facelansd.ubpages.com Open in urlscan Pro
3.69.136.55  Malicious Activity! Public Scan

URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Submission: On December 13 via automatic, source openphish — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 12 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is facelansd.ubpages.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2021. Valid for: a year.
This is the only time facelansd.ubpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 3.69.136.55 16509 (AMAZON-02)
2 13.35.253.50 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
1 3 198.54.126.153 22612 (NAMECHEAP...)
1 2 67.202.114.216 32748 (STEADFAST)
1 34.193.63.26 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 9
Domain Requested by
3 l0v3x.us 1 redirects facelansd.ubpages.com
2 whos.amung.us 1 redirects facelansd.ubpages.com
2 d34qb8suadcc4g.cloudfront.net facelansd.ubpages.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com facelansd.ubpages.com
1 widgets.amung.us
1 get.geojs.io facelansd.ubpages.com
1 events.ub-analytics.com facelansd.ubpages.com
1 facelansd.ubpages.com
12 8

This site contains no links.

Subject Issuer Validity Valid
*.ubpages.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-08 -
2022-08-08
a year crt.sh
*.unbounce.com
Amazon
2021-03-10 -
2022-04-08
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
l0v3x.us
Sectigo RSA Domain Validation Secure Server CA
2021-09-27 -
2022-09-27
a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA
2020-05-21 -
2022-05-21
2 years crt.sh
*.ub-analytics.com
Amazon
2021-05-10 -
2022-06-08
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Frame ID: 099B62B9BDD7DEFCD110013FEA14DA0E
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Log into Facebook | Facebook

Page Statistics

12
Requests

75 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

574 kB
Transfer

1003 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://l0v3x.us/s-a/location HTTP 301
  • https://l0v3x.us/s-a/location/
Request Chain 11
  • https://whos.amung.us/widget/fearless HTTP 307
  • https://widgets.amung.us/classic/00/51.png

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
facelansd.ubpages.com/
4 KB
3 KB
Document
General
Full URL
https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
95537bdf3d28c9cdd389e52043a545aafd3425af33c266c912f8949a0ee814c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 01:00:23 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
d6c6cd38-7c0c-44ae-a1ff-8efd3efaee6b
etag
"a:cbcef0aa9dc3048cdb471551c01093f7"
last-modified
Sat, 11 Dec 2021 19:41:58 GMT
x-unbounce-visitorid
f69a5ba2-9e1b-4fa8-9b07-c5cedd80c8e5
x-unbounce-variant
a
content-location
https://facelansd.ubpages.com/
link
<https://facelansd.ubpages.com/>; rel="canonical"
content-encoding
gzip
x-proxy-backend
page-server
connection
close
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
26869686
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
pCB2ekUlDpw08aF4pzfieIQ8lOWHC8Kh16hcQgcEcfSmE0Q1a4pt-g==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ba00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
19354906
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
Vlz6o_ahIOxbbJY3bx2UQTh4RBUY7n-xtVqGeyYo4XGep-SZAePCUQ==
/
l0v3x.us/s-a/
718 KB
500 KB
Script
General
Full URL
https://l0v3x.us/s-a/?api=1&lan=facebooknew&ht=1
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.126.153 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium4-1.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
802192e37da7c2c69e384c66eca7561614fb9449689e96a04d80a036b83db92e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 01:00:24 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
whos.amung.us/pingjs/
28 B
28 B
Image
General
Full URL
https://whos.amung.us/pingjs/?k=fearlessa&t=%20%20Working%20to%20the%20Moon%20&x=https://www.cometeesta.com/
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:00:23 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
main.bundle-fed11df.z.js
builder-assets.unbounce.com/published-js/
102 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-50.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 06 May 2021 20:57:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:27:02 GMT
server
AmazonS3
age
19022602
etag
"02427a0829fed4e24e9864e2f6f1d669"
x-cache
Hit from cloudfront
x-amz-version-id
PY5jXkWzij7RMiymy035twJKn1QV7eth
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33154
x-amz-cf-id
KvDWo92nomOoL3rGIWVfHK_vfdFPh_C94mDcLH-frxhIwZ8Omwizog==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ba00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
24457189
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
7Chm0iKH9sAuNJFj0sXqLcD8OyU8JhTDmoyxmbV45XpR2oEbQIMQkw==
0281c665-0609-432b-ad5b-c200cf572288
https://facelansd.ubpages.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://facelansd.ubpages.com/0281c665-0609-432b-ad5b-c200cf572288
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
i
events.ub-analytics.com/
43 B
245 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1639357223755&e=pv&url=https%3A%2F%2Ffacelansd.ubpages.com%2F%3Ffbclid%3DIwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=9b042fa4-9af1-4b07-9bc4-ab78771f0bb0&dtm=1639357223754&vp=1600x1200&ds=1600x1200&vid=1&sid=26d34a0f-8d19-40a2-90cb-11f9133fd809&duid=f0ac2370-44a8-4de1-b72d-5ae6a7935e91&uid=f69a5ba2-9e1b-4fa8-9b07-c5cedd80c8e5&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDZjNmNkMzgtN2MwYy00NGFlLWExZmYtOGVmZDNlZmFlZTZiIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.63.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-63-26.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 01:00:24 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
/
l0v3x.us/s-a/location/
Redirect Chain
  • https://l0v3x.us/s-a/location
  • https://l0v3x.us/s-a/location/
1 KB
658 B
Script
General
Full URL
https://l0v3x.us/s-a/location/
Protocol
H2
Server
198.54.126.153 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium4-1.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
d964244aacd605f252dc3e815ecfd0d5aa910fcd659064b913da2cbe32407dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:00:25 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
content-length
437
expires
Mon, 20 Dec 2021 01:00:25 GMT

Redirect headers

location
https://l0v3x.us/s-a/location/
date
Mon, 13 Dec 2021 01:00:25 GMT
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
707
content-type
text/html
geo.json
get.geojs.io/v1/ip/
314 B
967 B
XHR
General
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: facelansd.ubpages.com
URL: https://facelansd.ubpages.com/?fbclid=IwAR0ygGfwWg9JGAG7TOdSasDRvdKPC5oH45RFvntOp-zynAhPCfWdS_k0ZTs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
747c40e1d678d5472826912c0d17a077e41fa017ef215eb1f740f8af6bf78c81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
ce01578b9e0d38f674e5d1f551244e52-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkNK85G7wv5n6fDhtr4hHc0ttkS0iGCnhPqTWknlWJhKv%2F6K7r6L7WhssSqCIK2e%2FbEMmqGaAjJivLjTA1RvGzwPjwiz90jJhBBQmJKE3v3nZbvXgbV4QI6%2Beu0oSU8aRD%2FmNyx%2FzRt96Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
6bcb4161ed344a68-FRA
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
51.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/fearless
  • https://widgets.amung.us/classic/00/51.png
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/classic/00/51.png
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
864915b9f3915970b805a67155c42548e41af00c2021da4bfdcd56bda49affbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facelansd.ubpages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 01:00:25 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
133871
etag
"4c149ecd-5c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6bcb4162996d692e-FRA
content-length
1479
expires
Sun, 12 Dec 2021 11:49:14 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/51.png
date
Mon, 13 Dec 2021 01:00:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
truncated
/
51 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| ub object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt object| to_object string| a function| checking function| creatingInput function| searchingForms

3 Cookies

Domain/Path Name / Value
facelansd.ubpages.com/ Name: ubpv
Value: a%2Cd6c6cd38-7c0c-44ae-a1ff-8efd3efaee6b
facelansd.ubpages.com/ Name: ubvs
Value: f69a5ba2-9e1b-4fa8-9b07-c5cedd80c8e5
.ubpages.com/ Name: ubvt
Value: f69a5ba2-9e1b-4fa8-9b07-c5cedd80c8e5