urlscan.io logo urlscan.io
SecurityTrails logo

66790806754890.su Open in urlscan Pro
2606:4700:3033::6815:27d0  Public Scan

Go To Rescan Add Verdict Report
URL: https://66790806754890.su/umobile/um.html
Submission Tags: @phish_report
Submission: On October 22 via api from FI — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3033::6815:27d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is 66790806754890.su.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.
This is the only time 66790806754890.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
7 66790806754890.su
66790806754890.su
17 KB
7 1
Domain Requested by
7 66790806754890.su 1 redirects 66790806754890.su
7 1

This site contains no links.

Subject Issuer Validity Valid
66790806754890.su
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://66790806754890.su/umobile/um.html
Frame ID: DC78C1D94AF294BE9A0A3601B852309B
Requests: 3 HTTP requests in this frame

Frame: https://66790806754890.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: 9BC5294E08F237313CA4FAA925DB5EBF
Requests: 2 HTTP requests in this frame

Frame: https://66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: EBB0801A9E728BEDD2954F60FBE3A56F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://66790806754890.su/umobile/um.html Page URL
  2. https://66790806754890.su/umobile/um.html Page URL

Page Statistics

7
Requests

57 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

16 kB
Transfer

25 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://66790806754890.su/umobile/um.html Page URL
  2. https://66790806754890.su/umobile/um.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://66790806754890.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
um.html
66790806754890.su/umobile/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/umobile/um.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e54d3a147aba23ceb6e9817b87fb1c148201e0e358878490ca7dd6b58700eb
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8d6d0826ccff41ad-EWR
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 22:47:54 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQNd9WxmkDLcpgneR7QQzStzDZJj0RmgWR7EoQYCN2pR5nV3u%2F8qtt71cwKF2cExO3WH3UxMQZkWRdjoDz31eRVDTwWaY6zCnA9A%2B2dFhyW%2BGSH8nfK4NPxqIA334q5hZka9NRNguarD30RF2MFzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28644&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4443&delivery_rate=560&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=332&x=1" cfExtPri cfHdrFlush;dur=0
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
um.html
66790806754890.su/umobile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/umobile/um.html
Requested by
Host: 66790806754890.su
URL: https://66790806754890.su/umobile/um.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Combination
Referer
https://66790806754890.su/umobile/um.html
X-Requested-TimeStamp
X-Requested-Type-Combination
GET
BGZAaE5AAakvVHONjsO1xQderM
XVxpk7yifAqQWglzNfkTWrmXo8
JAc2cIUKVqiWRm668ixS1YTM6NI
41343045
X-Requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
X-Requested-Type
GET
Content-type
application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94RZ5BaPl8ZMR8EePfa07nXM2eta3OGU%2BS4tmK0Brz%2BpwJGD84KomRpwCBuAIN0YI6CvX7FPUjHMbxLjtz4bM%2BKjlYyMle6faY33DeSg4esfC5VurPjMbxsHQsdtALWiJq0zQ0rH6%2FZMNoQE1ZDLjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27907&sent=25&recv=18&lost=0&retrans=1&sent_bytes=14418&recv_bytes=5961&delivery_rate=333563&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=583&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 22:47:55 GMT
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server-powered-by
Engintron
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8d6d0829484741ad-EWR
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
main.js
66790806754890.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame 9BC5
Redirect Chain
  • https://66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://66790806754890.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
Protocol
H3
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeqJfH85dsFYX6SDWlN3uH6Fm7vf9BfFmoITySDx9cjl39cvI1IYewQHHklvE3dLKU%2BQ8pe73DEuGtblKARLr1Cq2bDRFe3ZvbUl7jIkYFAHTUmdnnUkew1GGXMY8oJSf90vFa6QXlggZBPFLb7mDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d6d082a99e841ad-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49937&sent=28&recv=20&lost=0&retrans=1&sent_bytes=15639&recv_bytes=7217&delivery_rate=3481&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=665&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 22:47:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Z9D5mWdEb%2F3osREFgCmkSz6odKRU10%2FWtmYNTkUXh3XJmQTXaSCtE7SG78dRiclRZenA%2BwMZtxm6yPCAAJT0ERiKpPQ8KVNUtChFlSylqTB0M%2Bl9VFAcerL2yRCheaUtpnEWGEN3qeF3cbJL6bI7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d0829484a41ad-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=27907&sent=23&recv=18&lost=0&retrans=0&sent_bytes=12968&recv_bytes=5961&delivery_rate=333563&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=452&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 22:47:55 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
Primary Request um.html
66790806754890.su/umobile/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/umobile/um.html
Requested by
Host: 66790806754890.su
URL: https://66790806754890.su/umobile/um.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204c13e0ba2879776df4400566b9c04214bc10b1cd1510bef3dec68dc4a7967c
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://66790806754890.su/umobile/um.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d6d082c0bb741ad-EWR
content-encoding
zstd
content-type
text/html
date
Tue, 22 Oct 2024 22:47:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcL6KdIf2zCFLJBFQTF7fS92IbEkUH%2B9tViWgmCgFg5TB%2FdqzX7IV7i1tXTxJ%2BsFVtTaOmntioKh8mXnFVvJuFR1pDD40GLUSP%2F7KwzEBXO%2Fvm1n7fPBBUUGLNmd3LZ1jeYqwmrDZdJilgr%2BiIJg0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=166582&sent=34&recv=25&lost=0&retrans=1&sent_bytes=20351&recv_bytes=8680&delivery_rate=16832&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=1062&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
8d6d0826ccff41ad
66790806754890.su/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9BC5 		0
0
main.js
66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/ Frame EBB0 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: 66790806754890.su
URL: https://66790806754890.su/umobile/um.html
Protocol
H3
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe389c7f35d133dd160aaab2f8ad0c61f4f7bf098bdeb11b6617e1bdf44f538
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeqJfH85dsFYX6SDWlN3uH6Fm7vf9BfFmoITySDx9cjl39cvI1IYewQHHklvE3dLKU%2BQ8pe73DEuGtblKARLr1Cq2bDRFe3ZvbUl7jIkYFAHTUmdnnUkew1GGXMY8oJSf90vFa6QXlggZBPFLb7mDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d6d082a99e841ad-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49937&sent=28&recv=20&lost=0&retrans=1&sent_bytes=15639&recv_bytes=7217&delivery_rate=3481&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=665&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 22 Oct 2024 22:47:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8d6d082c0bb741ad
66790806754890.su/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EBB0 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://66790806754890.su/cdn-cgi/challenge-platform/h/g/jsd/r/8d6d082c0bb741ad
Requested by
Host: 66790806754890.su
URL: https://66790806754890.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:27d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMDcS%2B2YCA7SRoiYr1Om9f98oHDylnlRistZV4zBOZJWddlRotUc729djoXdR8NR%2B9r1JOyqjV4Ro3FKzRA4L3%2F9WACa%2B%2BM2M7M9vbrpqUVnmYyOFHJDun8tNm5epb%2Bqlso7fFBZ8rNMr1UsAlsnlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d6d0830590f41ad-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=199587&sent=68&recv=58&lost=0&retrans=1&sent_bytes=23631&recv_bytes=44057&delivery_rate=3075&cwnd=12000&unsent_bytes=0&cid=ab47805e5295057e&ts=1656&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Tue, 22 Oct 2024 22:47:56 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
66790806754890.su
URL
https://66790806754890.su/cdn-cgi/challenge-platform/h/g/jsd/r/8d6d0826ccff41ad

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
66790806754890.su/ Name: bHebHIU15xLn6jEQEcGmWf5bHZM
Value: UHH9ANzvCxlzUahyIZe697UNwJE
66790806754890.su/ Name: wYSPxd7QpC98Y32-Cg2c3gJ7mLI
Value: 1729637270
66790806754890.su/ Name: aed54e9A56X6-0cEfRAENok3j_Q
Value: 1729723670
66790806754890.su/ Name: Xczrhyk0kvYTvDkBwJUkzmBvoJo
Value: xq91-VYbpCX1XTU4qRQKjQnD5vo
66790806754890.su/ Name: AmssIPSLxXkRkEr69aissTCQRP4
Value: 1YSApcDyOe3hxe1VDW7p2kkgjMQ
66790806754890.su/ Name: XjagU4LwOXa85iK3s7yCiMsu74A
Value: qpaE95E8iIuCKqwZoH4K6HXMI2o
66790806754890.su/ Name: 7T7X5d3NHydZoOToq43UbEV7ouE
Value: 1729637275
66790806754890.su/ Name: 4emY8sVgUu7uKTaeG5zdkF8u27I
Value: 1729723675
66790806754890.su/ Name: nyfMJ2e_wMtgDrWzTbZCMTNHeWQ
Value: yRHyIFvbaPewgp6ahlPRH48rBBQ
66790806754890.su/ Name: lwIH9rq7zHTmX1qRp7aG0tsPHvc
Value: jQasbePzFWozu8aFMh-CsexVT0w
.66790806754890.su/ Name: cf_clearance
Value: 7PV_glbR5upGnZFpFIadjLoeD.pfZZ8YLExzGcr5Jqo-1729637276-1.2.1.1-9LVLomfwM8WXVSj_57Sq8VLXoPC9GJfoe7.zlfCcZLapzeO1JNJw38cHF9LbYIUUwpEgIk_IViWYbLwPNEOwB1PDFTpLIjRqCBCZOFrzIeLstQeRQ9KNlAnPS_mYgqHs8YQboeLL31BShjxK6rP8xXZQE6YxGLEAopbetoLa.rOdEyho.8CMjimQYp0PuEHvRf5f0FMNe7aaeUn7Jh3sOqAHVg3nMZ9LtaBn1kWDeI5G1w01DnqrgZoZDDzfyQ_KQzh5qYXegk2.EqN.2gj8uTagTay.9itRwp9RESxN_lFqvw1FAbCgS77BFZi95xiWHovLbPAWwd.G4GGlJokp4IQ1rSEwws3MCsMRfzQGEQfsjyHe0XSPJTlI_alveVrj8aDwP1RgU3PisWvQBSvDpA

2 Console Messages

Source Level URL
Text
network error URL: https://66790806754890.su/umobile/um.html
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://66790806754890.su/umobile/um.html
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block