rquired-pdip.rebus-vip.cloud Open in urlscan Pro
2606:4700:3035::ac43:922b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rquired-pdip.rebus-vip.cloud/
Effective URL:
https://rquired-pdip.rebus-vip.cloud/termsofservice.html
Submission: On December 02 via api (December 2nd 2023, 10:57:33 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3035::ac43:922b, located in United States and belongs to CLOUDFLARENET, US. The main domain is rquired-pdip.rebus-vip.cloud.
TLS certificate: Issued by GTS CA 1P5 on December 2nd 2023. Valid for: 3 months.

This is the only time rquired-pdip.rebus-vip.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:1c7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3035::ac43:922b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

1 2606:4700:3030::6815:1c7b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rquired-pdip.rebus-vip.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::ac43:922b (United States)

ASN13335 (CLOUDFLARENET, US)

rquired-pdip.rebus-vip.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rebus-vip.cloud 1 redirects rquired-pdip.rebus-vip.cloud	312 KB
10	1

	Domain	Requested by
11	rquired-pdip.rebus-vip.cloud	1 redirects rquired-pdip.rebus-vip.cloud
10	1

This site contains no links.

Subject Issuer	Validity	Valid
rebus-vip.cloud GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rquired-pdip.rebus-vip.cloud/termsofservice.html
Frame ID: E3555644E43CB5BF36F5F772D93761F8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terms of Service

Page URL History Show full URLs

http://rquired-pdip.rebus-vip.cloud/ HTTP 301
https://rquired-pdip.rebus-vip.cloud/ Page URL
https://rquired-pdip.rebus-vip.cloud/termsofservice.html Page URL

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

311 kB
Transfer

746 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rquired-pdip.rebus-vip.cloud/ HTTP 301
https://rquired-pdip.rebus-vip.cloud/ Page URL
https://rquired-pdip.rebus-vip.cloud/termsofservice.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://rquired-pdip.rebus-vip.cloud/ HTTP 301
https://rquired-pdip.rebus-vip.cloud/

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response rquired-pdip.rebus-vip.cloud/ Redirect Chain http://rquired-pdip.rebus-vip.cloud/ https://rquired-pdip.rebus-vip.cloud/	190 B 585 B	365ms 289ms	Document text/html	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `95fdaa6b4173b7bfcc5153c22f7f6a1ce2aa8f8065bcc4fd291696e7d15dd3ed` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82f72b257b10b3dd-MIA content-encoding br content-type text/html date Sat, 02 Dec 2023 22:57:23 GMT last-modified Fri, 18 Aug 2023 18:53:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEVZ3Ulq7gKrNJpZBuU2BgesjHl3wbLX1Pke%2FGfqpGb2N37TaKdZC5auTm%2FPBsu1NPTXp0ry386CjZ3oltbVx8U09yoIpcf1P2MsSOvsfD5rZo54JIgtvrLsPTNW2hqA6ycs0v0ppkn%2Fx7GuJedSmfJ0nV1kxzMHl4Dr"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-RAY 82f72b24bed425e3-MIA Cache-Control max-age=3600 Connection keep-alive Date Sat, 02 Dec 2023 22:57:22 GMT Expires Sat, 02 Dec 2023 23:57:22 GMT Location https://rquired-pdip.rebus-vip.cloud/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPEMPHxoPHj0Bk3ETNDv6rOSK8gBc%2BwMIiQMKtds15T2zTc5QuYttGNF3DdOPpHwhDCJu%2FTYK8wfsDtskwyJIZgZQQY%2FimRJoUQmelem4Z61F174nnA1Knv1o5kP%2FyS9tilbp%2BUWiAmjM34QX61%2BfkxGoQn5XPsiVSK1"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	Primary Request termsofservice.html Show response rquired-pdip.rebus-vip.cloud/	15 KB 5 KB	165ms 164ms	Document text/html	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `856f032c378572c7ae8bc608638b20f19e5127122a2320016069344c5d8d2bba` Request headers Referer https://rquired-pdip.rebus-vip.cloud/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82f72b277dccb3dd-MIA content-encoding br content-type text/html date Sat, 02 Dec 2023 22:57:23 GMT last-modified Mon, 11 Sep 2023 12:39:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8LEGgnZzH5%2BJdZ6KsleupDH1JSLHOVtdNN9qZvU7I0mjaSKPFzeFLFp565Hckn8PEcSdhAzABVQ73OolTrXTwzIfLeXQ9PqEtqCr0VAt%2F84CTMU4vaComppejIclPNNx0R8Qyo3iksJbxJxztSsJfx8LOnmscrKxB0i"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	sBXWJVtE_l6.css rquired-pdip.rebus-vip.cloud/css/	36 KB 10 KB	500ms 499ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/sBXWJVtE_l6.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c1648423329b6b28cffe0d7e4e37440b75508a6f6e294a43623f8480e4326ef` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:54:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZk%2BHsZ0pifLjJaumwo6utGF6eyShNvIe%2F7UHhcye%2FrN2kSvx4pLJrk6al8UmKFcU%2F6l7lreqxS0wE5H63FvoblQPl7SAbrpVqV8hOsQQivIqhspWORRgu96%2Bgof0B5WC%2FS%2FYkyvjp3ugfo2G3QJ%2FhvSPybDv%2Fvy5xwU"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e5a2269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	PQsdvTo0jWu.css rquired-pdip.rebus-vip.cloud/css/	37 KB 9 KB	535ms 533ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/PQsdvTo0jWu.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a4eebaffa2a0f955b1c22963ce122d6b2721c06bb2de5fa598e5b6395877b208` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:55:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnnxBKXq43aV73KrnrxnABbXxj9TC1sDEyMH8IqzOmklAE0Hbqk1961eHIP0aM2YryG7emB%2Fg5i%2FnEQnr4N4EPJ1su7W9xaIMMuiX5I3NP1M4RTf%2BHjAC%2BVplZaxzQS2yP2FH2afTfqY%2BVb%2F0aLjtKA0sn%2FSk9x%2Bjtzs"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e5e2269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	9S6WONSXioV.css rquired-pdip.rebus-vip.cloud/css/	810 B 838 B	289ms 287ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/9S6WONSXioV.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed25d38dd96abfe8f674faa19436788b55109095ca63725fb1210e4f1f5a0fea` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:55:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l62wuY78PUgoasBJEuQJWxU2eHO7ykgo5PoJ1XPcj94cogPht%2FXQz2ATvBq7jU7OF%2BFPmT2kWcc1WBEL7%2BJbxqCzT9KC2U3IJxlOsM9zQOmLdnkVAHOsVgCflK7LPzAtinGjbRillsGr7RFUFP3994rPeTkW2qlqwv1K"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e5f2269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	vRqE9ubQhYU.css rquired-pdip.rebus-vip.cloud/css/	27 KB 7 KB	500ms 499ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/vRqE9ubQhYU.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `df9f33ffded27b0f002ed79860a184c3205b52d8a9c43d01833faba8a9c4bfda` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:56:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2YnrlpEzNdPb%2BgYal21pRJqhmzYTdDYK4x%2BzqDW8pG5SRlwGHBo1lri6qQaxshwtshWwGEZ9nj257qITWfl823WI5%2BJ1O18q7PQHA%2BJDBea81UBEVpHelxHLGOhYR5S%2FY1Gd9YWEWeV7y5QLnoM9W8FXB7jb%2F3WrGPO"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e602269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	style-pay.css rquired-pdip.rebus-vip.cloud/css/	44 KB 5 KB	567ms 566ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/style-pay.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `88c5d4bbfd88778f114aaec06162bb779759ca30339703c4c7e6e294169f560d` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:56:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KO7dA%2B5yPLPoyw8bs9OBtYV9RI%2FkguqUisR6q%2BTC9bNMDibUPhIGo4Gbe1SmtS9z91tQiiXokeF2LtDYDUfX6aJyKMysa77mFtp9F%2FQzNd%2F7Jkno%2FHOQUJOycp6WlnbckwxD54A9WTdncwt5ti6DXekaqGnS7FdCf11"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e612269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	pAy5sS6Se6DC.css rquired-pdip.rebus-vip.cloud/css/	446 KB 133 KB	779ms 778ms	Stylesheet text/css	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rquired-pdip.rebus-vip.cloud/css/pAy5sS6Se6DC.css Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23431b442c844f7284d5acd0e4636400941659175df1991e3db406444553c99b` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:24 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Aug 2023 18:57:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j07CQ6r3enK08Q3EH3eLQg1LsdBloCpiRcwsvE4c0EisddIW86P%2BvzxJMhp%2Bdyfw2nGE43TT8oO8HmypU4y8WcuxqtdWJAc64wjafq9GWALCf%2Fn1WjZeZ83aWE1NmyLxCBfqNBdsno38YOPSpROC0pp3VYIrlbChcrR8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82f72b288e632269-MIA alt-svc h3=":443"; ma=86400
GET H3	200	a.png rquired-pdip.rebus-vip.cloud/img/	24 KB 24 KB	539ms 538ms	Image image/png	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rquired-pdip.rebus-vip.cloud/img/a.png Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT cf-cache-status MISS last-modified Mon, 11 Sep 2023 12:33:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9iUEDy5iD12jV0q9qSsMuLVZupeQlLrPavE4bxi5eJc6lBsZFhOqN20RYBhKQFhSxyaILItPyLniMJi%2BWs0%2Fgfq3CM9%2FNf8OEvIijJWegvP4W01c01beGNDz9NS1ICFQnOAlfIuO60JVXjFEBFRnDy89tQxlywFcr0u"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82f72b288e652269-MIA alt-svc h3=":443"; ma=86400 content-length 24451
GET H3	200	101492-blue-security.gif rquired-pdip.rebus-vip.cloud/img/	117 KB 117 KB	568ms 567ms	Image image/gif	2606:4700:3035::ac43:922b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rquired-pdip.rebus-vip.cloud/img/101492-blue-security.gif Requested by Host: rquired-pdip.rebus-vip.cloud URL: https://rquired-pdip.rebus-vip.cloud/termsofservice.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:922b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1a28452270079f7834854b18270302bb15e53a0690ff3519a0b1beb93f0b05a4` Request headers accept-language en-US,en;q=0.9 Referer https://rquired-pdip.rebus-vip.cloud/termsofservice.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 22:57:23 GMT cf-cache-status MISS last-modified Mon, 11 Sep 2023 12:32:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9in2509yI0Rd2LwmvtRNv9bDgPthFx2cnBUPRAPdv7qxkYcR%2BJ1h53j8F931hiHNlQtDJGH%2BKhusb1wwK6QcNpLzvJYiAXTjkIiGBKSO7Sm4jyAdEg1gA0NQgEp7RWGu%2BuHmbTPtxU8whKzX8ZshWV%2Ffc3GV%2B%2BUYA6wx"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 82f72b288e672269-MIA alt-svc h3=":443"; ma=86400 content-length 119376
GET DATA	200 OK	truncated /	135 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rquired-pdip.rebus-vip.cloud
2606:4700:3030::6815:1c7b
2606:4700:3035::ac43:922b
1a28452270079f7834854b18270302bb15e53a0690ff3519a0b1beb93f0b05a4
1c1648423329b6b28cffe0d7e4e37440b75508a6f6e294a43623f8480e4326ef
23431b442c844f7284d5acd0e4636400941659175df1991e3db406444553c99b
856f032c378572c7ae8bc608638b20f19e5127122a2320016069344c5d8d2bba
88c5d4bbfd88778f114aaec06162bb779759ca30339703c4c7e6e294169f560d
95fdaa6b4173b7bfcc5153c22f7f6a1ce2aa8f8065bcc4fd291696e7d15dd3ed
a4eebaffa2a0f955b1c22963ce122d6b2721c06bb2de5fa598e5b6395877b208
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd
df9f33ffded27b0f002ed79860a184c3205b52d8a9c43d01833faba8a9c4bfda
ed25d38dd96abfe8f674faa19436788b55109095ca63725fb1210e4f1f5a0fea

rquired-pdip.rebus-vip.cloud Open in urlscan Pro 2606:4700:3035::ac43:922b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

311 kBTransfer

746 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

rquired-pdip.rebus-vip.cloud Open in urlscan Pro
2606:4700:3035::ac43:922b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

311 kB
Transfer

746 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!