790f |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
confirm-activity-help.com
185.246.221.60
1d8c0d3b12f76437fa553aee3abb2808bd87ecec668ef0bc81c66655b52c59c4
286a88db98714cf5ce1d294185c82413ac47d50fe014e27d9904fa54c4438264
44e037ac5f4adb28ae5509dc5e060d3fc953d3ad6c280ec554ce46065248ad5a
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5835a08874348f1c21b5eb17bd19b9d4787feaeb008180deca1382cb77ba0851
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6a2a72bd357fafa19f12c281af6a6338d8649090a8cbec2c5dd8dcbae05c0d5e
6d6f077395745312ca210f70e2e556215368c029d3578bca5c2e91690d292ddf
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a9a4386e4cd9d290d67dd9fd74f058f2ead6b369a63ac62f1160d3aff4595ec5
c8c4081a06ec353877cd55f30584ba3aab40fdccb40cd237861b7039dbe945b3
e4314fcdd87bab039737420cda4352f0803c990fe113a7c3346bf07d2f3e526c
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
efe6f81f302ef297b8c14a9982542add4b97348bfa78ed151f4e93a797dc2630
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e