![](/screenshots/efaa7207-0efa-42d2-b12d-afa6178dab22.png)
check.ub-account.org
Open in
urlscan Pro
104.21.67.47
Malicious Activity!
Public Scan
Effective URL: https://check.ub-account.org/
Submission: On September 04 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by E1 on September 2nd 2023. Valid for: 3 months.
This is the only time check.ub-account.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UBank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 104.21.67.47 104.21.67.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
ub-account.org
1 redirects
ub-account.org check.ub-account.org |
350 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
9 | check.ub-account.org |
check.ub-account.org
|
1 | ub-account.org | 1 redirects |
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ub-account.org E1 |
2023-09-02 - 2023-12-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://check.ub-account.org/
Frame ID: 02F0BCE411B13749C21AABD129661D75
Requests: 9 HTTP requests in this frame
Screenshot
![](/screenshots/efaa7207-0efa-42d2-b12d-afa6178dab22.png)
Page Title
ubankPage URL History Show full URLs
-
https://ub-account.org/
HTTP 301
https://check.ub-account.org/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ub-account.org/
HTTP 301
https://check.ub-account.org/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
check.ub-account.org/ Redirect Chain
|
658 B 650 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.4bf52a9b.js
check.ub-account.org/js/ |
1 MB 280 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.9325fd3b.js
check.ub-account.org/js/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.ab49d789.css
check.ub-account.org/css/ |
206 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.bddf5cc0.css
check.ub-account.org/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkIp
check.ub-account.org/api/card/fish/ |
40 B 452 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visits
check.ub-account.org/api/num/record/ |
122 B 518 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ubank-logo-reversed.3dde4917.svg
check.ub-account.org/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arctic%20Fox%20Regular.618462ff.woff2
check.ub-account.org/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UBank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunkubank function| clearImmediate function| setImmediate function| Hammer function| _ object| $cookies1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
check.ub-account.org/api | Name: JSESSIONID Value: 8A8BABF77E4F2C29CED06819CAC22A3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
check.ub-account.org
ub-account.org
104.21.67.47
0d8d865d09c3f3038ff963dd211432085a0939a8495eda8864f6b2b4b916ba70
20dfc900c1a420e37d3f927022783b152ee0984233bff9e7455a127d97b9c6f3
4651a7c21d018aab332edbd2febb602c6b8e2afb91b94236d26779e72cf331ec
6f157d4c7218243528042dd5c1992467d6a547a758598e48a34f98c424ecef93
72b2e9fac7587093c1c46a494f62af318cacbaadb08d360a8ec2840b9c6850a5
9cb7b650a172624480f3a3072f5d4751b92ca6663da1d83b0e8ce624b7435c6e
b6d8c19a1a00d9ac27eaae3e8cba9d53fcb6b076d35a5068dc4cdfa62d647da9
c2bdc4c3819407e7b388cf2003629c5bcad40b5ea26ab27497138af854ce244a
d310cc9a575659f46afe99fb7328b3803176a34e7fd02f9a5b9f4d287064536f