Submitted URL: https://viewvibes.xyz/#ce
Effective URL: https://www.fb-accountscenter.com/UCritVAp
Submission Tags: 0xscam
Submission: On June 20 via api from US — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 91.92.253.193, located in Bulgaria and belongs to LIMENET, US. The main domain is www.fb-accountscenter.com.
TLS certificate: Issued by R10 on June 19th 2024. Valid for: 3 months.
This is the only time www.fb-accountscenter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 31.220.111.157 47583 (AS-HOSTINGER)
2 91.92.253.193 394711 (LIMENET)
1 2 104.17.3.184 13335 (CLOUDFLAR...)
3 104.19.229.21 13335 (CLOUDFLAR...)
1 104.17.2.184 13335 (CLOUDFLAR...)
9 5
Apex Domain
Subdomains
Transfer
3 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 9051
newassets.hcaptcha.com — Cisco Umbrella Rank: 7135
108 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
2 fb-accountscenter.com
www.fb-accountscenter.com
28 KB
2 viewvibes.xyz
viewvibes.xyz
2 KB
9 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects www.fb-accountscenter.com
challenges.cloudflare.com
2 newassets.hcaptcha.com js.hcaptcha.com
2 www.fb-accountscenter.com
2 viewvibes.xyz
1 js.hcaptcha.com www.fb-accountscenter.com
9 5

This site contains no links.

Subject Issuer Validity Valid
localhost
localhost
2004-10-01 -
2010-09-30
6 years crt.sh
www.fb-accountscenter.com
R10
2024-06-19 -
2024-09-17
3 months crt.sh
hcaptcha.com
E1
2024-05-12 -
2024-08-10
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.fb-accountscenter.com/UCritVAp
Frame ID: 08EB722B286462750B73EDC112C581DA
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wllwa/0x4AAAAAAAc4Hl_vvYxUUzqN/auto/normal
Frame ID: DC7C4A345A898B3F7DEC756A7F5B81FB
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3f5d589/static/hcaptcha.html
Frame ID: 1ECF7DFACFA84EC59B559E6109DC1B57
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3f5d589/static/hcaptcha.html
Frame ID: 522888EA8EF9327914BD9B6EEF7BE42A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://viewvibes.xyz/ Page URL
  2. https://www.fb-accountscenter.com/UCritVAp Page URL

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

153 kB
Transfer

449 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://viewvibes.xyz/ Page URL
  2. https://www.fb-accountscenter.com/UCritVAp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
viewvibes.xyz/
500 B
784 B
Document
General
Full URL
https://viewvibes.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.220.111.157 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv540566.hstgr.cloud
Software
Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1 / PHP/8.2.12
Resource Hash
53de2220c6efc914e02ffa08545aed4de2ed4232b6f6ac4e4303a78b39f4f178

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Length
500
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jun 2024 20:27:43 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1
X-Powered-By
PHP/8.2.12
Primary Request UCritVAp
www.fb-accountscenter.com/
20 KB
21 KB
Document
General
Full URL
https://www.fb-accountscenter.com/UCritVAp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.92.253.193 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
/
Resource Hash
0f1a61429fa7b4d559dff3beede8cc61aad8e6aa22f43428c3bdb1877f078a35

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://viewvibes.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
favicon.ico
viewvibes.xyz/
1 KB
2 KB
Other
General
Full URL
https://viewvibes.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.220.111.157 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv540566.hstgr.cloud
Software
Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://viewvibes.xyz/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 20:27:43 GMT
Server
Apache/2.4.58 (Unix) OpenSSL/1.1.1w PHP/8.2.12 mod_perl/2.0.12 Perl/v5.34.1
Vary
accept-language,accept-charset
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Language
en
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
42 KB
14 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Requested by
Host: www.fb-accountscenter.com
URL: https://www.fb-accountscenter.com/UCritVAp
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.fb-accountscenter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 20:27:44 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 17:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
896e80513c006402-LHR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 20 Jun 2024 20:27:44 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c7e29c8c8b6e/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
896e8050bb1d6402-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
api.js
js.hcaptcha.com/1/
380 KB
108 KB
Script
General
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: www.fb-accountscenter.com
URL: https://www.fb-accountscenter.com/UCritVAp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098eddc15f40be1ff08b9021a4c890f1b5046e8b595776f6efabbfe28be0b4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fb-accountscenter.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 20:27:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110291
server
cloudflare
etag
"97bf447d6c18defde6bcbd3bd62ca001"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
cf-ray
896e8050abbd9574-LHR
expires
Thu, 04 Jul 2024 20:27:44 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wllwa/0x4AAAAAAAc4Hl_vvYxUUzqN/auto/ Frame DC7C
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/wllwa/0x4AAAAAAAc4Hl_vvYxUUzqN/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.fb-accountscenter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
896e80522c06412e-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 20:27:44 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3f5d589/static/ Frame 1ECF
0
0
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/3f5d589/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.fb-accountscenter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
896e80528d2893f1-LHR
content-encoding
br
content-type
text/html
date
Thu, 20 Jun 2024 20:27:44 GMT
expires
Thu, 04 Jul 2024 20:27:44 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3f5d589/static/ Frame 5228
0
0
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/3f5d589/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.fb-accountscenter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
896e80528d2893f1-LHR
content-encoding
br
content-type
text/html
date
Thu, 20 Jun 2024 20:27:44 GMT
expires
Thu, 04 Jul 2024 20:27:44 GMT
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
favicon.ico
www.fb-accountscenter.com/
5 KB
8 KB
Other
General
Full URL
https://www.fb-accountscenter.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.92.253.193 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
/
Resource Hash
88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fb-accountscenter.com/UCritVAp
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 20 Jun 2024 20:27:44 GMT
Document-Policy
force-load-at-top
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Reporting-Endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382684844789754679", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
Pragma
no-cache
X-Fb-Debug
mGM5Ea61svsilt4brPKTyD3NWDRLBugc6811gm2tx4yHMbfX4yiTovD4fKWgxHz7ajTh7DkWTOxTzU36ZVYVjg==
Cross-Origin-Embedder-Policy-Report-Only
require-corp;report-to="coep_report"
Cross-Origin-Opener-Policy
same-origin-allow-popups;report-to="coop_report"
Vary
Accept-Encoding
Report-To
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382684844789754679"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
Content-Type
image/png
Origin-Agent-Cluster
?0
Cache-Control
private, no-cache, no-store, must-revalidate
Permissions-Policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| verifyCallback_CF function| verifyCallback_hCaptcha function| validateElement function| refreshCallBack function| switchToSecondCaptcha function| onloadTurnstileCallback function| incrementLoader object| turnstile object| Raven object| hcaptcha object| grecaptcha number| ticker

2 Cookies

Domain/Path Name / Value
.fb-accountscenter.com/ Name: myKP
Value: 7c4385ad3b1968c5f60961ca38b135cd2d6abfeb25f2c8c51b4a381bc4ef8399
api2.hcaptcha.com/ Name: __cflb
Value: 04dTobrcPfCH2Cv1uxYioAFTikqddqvbrqgJH3uojK

1 Console Messages

Source Level URL
Text
network error URL: https://viewvibes.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)