urlscan.io logo urlscan.io
SecurityTrails logo

papaya6847760.brizy.site Open in urlscan Pro
34.237.47.210  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tlx003.gay/P7vBLhs1
Effective URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_i...
Submission: On June 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 10 HTTP transactions. The main IP is 34.237.47.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is papaya6847760.brizy.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.
This is the only time papaya6847760.brizy.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 1 46.227.71.75 42675 (OBEHOSTIN...)
1 34.237.47.210 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.59.220.194 60068 (CDN77 (^_^)/)
1 3 94.242.61.15 43317 (FISHNET-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 67.202.114.214 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 8
1    46.227.71.75 (Stockholm, Sweden)

ASN42675 (OBEHOSTING Obehosting AB, SE)
PTR: sityduty.de
tlx003.gay
1    34.237.47.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com
papaya6847760.brizy.site
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: edge-713.bunnyinfra.net
b-cloud.b-cdn.net
3    94.242.61.15 (Moscow, Russian Federation)

ASN43317 (FISHNET-AS, RU)
nuevatrailer.xyz
1    2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
2    67.202.114.214 (Crown Point, United States)

ASN32748 (STEADFAST, US)
whos.amung.us
1    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
Domain Requested by
3 nuevatrailer.xyz 1 redirects papaya6847760.brizy.site
3 b-cloud.b-cdn.net papaya6847760.brizy.site
2 whos.amung.us 1 redirects
1 widgets.amung.us
1 get.geojs.io papaya6847760.brizy.site
1 fonts.googleapis.com papaya6847760.brizy.site
1 papaya6847760.brizy.site
1 tlx003.gay 1 redirects
10 8

This site contains no links.

Subject Issuer Validity Valid
*.brizy.site
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-04-18		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
nuevatrailer.xyz
cPanel, Inc. Certification Authority		 2021-06-08 -
2021-09-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Frame ID: C75234D7B1593F5DDDFE7883CD519ACA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tlx003.gay/P7vBLhs1 HTTP 302
    https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

10
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

595 kB
Transfer

1336 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tlx003.gay/P7vBLhs1 HTTP 302
    https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://nuevatrailer.xyz/a/1/3/location HTTP 301
  • https://nuevatrailer.xyz/a/1/3/location/
Request Chain 9
  • https://whos.amung.us/widget/black858 HTTP 307
  • https://widgets.amung.us/classic/02/282.png

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
papaya6847760.brizy.site/
Redirect Chain
  • https://tlx003.gay/P7vBLhs1
  • https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.47.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-47-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c7c6fe10f7d4e6e89f8d547e74474fdf9c5cd2153bbb8ea0f14b9b8ff6570143

Request headers

:method
GET
:authority
papaya6847760.brizy.site
:scheme
https
:path
/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 15 Jun 2021 22:01:58 GMT
content-type
text/html; charset=UTF-8
content-length
1259
x-brizy-preview
1
vary
Accept-Encoding
content-encoding
gzip
x-varnish
35622150 28265188
age
23342
via
1.1 varnish-v4
x-cache
HIT
x-cache-hits
6269
pragma
no-cache
expires
-1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes

Redirect headers

Server
nginx
Date
Tue, 15 Jun 2021 22:01:58 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Tue, 15 Jun 2021 22:01:58 GMT
Location
https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Pragma
no-cache
Set-Cookie
_subid=1cgcaid97c;Expires=Friday, 16-Jul-2021 22:01:58 GMT;Max-Age=2678400;Path=/ _token=uuid_1cgcaid97c_1cgcaid97c60c92356831b29.84044622;Expires=Friday, 16-Jul-2021 22:01:58 GMT;Max-Age=2678400;Path=/ a5bf2=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMwNDU3XCI6MTYyMzc5NDUxOH0sXCJjYW1wYWlnbnNcIjp7XCIxNTIyOFwiOjE2MjM3OTQ1MTh9LFwidGltZVwiOjE2MjM3OTQ1MTh9In0.xujxdmc9Sw5k7eMA0jm7ec-R_UhBGMQRRHYSsqKa8S8;Expires=Tuesday, 29-Nov-2072 20:03:56 GMT;Max-Age=1623880918;Path=/
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
css
fonts.googleapis.com/ 		206 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Red%20Hat%20Text:regular,italic,500,500italic,700,700italic|DM%20Serif%20Text:regular,italic|Blinker:100,200,300,regular,600,700,800,900|Aleo:300,300italic,regular,italic,700,700italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Knewave:regular|Palanquin:100,200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Oxygen:300,regular,700|Playfair%20Display:regular,italic,700,700italic,900,900italic|Fira%20Sans:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Abril%20Fatface:regular|Comfortaa:300,regular,500,600,700|Kaushan%20Script:regular|Noto%20Serif:regular,italic,700,700italic|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4fb5a6728876c6bc0b0f87f78fc0885ed75c2f666aec1e4b03eec563ff25927b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 22:01:41 GMT
server
ESF
date
Tue, 15 Jun 2021 22:01:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 22:01:58 GMT
preview.css
b-cloud.b-cdn.net/builds/free/187-cloud/editor/css/ 		199 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/css/preview.css
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
6837891794ae05ddf2b01a8ba1961a0e98729b16db39f21e17963696fa340dc7

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
cdn-edgestorageid
601
x-amz-request-id
YSWXQ2ET00TKJTEK
cdn-cachedat
2021-06-09 20:05:50
cdn-pullzone
246147
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
e5U72VOZaenZihS7RDLKRZf/fZ6VEMt1i8rz+EVqSRlO3riWfON8T52DiriQ/AMx6QacpOjQuz8=
access-control-allow-origin
*
last-modified
Wed, 09 Jun 2021 14:40:51 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestid
1d1631e04d21003f696cd99ab64dbfd7
cdn-requestcountrycode
SE
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/css/preview.css>; rel="canonical"
cdn-requestpullsuccess
True
/
nuevatrailer.xyz/a/1/3/ 		717 KB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.61.15 Moscow, Russian Federation, ASN43317 (FISHNET-AS, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
83cb6dab9b24dda3511dbf20f9557eb3082874321d761ac274df867c861ce640

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
group-jq.js
b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/ 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
369c14c9a8478a90355b409b0093dbfb0fc49c7829fb875d9062c8b5153b9d13

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
cdn-edgestorageid
722
x-amz-request-id
31W6HJ3Y6CMX3F7W
cdn-cachedat
2021-06-09 19:01:36
cdn-pullzone
246147
x-amz-id-2
iWdPjVgnTDfaIW0oLC7D1YZw+9XxqcPJWcC/7m4EpIC62hIloiiwUNGVxl5mtnH3HWFs6bI6diM=
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/js/group-jq.js>; rel="canonical"
last-modified
Wed, 09 Jun 2021 14:43:10 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control
public, max-age=31919000
cdn-requestid
8c967606b05ff6cdda4a14c908286f91
cdn-requestcountrycode
SE
cdn-requestpullsuccess
True
preview.js
b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/preview.js
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
49f6678b8eab6a54be2264fa76ab7db35b687dbb1f1567de8b826cd643f746f2

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
cdn-edgestorageid
601
x-amz-request-id
ZAPNDBYJD072CC9A
cdn-cachedat
2021-06-09 19:23:34
cdn-pullzone
246147
x-amz-id-2
VKWLuq3BjpUX85CE9W2BauoQaSYTuG7yq1PcRZdMLEKJBPuJqzy6OdTPXvVfrqiTW+VSvvLOcnI=
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/js/preview.js>; rel="canonical"
last-modified
Wed, 09 Jun 2021 14:43:10 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control
public, max-age=31919000
cdn-requestid
aa8a826674b6bb702fd1c62df7feeef2
cdn-requestcountrycode
SE
cdn-requestpullsuccess
True
/
nuevatrailer.xyz/a/1/3/location/
Redirect Chain
  • https://nuevatrailer.xyz/a/1/3/location
  • https://nuevatrailer.xyz/a/1/3/location/
1 KB
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nuevatrailer.xyz/a/1/3/location/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
94.242.61.15 Moscow, Russian Federation, ASN43317 (FISHNET-AS, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
11360cdb99dd7364c024ac7b9d67d104d922d28cd54b2f436b594bd44ddbb3ff

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
content-length
424
expires
Tue, 22 Jun 2021 22:01:59 GMT

Redirect headers

location
https://nuevatrailer.xyz/a/1/3/location/
date
Tue, 15 Jun 2021 22:01:59 GMT
server
LiteSpeed
content-length
707
content-type
text/html
geo.json
get.geojs.io/v1/ip/ 		357 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: papaya6847760.brizy.site
URL: https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6836443e64e86cf5ddbae265bf44a17bc8ef8367bce66f416da943438946bda4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
3f0f770df7ab4670c57306cde7bd6e9c-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8osYMg2m%2BgikT9AFu%2FI6woQgM6fWfP9p0gLNPh7RBmJitFSgenfZod6BufQg4TUELC9yncQu1N1QkdO%2FoJo4Kxm6dCafaRPMOzbZ1bP2NVTlHLbVPtBYHRdYBHi7LFdGm6Bmt44%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
65ff1481d9062b1e-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
whos.amung.us/pingjs/ 		30 B
30 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=ujlvf96v7i&t=%F0%9F%94%A5%F0%9F%94%A5ALTA%20GAMA%F0%9F%94%A5%F0%9F%94%A5&x=https://www.facebook.com/yismel12345/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.214 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
282.png
widgets.amung.us/classic/02/
Redirect Chain
  • https://whos.amung.us/widget/black858
  • https://widgets.amung.us/classic/02/282.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/02/282.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38908c670cb95c05c4bc55cd3f4019030b9911b51d7835baa3253f19d4f14994

Request headers

Referer
https://papaya6847760.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:01:59 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
123387
etag
"4c149ecd-5f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
65ff14845dafdfbf-FRA
content-length
1523
expires
Tue, 15 Jun 2021 11:45:32 GMT

Redirect headers

location
https://widgets.amung.us/classic/02/282.png
date
Tue, 15 Jun 2021 22:01:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| jQuery object| BrizyLibs function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt object| to_object string| a function| checking function| creatingInput function| searchingForms

0 Cookies

6 Console Messages

Source Level URL
Text
console-api warning URL: https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js(Line 1)
Message:
jQuery.Deferred exception: Cannot read property 'emit' of undefined TypeError: Cannot read property 'emit' of undefined at HTMLDocument.<anonymous> (https://papaya6847760.brizy.site/?external_id=1cgcaid97c&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=:4:21) at l (https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js:1:31251) at c (https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js:1:31553) undefined
console-api log URL: https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://nuevatrailer.xyz/a/1/3/?api=1&lan=facebooknew&ht=1&counter0=black858(Line 89)
Message:
[object HTMLScriptElement]