newall.ubpages.com Open in urlscan Pro
172.64.146.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newall.ubpages.com/overview-tw-1/
Submission: On April 20 via api (April 20th 2024, 12:38:52 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 172.64.146.119, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is newall.ubpages.com.
TLS certificate: Issued by E1 on April 4th 2024. Valid for: 3 months.

This is the only time newall.ubpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.64.146.119 172.64.146.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.14 13.224.189.14	16509 (AMAZON-02) (AMAZON-02)
5	3.160.156.17 3.160.156.17	16509 (AMAZON-02) (AMAZON-02)
12	4

5 172.64.146.119 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newall.ubpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.160.156.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-17.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudfront.net d9hhrg4mnvzow.cloudfront.net	5 KB
5	ubpages.com 1 redirects newall.ubpages.com	22 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 22871	43 KB
12	3

	Domain	Requested by
5	d9hhrg4mnvzow.cloudfront.net	newall.ubpages.com
5	newall.ubpages.com	1 redirects newall.ubpages.com
2	builder-assets.unbounce.com	newall.ubpages.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
ubpages.com E1	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://newall.ubpages.com/overview-tw-1/
Frame ID: 617CFD44B46FB6476117167E1CF585D5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook

Page URL History Show full URLs

https://newall.ubpages.com/overview-tw-1 HTTP 301
https://newall.ubpages.com/overview-tw-1/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

70 kB
Transfer

227 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newall.ubpages.com/overview-tw-1 HTTP 301
https://newall.ubpages.com/overview-tw-1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newall.ubpages.com/overview-tw-1/ Redirect Chain https://newall.ubpages.com/overview-tw-1 https://newall.ubpages.com/overview-tw-1/	36 KB 6 KB	77ms 77ms	Document text/html	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e24da892d94fdec7ba6c3ab7befc73ad445e588522f96efd6a54ae18510df2a8` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 877112d4089858de-TXL content-encoding br content-location https://newall.ubpages.com/overview-tw-1/ content-type text/html; charset=utf-8 date Sat, 20 Apr 2024 00:38:47 GMT etag W/"a:68a4eae01ebc44e09c0b7a66f9e01164" link <https://newall.ubpages.com/overview-tw-1/>; rel="canonical" server cloudflare x-unbounce-pageid c30633a0-fdf6-11ee-ac40-de7fb5e8f765 x-unbounce-variant a x-unbounce-visitorid 68a4eae0-1ebc-44e0-9c0b-7a66f9e01164 Redirect headers cf-cache-status DYNAMIC cf-ray 877112d35f9758de-TXL content-length 0 date Sat, 20 Apr 2024 00:38:47 GMT location /overview-tw-1/ server cloudflare
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	135ms 38ms	Stylesheet text/css	13.224.189.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-14.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 20 Dec 2023 02:43:46 GMT content-encoding gzip via 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront) x-amz-version-id GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW x-amz-cf-pop FRA2-C1 age 10533302 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2902 last-modified Fri, 15 Dec 2023 17:54:33 GMT server AmazonS3 etag "65d94e355664eb0c202cee7db35a61b5" content-type text/css cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id wf180LbX8fsFWu2jfQwU-HO_EYsSZn7utNwqj6yxSRPRHxY-6txxQw==
GET H2	200	b907c51d6869e69d8a396f17f7ba15905e81aff2.js Show response newall.ubpages.com/_ub/static/ts/	43 KB 15 KB	50ms 50ms	Script application/javascript	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 20 Apr 2024 00:38:47 GMT content-encoding br via 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront) x-amz-version-id TThSs9K50fISFfh18X9t.nFN4cUMwlpR cf-cache-status HIT x-amz-cf-pop FRA56-C2 age 99929 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 27 Mar 2024 15:44:09 GMT server cloudflare etag W/"7b3939265cdcbe6834a9c54d2dfcdfa2" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 877112d4f9dc58de-TXL x-amz-cf-id GWxvcMe1Fc0bXqwZDHG5Si6ubo68Pwm2tZZW-Shz7kp4Acgrygw2hQ== expires Sun, 20 Apr 2025 00:38:47 GMT
GET H2	200	main.bundle-c3f2a09.z.js Show response builder-assets.unbounce.com/published-js/	125 KB 39 KB	84ms 44ms	Script application/javascript	13.224.189.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-14.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 18:05:43 GMT content-encoding gzip via 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront) x-amz-version-id 0jCnCAYc2yatVAXrOQkKsboLCamv4Y6y x-amz-cf-pop FRA2-C1 age 1233185 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 39961 last-modified Fri, 05 Apr 2024 17:38:36 GMT server AmazonS3 etag "8fde982b1747f0bf4dfb1b44d385c019" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id 4DId_5hWylN4Si2rBFEyIdu5_P850uiP5sYoR0jQ7yM6c0lNesb3jA==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	i newall.ubpages.com/_ub/	2 B 189 B	431ms 430ms	Ping text/plain	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/_ub/i Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sat, 20 Apr 2024 00:38:48 GMT cf-cache-status DYNAMIC server cloudflare content-type text/plain; charset=UTF-8 access-control-allow-origin https://newall.ubpages.com p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true cf-ray 877112d5fb3458de-TXL content-length 2
GET BLOB	200 OK	afd7fd5a-00ba-43a8-81ca-bbfa8d334c41 https://newall.ubpages.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://newall.ubpages.com/afd7fd5a-00ba-43a8-81ca-bbfa8d334c41 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 5427 Content-Type text/css
GET H2	200	8ol4gj-11111_107501d000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	2 KB 2 KB	130ms 42ms	Image image/png	3.160.156.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/8ol4gj-11111_107501d000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.156.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-156-17.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 03:02:17 GMT x-amz-version-id _YRsDDu0F1y7z9I3LvjkYxNCTbZ9GIUP via 1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 77792 etag "0366bc9d507764fa9984c28adedd5862" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 1801 x-amz-cf-id WJe3SbHMlLx2uIoUb4lBAKNS4PZd82N-EeQD1FGr9_tT8QqmTQO7xQ==
GET H2	200	f7p8cj--_10a0003000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	97 B 514 B	133ms 46ms	Image image/png	3.160.156.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/f7p8cj--_10a0003000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.156.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-156-17.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 03:02:17 GMT x-amz-version-id 1qAD6sSge_RpyF6IZAc1ndrwNHppbgDK via 1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 77792 etag "1221bcc453459e2dfe0f7e3552088838" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 97 x-amz-cf-id jTih3kWH7V0mZJvigX0UNgw65dI8KhlANgzHuuCj6Y7yB1Ennw8rBw==
GET H2	200	jrahnk-untitled_100t00j000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	259 B 677 B	132ms 45ms	Image image/png	3.160.156.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/jrahnk-untitled_100t00j000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.156.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-156-17.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 03:02:17 GMT x-amz-version-id E.RdeSIYJoyW7UWynMlpRjftm_PSyaKU via 1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 77792 etag "7dc58655100a9b1337a276f78b855556" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 259 x-amz-cf-id cod3E3uWocqO7Hb2p2onPT_3DD7aPPUponIUj2pm1_7FekMOtErOIQ==
GET H2	200	1u02xza-xd_100d00d000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	227 B 647 B	131ms 44ms	Image image/png	3.160.156.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/1u02xza-xd_100d00d000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.156.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-156-17.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 03:02:17 GMT x-amz-version-id 7qwGKC7tkPs1rfPgDJcx6hlfHiHlC2RI via 1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 77792 etag "b15353fe5729359a2ef0e7b25b685ba4" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 227 x-amz-cf-id ewdZjjJEybw-HjokCbiHpUlmsZE_TPuLoTpugCxMrG-4ZyXgzY6r1w==
GET H2	200	159phi5-thong-bao_10aw01e000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	498 B 916 B	130ms 43ms	Image image/png	3.160.156.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/159phi5-thong-bao_10aw01e000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.156.17 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-156-17.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `fa8788b62b8517f70776037cddfd9d29f43310817ed8ba258bf1dacc5ae73d67` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 03:02:17 GMT x-amz-version-id CeNeB_LP7BHdb1xoFWpUcnSXCMmrZ4YV via 1.1 a991dcd8f589d8cb7c64929ec2a499b2.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P7 age 77792 etag "faa98931af3d976ca0026b8948df460a" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 498 x-amz-cf-id kfO3zj_3x3yxii4u-coWSixb1sG5Hmykz7zhJiaZxH_i4bl8vEL72Q==
GET H2	404	favicon.ico newall.ubpages.com/	47 B 132 B	42ms 42ms	Other text/html	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 20 Apr 2024 00:38:48 GMT server cloudflare cf-ray 877112d6fcc358de-TXL content-length 47 vary Accept-Encoding content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newall.ubpages.com/overview-tw-1/	1970-01-21 00:24:31	Name: ubpv Value: a%2Cc30633a0-fdf6-11ee-ac40-de7fb5e8f765
.ubpages.com/	1970-01-20 19:59:35	Name: __cf_bm Value: vBZzaZRNF8b84sg3F5qD_xf7UTWMjwzkl8TGngiAM8U-1713573527-1.0.1.1-tIFBqhZUSD76_tVjt3wBiSkbSFjGpjBGDhk1TSOybzu7SL136swGOZXwINx3HXb4H8MH_8iVuEzxOTJnKOTObg
newall.ubpages.com/	1970-01-21 00:18:45	Name: ubvs Value: 68a4eae0-1ebc-44e0-9c0b-7a66f9e01164
.ubpages.com/	1970-01-20 20:03:52	Name: ubvt Value: v2%7C68a4eae0-1ebc-44e0-9c0b-7a66f9e01164%7Cc30633a0-fdf6-11ee-ac40-de7fb5e8f765%3Aa%3Asingle

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newall.ubpages.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
newall.ubpages.com
13.224.189.14
172.64.146.119
3.160.156.17
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
e24da892d94fdec7ba6c3ab7befc73ad445e588522f96efd6a54ae18510df2a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596
fa8788b62b8517f70776037cddfd9d29f43310817ed8ba258bf1dacc5ae73d67

newall.ubpages.com Open in urlscan Pro 172.64.146.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

70 kBTransfer

227 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

newall.ubpages.com Open in urlscan Pro
172.64.146.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

70 kB
Transfer

227 kB
Size

4
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!