lemon15037135.brizy.site Open in urlscan Pro
34.237.47.210 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aw5.in/DiTZZ
Effective URL:
https://lemon15037135.brizy.site/
Submission: On January 14 via manual (January 14th 2023, 1:02:57 am UTC) from CA — Scanned from CA

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 10 HTTP transactions. The main IP is 34.237.47.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is lemon15037135.brizy.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 1st 2022. Valid for: a year.

This is the only time lemon15037135.brizy.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.116.160 184.168.116.160	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	34.237.47.210 34.237.47.210	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:303... 2606:4700:3034::ac43:c938	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.32.193 146.75.32.193	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	6

1 184.168.116.160 (Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 160.116.168.184.host.secureserver.net

aw5.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.47.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com

lemon15037135.brizy.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b-cloud.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c938 (United States)

ASN13335 (CLOUDFLARENET, US)

captura.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	b-cdn.net b-cloud.b-cdn.net — Cisco Umbrella Rank: 319600	159 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 811
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15593	26 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 6006	9 KB
1	captura.click captura.click	11 KB
1	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 14408	2 KB
1	brizy.site lemon15037135.brizy.site	2 KB
1	aw5.in 1 redirects aw5.in	597 B
10	8

	Domain	Requested by
3	b-cloud.b-cdn.net	lemon15037135.brizy.site
2	static.xx.fbcdn.net
1	whos.amung.us
1	i.imgur.com
1	captura.click	lemon15037135.brizy.site
1	fonts.bunny.net	lemon15037135.brizy.site
1	lemon15037135.brizy.site
1	aw5.in	1 redirects
10	8

This site contains no links.

Subject Issuer	Validity	Valid
*.brizy.site Sectigo RSA Domain Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
fonts.bunny.net R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.captura.click E1	`2022-11-19` - `2023-02-17`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.amung.us Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-06-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-23` - `2023-01-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lemon15037135.brizy.site/
Frame ID: 22FA6E45E4ED1B470E43312B996F5E32
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicia sesión en Facebook para ver el video

Page URL History Show full URLs

http://aw5.in/DiTZZ HTTP 301
https://lemon15037135.brizy.site/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

183 kB
Transfer

732 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aw5.in/DiTZZ HTTP 301
https://lemon15037135.brizy.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lemon15037135.brizy.site/
Redirect Chain

http://aw5.in/DiTZZ
https://lemon15037135.brizy.site/

8 KB
2 KB

117ms
23ms

Document
text/html

34.237.47.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.237.47.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-47-210.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c1047582ef5be414daccfa9a30a8c62692377b07be99bcb7730f6d11b1b90ab5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 126002
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 1935
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 01:02:52 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.2)
x-brizy-preview: 1
x-cache: HIT
x-cache-hits: 961
x-varnish: 37016718 30085844

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Jan 2023 01:02:51 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5
Pragma: no-cache
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
location: https://lemon15037135.brizy.site/#1673532244288

GET
H2 200 css
fonts.bunny.net/ 44 KB
2 KB 130ms
34ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Requested by: Host: lemon15037135.brizy.site
URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 1ef568d72aa816e15f123b3f91479bff568fc58aa8fba65c8538e9367f6be30b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:52 GMT
content-encoding: br
cdn-edgestorageid: 885
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-cachedat: 01/09/2023 10:43:15
cdn-pullzone: 781720
last-modified: Mon, 09 Jan 2023 10:43:15 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 78e83fb9dde238eb097a1de9d440e790
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.css
b-cloud.b-cdn.net/builds/free/251-cloud/editor/css/ 283 KB
40 KB 87ms
23ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/251-cloud/editor/css/preview.css
Requested by: Host: lemon15037135.brizy.site
URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: f7bb8fdc6dae397d12b6ad7a742b39a5d7e13d2302227b06cf5100a96a7edfac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:52 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 625P9Z14V31C3D8S
cdn-cachedat: 12/26/2022 09:34:00
cdn-pullzone: 246147
x-amz-id-2: aiGCr/NvsN5vCs3Y+QInYXjuiBZV5iLlOi83VCyj+ASuJxgYMmQpEK/zwC+Aimd6ZdgWYEhocu8=
last-modified: Mon, 26 Dec 2022 08:56:42 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"66f8ab876d89d216dc3f47fe1b149077"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8096f393ba1c6c1d0feb2edb0a6434f9
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/251-cloud/editor/css/preview.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 / Show response
captura.click/ 45 KB
11 KB 629ms
565ms Script
text/html 2606:4700:3034::ac43:c938
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captura.click/?token=U2FsdGVkX1%2BMo5ZNKsDMtL3S0ZDPVqqG7GFeY0gBGlJtA1L2rxnO6VBKFQMgMwgAfiSIumqK9cSss6mduSYKbA%3D%3D
Requested by: Host: lemon15037135.brizy.site
URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c938 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9bcf67e97195ad377f141040fe264bbe8e8550dbd93d1a1ef3e55c33c2435661

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wASQM6CpK2xC%2FZmPvhHOUWJ4K5Jk8Q%2FrTYHCuqT0OckcXt%2BSenRsirYKE%2BWSd9PvBcwy5O1yRf9%2FvdHDTyhsLKt01i%2B%2FA1NRD1vAv3livfQZv6QxgKOZC52RKKD7e80LhvVLdSqX8NV7p0Ng"}],"group":"cf-nel","max_age":604800}
x-cache: MISS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 789272daccc2236f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 group-jq.js Show response
b-cloud.b-cdn.net/builds/free/251-cloud/editor/js/ 98 KB
37 KB 89ms
27ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/251-cloud/editor/js/group-jq.js
Requested by: Host: lemon15037135.brizy.site
URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ad896313b504c4c70397664e5894379c052d248d1cb384a7772230b9429dff0f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:52 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 625WS41PPXF55E25
cdn-cachedat: 12/26/2022 09:34:00
cdn-pullzone: 246147
x-amz-id-2: 04g5Ebj0KnYyU/7FPHQMMEPH3/fA38XSbggtTKIjm08UMVvh3kJZcKu5ZQPJh0UBSgMfbopRmFE=
last-modified: Mon, 26 Dec 2022 08:59:43 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"4d182f886a2c9b4750d67b18a8d83d3e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: 28a2f6098108d57d98eefb2f30cf5cad
cdn-requestcountrycode: CA
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/251-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preview.js Show response
b-cloud.b-cdn.net/builds/free/251-cloud/editor/js/ 244 KB
82 KB 125ms
62ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b-cloud.b-cdn.net/builds/free/251-cloud/editor/js/preview.js
Requested by: Host: lemon15037135.brizy.site
URL: https://lemon15037135.brizy.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: badbdac55e8a04dc972470469e4f485b6142bb871e18bc9da51f14ce329ef59d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:52 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 625VW60TRVSG0YR7
cdn-cachedat: 12/26/2022 09:34:00
cdn-pullzone: 246147
x-amz-id-2: r61fqIxTMhC2tWHQ9MB1EVWZ0Jy62dIUJ0sOV4N+HDwr0F82Th4aJISePuRYeCx0kjp8ByulUdA=
last-modified: Mon, 26 Dec 2022 08:59:43 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"00ab6649a1b9b168f1d45eab48c949e2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control: public, max-age=31919000
cdn-requestid: fac6e91ce3d5ae231b1d58480b6972c5
cdn-requestcountrycode: CA
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/251-cloud/editor/js/preview.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wCOStwT.png
i.imgur.com/ 9 KB
9 KB 91ms
27ms Image
image/png 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/wCOStwT.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:53 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1291546
x-cache: HIT
content-length: 9180
x-served-by: cache-iad-kjyo7100136-IAD
last-modified: Mon, 08 Mar 2021 04:50:40 GMT
server: cat factory 1.0
x-timer: S1673658173.327550,VS0,VE1
etag: "168c57cb0a4861565d8db5b896f40218"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 /
whos.amung.us/pingjs/ 26 B
26 B 130ms
59ms Image
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=efest03&t=&x=https://panelfbs.me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:02:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 789272df59e21811-EWR
content-type: text/javascript;charset=UTF-8

GET
H2 404 5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 0
0 73ms
21ms Image
text/html 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 404 lqbz1hqlAFx.png
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ 0
0 74ms
21ms Image
text/html 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lqbz1hqlAFx.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lemon15037135.brizy.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aw5.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: a14de1a500789ae3a71cf62aebdc91be
			aw5.in/	1970-01-20 08:54:19	Name: short_2975 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lqbz1hqlAFx.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aw5.in
b-cloud.b-cdn.net
captura.click
fonts.bunny.net
i.imgur.com
lemon15037135.brizy.site
static.xx.fbcdn.net
whos.amung.us
146.75.32.193
184.168.116.160
2606:4700:10::6816:4bab
2606:4700:3034::ac43:c938
2a02:6ea0:c454::1
2a03:2880:f012:10c:face:b00c:0:3
34.237.47.210
0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784
1ef568d72aa816e15f123b3f91479bff568fc58aa8fba65c8538e9367f6be30b
9bcf67e97195ad377f141040fe264bbe8e8550dbd93d1a1ef3e55c33c2435661
ad896313b504c4c70397664e5894379c052d248d1cb384a7772230b9429dff0f
badbdac55e8a04dc972470469e4f485b6142bb871e18bc9da51f14ce329ef59d
c1047582ef5be414daccfa9a30a8c62692377b07be99bcb7730f6d11b1b90ab5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7bb8fdc6dae397d12b6ad7a742b39a5d7e13d2302227b06cf5100a96a7edfac

lemon15037135.brizy.site Open in urlscan Pro 34.237.47.210 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

57 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

183 kBTransfer

732 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

lemon15037135.brizy.site Open in urlscan Pro
34.237.47.210 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

183 kB
Transfer

732 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!