youneedhelps.com
Open in
urlscan Pro
103.147.169.10
Malicious Activity!
Public Scan
Effective URL: https://youneedhelps.com/img/a/vector.php?carp=040404
Submission: On April 22 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 12th 2021. Valid for: 3 months.
This is the only time youneedhelps.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.183.87.159 52.183.87.159 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
17 | 103.147.169.10 103.147.169.10 | 140073 (DIGITALSY...) (DIGITALSYNAPSE-AS-AP Digital Synapse) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com |
ASN140073 (DIGITALSYNAPSE-AS-AP Digital Synapse, BD)
youneedhelps.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
youneedhelps.com
youneedhelps.com |
2 MB |
3 |
googleapis.com
fonts.googleapis.com |
3 KB |
2 |
gstatic.com
fonts.gstatic.com |
29 KB |
1 |
dynamics.com
1 redirects
a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com |
478 B |
22 | 4 |
Domain | Requested by | |
---|---|---|
17 | youneedhelps.com |
youneedhelps.com
|
3 | fonts.googleapis.com |
youneedhelps.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com | 1 redirects |
22 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
youneedhelps.com cPanel, Inc. Certification Authority |
2021-03-12 - 2021-06-10 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://youneedhelps.com/img/a/vector.php?carp=040404
Frame ID: 9B4029D2854CC581D58520633D276B48
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com/t/r/pCdEFg_CT2Iqk5BEIQWrzMtdhLqijkNrha-5U-9wWVI
HTTP 302
https://youneedhelps.com/img/a/vector.php?carp=040404 Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com/t/r/pCdEFg_CT2Iqk5BEIQWrzMtdhLqijkNrha-5U-9wWVI
HTTP 302
https://youneedhelps.com/img/a/vector.php?carp=040404 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
vector.php
youneedhelps.com/img/a/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
22 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
youneedhelps.com/img/a/assets/css/ |
141 KB 142 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.min.css
youneedhelps.com/img/a/assets/css/ |
56 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
youneedhelps.com/img/a/assets/css/ |
79 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.carousel.min.css
youneedhelps.com/img/a/assets/plugins/slider/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.theme.default.css
youneedhelps.com/img/a/assets/plugins/slider/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
youneedhelps.com/img/a/assets/css/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
art-direction.png
youneedhelps.com/img/a/assets/images/ |
214 KB 214 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nt.jpg
youneedhelps.com/img/a/assets/images/ |
674 B 916 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
youneedhelps.com/img/a/assets/images/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
youneedhelps.com/img/a/assets/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.min.js
youneedhelps.com/img/a/assets/js/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
youneedhelps.com/img/a/assets/js/ |
48 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-scrolltofixed-min.js
youneedhelps.com/img/a/assets/plugins/scroll-fixed/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.carousel.min.js
youneedhelps.com/img/a/assets/plugins/slider/js/ |
42 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
youneedhelps.com/img/a/assets/js/ |
727 B 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
css
fonts.googleapis.com/ |
6 KB 648 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
css
fonts.googleapis.com/ |
9 KB 753 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v.gif
youneedhelps.com/img/a/assets/images/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a4850716d03b4347b3e32b8622fe5176.svc.dynamics.com
fonts.googleapis.com
fonts.gstatic.com
youneedhelps.com
103.147.169.10
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
52.183.87.159
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
2a5d6f434ca2a1ee89ea27668f9e6a18d8283ab28e4c987859815d9a2567bd9c
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c80946ac7f16a2f05e1eada7e105651381e3d7ba9e07d555ab52c5fa8609390
42c96e75988266ffe1bd9d531c2e920cb0b4583b734c6050b11468e13b8039d1
68c71219bdbe57d40b8871cf280843285f6b27dfc13231b39d9c0b6caf378926
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
8864f83325db89c90cdbaac91d4a05a196968594e4564a657231aa010bb894ee
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f79f33e6422447b91059192452a123b2d5b4f05993eb50df73b351eb75d460f
a6b23d5249774944dc40ad8877f441277ef10ce618fb28df5a7b28ee8b14aced
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b508a39e1d80f8843ca9774700f6fe60b158c094835f09f47209affa36237ec8
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cc5fd132061a74f7734ff3ff5e31d6fc9e9ecf30798d98f9f1ac0bceb37fb7db
d37676fd7b04f32abd7d3aa6ca96643ce4163ede9cc7f05be42f671fce5d7fef
d7051faafa76e4d173cf2722cb402dae1f2ca6e13dcf11ddf5355b9c0a9c5d41
db163d9468eaec9c0c440474152ada5e53d8c781e84ddb5b250d365ab5b55bb7
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ede1466795eb4042a622781a4b5f0e8e12a93257b6dc5deae7deaaf4d2b33a5e
f11ed90b40e2b67e8dd5117ffcfaee8ede0a7bbc0fd99e1d1912580a79fe5b4a