urlscan.io logo urlscan.io
SecurityTrails logo

unzip-toasty.click Open in urlscan Pro
172.67.204.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://unzip-toasty.click/
Effective URL: https://unzip-toasty.click/
Submission Tags: @phish_report
Submission: On December 24 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 172.67.204.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is unzip-toasty.click.
TLS certificate: Issued by WE1 on December 24th 2024. Valid for: 3 months.
This is the only time unzip-toasty.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.204.241 13335 (CLOUDFLAR...)
1 157.240.8.23 32934 (FACEBOOK)
7 2
Apex Domain
Subdomains		 Transfer
6 unzip-toasty.click
unzip-toasty.click
144 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
61 KB
7 2
Domain Requested by
6 unzip-toasty.click unzip-toasty.click
1 connect.facebook.net unzip-toasty.click
7 2

This site contains no links.

Subject Issuer Validity Valid
unzip-toasty.click
WE1		 2024-12-24 -
2025-03-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-03 -
2025-01-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://unzip-toasty.click/
Frame ID: 9D56C2C35C38A86B60DD1D810100082B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Er du over 21 år?

Page URL History Show full URLs

  1. http://unzip-toasty.click/ HTTP 307
    https://unzip-toasty.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

205 kB
Transfer

383 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://unzip-toasty.click/ HTTP 307
    https://unzip-toasty.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unzip-toasty.click/
Redirect Chain
  • http://unzip-toasty.click/
  • https://unzip-toasty.click/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unzip-toasty.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9819c027dcd6cef49d8773aa3f7dcd9bfabe742c8245287a3210547bb4c7b0dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f73ff91bb9d571d-SYD
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 22:23:53 GMT
expires
Tue, 24 Dec 2024 22:23:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJVx7TKqtY%2Bd3XoLQZhEmwKxnY4y%2FMjOzYpTkz0D2kGSKU%2Ft%2B1E%2Bv%2FEUqic6mpADdJgXuWXcL8HXrPYozZ%2F%2Bcccebuo3bpkI7x7A1dBaMjO1b0AQ4iXLJdpaBEfx7xNc%2FVaru%2FU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33539&min_rtt=32962&rtt_var=5954&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4512&delivery_rate=473&cwnd=12000&unsent_bytes=0&cid=a2b279873631b7e4&ts=1168&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://unzip-toasty.click/
Non-Authoritative-Reason
HttpsUpgrades
style.css
unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/style.css
Requested by
Host: unzip-toasty.click
URL: https://unzip-toasty.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe89831cc5b447ac082ea28d74f74985afadad1b0b3bf21a284ed662b9b9bd9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"676a7f80-a02"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NA5mDHWlZnm4oZCRZkPmLnusit6Zzw28012iddxW4ZbLgV02MX%2BKLpJT8IaxO6h5hYcVXJKaLZLFdbCqXkxezZuw9%2F7C5orAkEITtslx%2B9Kkfn6WatXoxARjIoZrq7TOQcrBLLk%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 22:23:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33574&min_rtt=32962&rtt_var=3596&sent=26&recv=15&lost=0&retrans=0&sent_bytes=18890&recv_bytes=6508&delivery_rate=81575&cwnd=12000&unsent_bytes=0&cid=a2b279873631b7e4&ts=2336&x=1", cfExtPri, cfHdrFlush;dur=16
date
Tue, 24 Dec 2024 22:23:54 GMT
content-type
text/css
last-modified
Tue, 24 Dec 2024 09:31:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f73ff9928dc571d-SYD
access-control-allow-origin
*
server
cloudflare
2.png
unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/2.png
Requested by
Host: unzip-toasty.click
URL: https://unzip-toasty.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
628a4b7de1dda478e0a053878406a89ba0ca53b79640565150b388c2ebc2c7df

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/

Response headers

cf-cache-status
MISS
etag
"676a7f80-31ba"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWeI6%2FxLN2%2BsY3kBw3H9%2FQYih4eSQzVrDGSjY5iSsnHskxGwtaLC%2FWKz%2FlBtYuNMc2lZz%2Fl0avvyshc9p%2Bpy79yzclSNASBhXWzgKHTapDGQRNaNOMjsIH3C3bwJum4GSJvdV1A%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 22:23:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33574&min_rtt=32962&rtt_var=3596&sent=16&recv=15&lost=0&retrans=0&sent_bytes=6890&recv_bytes=6508&delivery_rate=81575&cwnd=12000&unsent_bytes=0&cid=a2b279873631b7e4&ts=2318&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 22:23:54 GMT
content-type
image/png
last-modified
Tue, 24 Dec 2024 09:31:44 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f73ff9928dd571d-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
12730
server
cloudflare
1.jpg
unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/1.jpg
Requested by
Host: unzip-toasty.click
URL: https://unzip-toasty.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d607c411b5e1da726817365ec4a88f4aed92e4c01d966eeb5cf24b7669f7f15c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/

Response headers

cf-cache-status
MISS
etag
"676a7f80-8717"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Vp3%2FU6vFzoePjAOccWbYEru5AOIOVrMaZs5g6x0jTSxzD30bwFuOD%2Fd82qddTV2RDrkifMlqjnLPm4glgKPNi9ldnjMgpxDzrdT3Rg1aMdCMIHZE2M3eZSTt5aih4qncoBcvQ0%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 22:23:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33604&min_rtt=32962&rtt_var=687&sent=31&recv=23&lost=0&retrans=0&sent_bytes=22239&recv_bytes=7489&delivery_rate=99710&cwnd=24000&unsent_bytes=0&cid=a2b279873631b7e4&ts=2625&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 22:23:55 GMT
content-type
image/jpeg
last-modified
Tue, 24 Dec 2024 09:31:44 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f73ff9928de571d-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
34583
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: unzip-toasty.click
URL: https://unzip-toasty.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-mmDaI4Bp' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 22:23:53 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-mmDaI4Bp' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4467, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
5N6wyPRlYC9CUyHmUM/9nrvuf4GcSlto8/1fUiEou0JnHW9ow5w/jA+JRCbyJgt3JZYI8sSn1FMwMsT3fp1niw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
black.png
unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/black.png
Requested by
Host: unzip-toasty.click
URL: https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd09675da3ab2d9ba412ae1ab342f32a470ec230b6995d8b7f07d797ea16a71

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/lander/4698-no-telegram-21----black---fbapi/style.css

Response headers

cf-cache-status
MISS
etag
"676a7f80-16ce3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpHDFPNYUqlU%2BTypx%2BCy07oX8qjLiK2Hu6ms3Osk48aUMKR3VO9b8FGFPjQxLN8r1Tn%2F991R2tClwVlrCLxMNQLlpB4Zaha%2B08V6KQES5otMcjF64B2bssq0pOaDpF4H%2FvBdl3g%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 03 Jan 2025 22:23:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33603&min_rtt=32962&rtt_var=424&sent=62&recv=39&lost=0&retrans=0&sent_bytes=58311&recv_bytes=8178&delivery_rate=363793&cwnd=48000&unsent_bytes=0&cid=a2b279873631b7e4&ts=4021&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 22:23:56 GMT
content-type
image/png
last-modified
Tue, 24 Dec 2024 09:31:44 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f73ffa06e1d571d-SYD
accept-ranges
bytes
access-control-allow-origin
*
content-length
93411
server
cloudflare
favicon.ico
unzip-toasty.click/ 		146 B
756 B 		Other
General
Check archive.org
Download Go to
Full URL
https://unzip-toasty.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://unzip-toasty.click/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PqahwUTMQ1yxr5ItAIJb%2Bq3JddCJ3l5m1N407RqqOABoIOkhOF%2FZzTVxpZk6%2B6gymfZxsKgNU7wXP6ZNzSnG%2BcEoI69F4oQG4IooKaYW3Eif2ezOoWoGLtAC809675A1TXmBFM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f73ffab1cd5571d-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34348&min_rtt=32962&rtt_var=223&sent=145&recv=66&lost=0&retrans=0&sent_bytes=154583&recv_bytes=9956&delivery_rate=1451728&cwnd=96000&unsent_bytes=0&cid=a2b279873631b7e4&ts=5227&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 24 Dec 2024 22:23:57 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
unzip-toasty.click/ Name: _subid
Value: fo5bk64quiup
unzip-toasty.click/ Name: f5771
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjY5MTgzXCI6MTczNTA3OTAzM30sXCJjYW1wYWlnbnNcIjp7XCI1NTUwNlwiOjE3MzUwNzkwMzN9LFwidGltZVwiOjE3MzUwNzkwMzN9In0.6Gfzkw7xuiCoYK6uSPnDwm5ZaD7-U9BIReExYlgHR9o
unzip-toasty.click/ Name: _token
Value: uuid_fo5bk64quiup_fo5bk64quiup676b34798dce01.41283117

1 Console Messages

Source Level URL
Text
network error URL: https://unzip-toasty.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()