confirm-activity-help.com Open in urlscan Pro
185.246.221.60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://confirm-activity-help.com/
Effective URL:
https://confirm-activity-help.com/pages
Submission: On March 01 via automatic, source certstream-suspicious (March 1st 2023, 4:12:27 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 185.246.221.60, located in Bulgaria and belongs to AS_DELIS, US. The main domain is confirm-activity-help.com.
TLS certificate: Issued by R3 on February 28th 2023. Valid for: 3 months.

This is the only time confirm-activity-help.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Suncorp (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 17	185.246.221.60 185.246.221.60		211252 (AS_DELIS) (AS_DELIS)
16	1

17 185.246.221.60 (Bulgaria) 1 redirects

ASN211252 (AS_DELIS, US)

confirm-activity-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	confirm-activity-help.com 1 redirects confirm-activity-help.com	241 KB
16	1

	Domain	Requested by
17	confirm-activity-help.com	1 redirects confirm-activity-help.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid
confirm-activity-help.com R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://confirm-activity-help.com/pages
Frame ID: 1BF055697D1DF80A7191A491F99B0029
Requests: 15 HTTP requests in this frame

Frame: https://confirm-activity-help.com/front_end/front_end_files/dest5.html
Frame ID: DA47BC9ABAC395E6D0046112842B17A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://confirm-activity-help.com/ HTTP 302
https://confirm-activity-help.com/pages Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

2024 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://confirm-activity-help.com/ HTTP 302
https://confirm-activity-help.com/pages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pages Show response confirm-activity-help.com/ Redirect Chain https://confirm-activity-help.com/ https://confirm-activity-help.com/pages	11 KB 4 KB	759ms 759ms	Document text/html	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `6a2a72bd357fafa19f12c281af6a6338d8649090a8cbec2c5dd8dcbae05c0d5e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 3392 content-type text/html; charset=UTF-8 date Wed, 01 Mar 2023 04:12:22 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Wed, 01 Mar 2023 04:12:21 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://confirm-activity-help.com/pages pragma no-cache server nginx
GET H2	200	normalize.css confirm-activity-help.com/front_end/front_end_files/	8 KB 3 KB	87ms 86ms	Stylesheet text/css	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/front_end/front_end_files/normalize.css Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:14:34 GMT server nginx etag "1e1c-5e91ef64bb280-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2578
GET H2	200	suncorpnew-uama.css confirm-activity-help.com/front_end/front_end_files/	2 MB 107 KB	208ms 206ms	Stylesheet text/css	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `e4314fcdd87bab039737420cda4352f0803c990fe113a7c3346bf07d2f3e526c` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:28:22 GMT server nginx etag "1bfdd1-5e91f27a5f980-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	jquery.js Show response confirm-activity-help.com/js/cntdjs/	87 KB 30 KB	133ms 132ms	Script application/javascript	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/js/cntdjs/jquery.js Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 02:34:02 GMT server nginx etag "15d9d-5e498044efa80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 30902
GET H2	200	jquery.mask.js Show response confirm-activity-help.com/js/cntdjs/	23 KB 6 KB	131ms 130ms	Script application/javascript	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/js/cntdjs/jquery.mask.js Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 02:34:02 GMT server nginx etag "5a88-5e498044efa80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5877
GET H2	200	cntd.js Show response confirm-activity-help.com/js/cntdjs/	3 KB 1 KB	88ms 87ms	Script application/javascript	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/js/cntdjs/cntd.js Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 02:34:02 GMT server nginx etag "abf-5e498044efa80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 999
GET H2	200	loading.js Show response confirm-activity-help.com/js/shared/	2 KB 911 B	87ms 86ms	Script application/javascript	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/js/shared/loading.js Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 02:34:02 GMT server nginx etag "7b5-5e498044efa80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 729
GET H2	200	online_status.js Show response confirm-activity-help.com/js/shared/	998 B 635 B	88ms 88ms	Script application/javascript	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/js/shared/online_status.js Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 02:34:02 GMT server nginx etag "3e6-5e498044efa80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 453
GET H2	200	Logo-header.svg confirm-activity-help.com/front_end/front_end_files/	3 KB 1 KB	86ms 85ms	Image image/svg+xml	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-activity-help.com/front_end/front_end_files/Logo-header.svg Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `5835a08874348f1c21b5eb17bd19b9d4787feaeb008180deca1382cb77ba0851` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:18:26 GMT server nginx etag W/"b12-5e91f041fbc80" content-type image/svg+xml
GET H2	200	Icon-lock.svg confirm-activity-help.com/front_end/front_end_files/	2 KB 778 B	85ms 84ms	Image image/svg+xml	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-activity-help.com/front_end/front_end_files/Icon-lock.svg Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `1d8c0d3b12f76437fa553aee3abb2808bd87ecec668ef0bc81c66655b52c59c4` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:25:06 GMT server nginx etag W/"8e0-5e91f1bf74080" content-type image/svg+xml
GET H2	200	AtlasGrotesk-Light.woff2 confirm-activity-help.com/front_end/front_end_files/	40 KB 41 KB	85ms 84ms	Font font/woff2	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/front_end/front_end_files/AtlasGrotesk-Light.woff2 Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `44e037ac5f4adb28ae5509dc5e060d3fc953d3ad6c280ec554ce46065248ad5a` Request headers Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Origin https://confirm-activity-help.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT last-modified Tue, 20 Sep 2022 17:19:22 GMT server nginx accept-ranges bytes etag "a181-5e91f07763a80" content-length 41345 content-type font/woff2
GET H2	200	Icon-question.svg confirm-activity-help.com/front_end/front_end_files/	2 KB 872 B	122ms 122ms	Image image/svg+xml	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-activity-help.com/front_end/front_end_files/Icon-question.svg Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `6d6f077395745312ca210f70e2e556215368c029d3578bca5c2e91690d292ddf` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:27:58 GMT server nginx etag W/"993-5e91f2637c380" content-type image/svg+xml
GET H2	200	Icon-arrowRight.svg confirm-activity-help.com/front_end/front_end_files/	2 KB 728 B	122ms 122ms	Image image/svg+xml	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-activity-help.com/front_end/front_end_files/Icon-arrowRight.svg Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `286a88db98714cf5ce1d294185c82413ac47d50fe014e27d9904fa54c4438264` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:26:32 GMT server nginx etag W/"876-5e91f21178200" content-type image/svg+xml
GET H2	200	AtlasGrotesk-Medium.woff2 confirm-activity-help.com/front_end/front_end_files/	41 KB 41 KB	158ms 157ms	Font font/woff2	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/front_end/front_end_files/AtlasGrotesk-Medium.woff2 Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `c8c4081a06ec353877cd55f30584ba3aab40fdccb40cd237861b7039dbe945b3` Request headers Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Origin https://confirm-activity-help.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT last-modified Tue, 20 Sep 2022 17:19:22 GMT server nginx accept-ranges bytes etag "a261-5e91f07763a80" content-length 41569 content-type font/woff2
GET H2	200	dest5.html Show response confirm-activity-help.com/front_end/front_end_files/ Frame DA47	7 KB 3 KB	178ms 178ms	Document text/html	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Full URL https://confirm-activity-help.com/front_end/front_end_files/dest5.html Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/pages Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `a9a4386e4cd9d290d67dd9fd74f058f2ead6b369a63ac62f1160d3aff4595ec5` Request headers Referer https://confirm-activity-help.com/pages Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 2866 content-type text/html date Wed, 01 Mar 2023 04:12:22 GMT etag "1bc5-5e91ef64bb280-gzip" last-modified Tue, 20 Sep 2022 17:14:34 GMT server nginx vary Accept-Encoding
GET H2	200	Icon-security--default-security.svg confirm-activity-help.com/front_end/front_end_files/	920 B 633 B	178ms 177ms	Image image/svg+xml	185.246.221.60 AS_DELIS
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-activity-help.com/front_end/front_end_files/Icon-security--default-security.svg Requested by Host: confirm-activity-help.com URL: https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.246.221.60 , Bulgaria, ASN211252 (AS_DELIS, US), Reverse DNS Software nginx / Resource Hash `efe6f81f302ef297b8c14a9982542add4b97348bfa78ed151f4e93a797dc2630` Request headers accept-language de-DE,de;q=0.9 Referer https://confirm-activity-help.com/front_end/front_end_files/suncorpnew-uama.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 04:12:22 GMT content-encoding gzip last-modified Tue, 20 Sep 2022 17:27:22 GMT server nginx etag W/"398-5e91f24127280" content-type image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Suncorp (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			confirm-activity-help.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: np87dihtq9sbmhpvo10pg2790f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://confirm-activity-help.com/front_end/front_end_files/dest5.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

confirm-activity-help.com
185.246.221.60
1d8c0d3b12f76437fa553aee3abb2808bd87ecec668ef0bc81c66655b52c59c4
286a88db98714cf5ce1d294185c82413ac47d50fe014e27d9904fa54c4438264
44e037ac5f4adb28ae5509dc5e060d3fc953d3ad6c280ec554ce46065248ad5a
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5835a08874348f1c21b5eb17bd19b9d4787feaeb008180deca1382cb77ba0851
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6a2a72bd357fafa19f12c281af6a6338d8649090a8cbec2c5dd8dcbae05c0d5e
6d6f077395745312ca210f70e2e556215368c029d3578bca5c2e91690d292ddf
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a9a4386e4cd9d290d67dd9fd74f058f2ead6b369a63ac62f1160d3aff4595ec5
c8c4081a06ec353877cd55f30584ba3aab40fdccb40cd237861b7039dbe945b3
e4314fcdd87bab039737420cda4352f0803c990fe113a7c3346bf07d2f3e526c
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
efe6f81f302ef297b8c14a9982542add4b97348bfa78ed151f4e93a797dc2630
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

confirm-activity-help.com Open in urlscan Pro 185.246.221.60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

241 kBTransfer

2024 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

confirm-activity-help.com Open in urlscan Pro
185.246.221.60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

2024 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!