urlscan.io logo urlscan.io
SecurityTrails logo

watermelon6846332.brizy.site Open in urlscan Pro
34.237.47.210  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tlx003.gay/wMnYFJ9W
Effective URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_...
Submission: On June 16 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 34.237.47.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is watermelon6846332.brizy.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 1st 2020. Valid for: 2 years.
This is the only time watermelon6846332.brizy.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 1 46.227.71.75 42675 (OBEHOSTIN...)
1 34.237.47.210 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 89.187.169.26 60068 (CDN77 (^_^)/)
2 45.84.205.59 47583 (AS-HOSTINGER)
1 2 67.202.114.214 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 7
1    46.227.71.75 (Stockholm, Sweden)

ASN42675 (OBEHOSTING Obehosting AB, SE)
PTR: sityduty.de
tlx003.gay
1    34.237.47.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-47-210.compute-1.amazonaws.com
watermelon6846332.brizy.site
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: edge-657.bunnyinfra.net
b-cloud.b-cdn.net
2    45.84.205.59 (Germany)

ASN47583 (AS-HOSTINGER, CY)
tulile858d.xyz
2    67.202.114.214 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
Domain Requested by
3 b-cloud.b-cdn.net watermelon6846332.brizy.site
2 whos.amung.us 1 redirects
2 tulile858d.xyz watermelon6846332.brizy.site
1 widgets.amung.us
1 fonts.googleapis.com watermelon6846332.brizy.site
1 watermelon6846332.brizy.site
1 tlx003.gay 1 redirects
9 7

This site contains no links.

Subject Issuer Validity Valid
*.brizy.site
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2022-04-18		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
tulile858d.xyz
R3		 2021-06-10 -
2021-09-08		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Frame ID: DF849D8CFF2638571DDE8FEE4040BBE7
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tlx003.gay/wMnYFJ9W HTTP 302
    https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

9
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

600 kB
Transfer

1333 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tlx003.gay/wMnYFJ9W HTTP 302
    https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://whos.amung.us/widget/l4v5xakml3 HTTP 307
  • https://widgets.amung.us/classic/00/4.png

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
watermelon6846332.brizy.site/
Redirect Chain
  • https://tlx003.gay/wMnYFJ9W
  • https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.47.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-47-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfbe69817b0b7c19471f2e0daf9bbc1bc081a41feb9db527a4d0422be10179a5

Request headers

:method
GET
:authority
watermelon6846332.brizy.site
:scheme
https
:path
/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 16 Jun 2021 10:16:29 GMT
content-type
text/html; charset=UTF-8
content-length
1260
x-brizy-preview
1
vary
Accept-Encoding
content-encoding
gzip
x-varnish
36615575 34802375
age
74411
via
1.1 varnish-v4
x-cache
HIT
x-cache-hits
5759
pragma
no-cache
expires
-1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes

Redirect headers

Server
nginx
Date
Wed, 16 Jun 2021 10:16:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Wed, 16 Jun 2021 10:16:29 GMT
Location
https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Pragma
no-cache
Set-Cookie
_subid=1qrcih0fifb;Expires=Saturday, 17-Jul-2021 10:16:29 GMT;Max-Age=2678400;Path=/ _token=uuid_1qrcih0fifb_1qrcih0fifb60c9cf7d7380f6.11475428;Expires=Saturday, 17-Jul-2021 10:16:29 GMT;Max-Age=2678400;Path=/ a5bf2=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMzODY1XCI6MTYyMzgzODU4OX0sXCJjYW1wYWlnbnNcIjp7XCIxNjkzMlwiOjE2MjM4Mzg1ODl9LFwidGltZVwiOjE2MjM4Mzg1ODl9In0._d0dk1ljryhah_ZEkMFH9QKdtUh8WQYiCqQnsLihUzA;Expires=Wednesday, 30-Nov-2072 20:32:58 GMT;Max-Age=1623924989;Path=/
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
css
fonts.googleapis.com/ 		206 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:100,100italic,200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Red%20Hat%20Text:regular,italic,500,500italic,700,700italic|DM%20Serif%20Text:regular,italic|Blinker:100,200,300,regular,600,700,800,900|Aleo:300,300italic,regular,italic,700,700italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Knewave:regular|Palanquin:100,200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Oxygen:300,regular,700|Playfair%20Display:regular,italic,700,700italic,900,900italic|Fira%20Sans:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Abril%20Fatface:regular|Comfortaa:300,regular,500,600,700|Kaushan%20Script:regular|Noto%20Serif:regular,italic,700,700italic|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4fb5a6728876c6bc0b0f87f78fc0885ed75c2f666aec1e4b03eec563ff25927b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 10:16:29 GMT
server
ESF
date
Wed, 16 Jun 2021 10:16:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Jun 2021 10:16:29 GMT
preview.css
b-cloud.b-cdn.net/builds/free/187-cloud/editor/css/ 		199 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/css/preview.css
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-657.bunnyinfra.net
Software
BunnyCDN-DE1-657 /
Resource Hash
6837891794ae05ddf2b01a8ba1961a0e98729b16db39f21e17963696fa340dc7

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:16:29 GMT
content-encoding
br
cdn-edgestorageid
657
x-amz-request-id
YCGYY6MQT2TC0A0P
cdn-cachedat
2021-06-10 10:22:22
cdn-pullzone
246147
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
iaPbvMS6gBJWlDLsnPo6nFWBpB6dUJ+fJJVclOWYYacGt7bUke9AIsx7g8pMDqu6gXFoCavuDL0=
access-control-allow-origin
*
last-modified
Wed, 09 Jun 2021 14:40:51 GMT
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestid
26241fbbdd7299ceedf19e1070a37823
cdn-requestcountrycode
DE
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/css/preview.css>; rel="canonical"
cdn-requestpullsuccess
True
/
tulile858d.xyz/ 		716 KB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.84.205.59 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.16
Resource Hash
81b65fd3b1a2c8fe3f9749784da132a2fb6d7c7cdd6df550374dc53873feaff3

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Jun 2021 10:16:29 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.16
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
group-jq.js
b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/ 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-657.bunnyinfra.net
Software
BunnyCDN-DE1-657 /
Resource Hash
369c14c9a8478a90355b409b0093dbfb0fc49c7829fb875d9062c8b5153b9d13

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:16:29 GMT
content-encoding
br
cdn-edgestorageid
657
x-amz-request-id
H6QJAJMC5JWBJSBN
cdn-cachedat
2021-06-10 12:16:17
cdn-pullzone
246147
x-amz-id-2
dkDnXR7vI5t3Nm+zbfzzE25WoV0Pr9iOwvmfd+fycfUVHOXnOqwv4Gp6iN9CkO83UsfoCQ2MDAE=
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/js/group-jq.js>; rel="canonical"
last-modified
Wed, 09 Jun 2021 14:43:10 GMT
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control
public, max-age=31919000
cdn-requestid
67a8507de0d97a976dc7654fc8543d46
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
preview.js
b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/preview.js
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
edge-657.bunnyinfra.net
Software
BunnyCDN-DE1-657 /
Resource Hash
49f6678b8eab6a54be2264fa76ab7db35b687dbb1f1567de8b826cd643f746f2

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:16:29 GMT
content-encoding
br
cdn-edgestorageid
657
x-amz-request-id
MB9NT1NYRNM0FRAW
cdn-cachedat
2021-06-09 19:21:21
cdn-pullzone
246147
x-amz-id-2
z8QE6XzCJHxcw3P5uDO7fZ9P6/luwSBiFWQepShJDJRj+KThjoMx4WcsIaldT8lqBd0Cwkt8h6M=
link
<https://s3.amazonaws.com/brizy.cloud/builds/free/187-cloud/editor/js/preview.js>; rel="canonical"
last-modified
Wed, 09 Jun 2021 14:43:10 GMT
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cache-control
public, max-age=31919000
cdn-requestid
62db5de15e9464110f8945f2bb6a6772
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
location
tulile858d.xyz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tulile858d.xyz/location
Requested by
Host: watermelon6846332.brizy.site
URL: https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.84.205.59 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
whos.amung.us/pingjs/ 		28 B
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=l4v5xakml3&t=%F0%9F%94%A5%F0%9F%94%A5ALTA%20GAMA%F0%9F%94%A5%F0%9F%94%A5&x=https://www.facebook.com/yismel12345/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.214 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:16:30 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
4.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/l4v5xakml3
  • https://widgets.amung.us/classic/00/4.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/00/4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d31b73fe11c22ace4b7e97af68f215e8451ab985c460908d83db01c7533e08

Request headers

Referer
https://watermelon6846332.brizy.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:16:30 GMT
cf-cache-status
HIT
age
15694
content-length
1395
cf-request-id
0ab5eb9e1f0000175a10b58000000001
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
etag
"4c149ecd-573"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
660348769ab4175a-FRA
expires
Thu, 17 Jun 2021 05:54:56 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/4.png
date
Wed, 16 Jun 2021 10:16:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| jQuery object| BrizyLibs boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt object| to_object string| a

0 Cookies

7 Console Messages

Source Level URL
Text
console-api warning URL: https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js(Line 1)
Message:
jQuery.Deferred exception: Cannot read property 'emit' of undefined TypeError: Cannot read property 'emit' of undefined at HTMLDocument.<anonymous> (https://watermelon6846332.brizy.site/?external_id=1qrcih0fifb&source=&ad_campaign_id=&creative_id=&sub_id_1=&sub_id_2=&sub_id_3=&sub_id_4=&sub_id_5=&sub_id_6=&sub_id_7=&sub_id_8=&s=:4:21) at l (https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js:1:31251) at c (https://b-cloud.b-cdn.net/builds/free/187-cloud/editor/js/group-jq.js:1:31553) undefined
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]
console-api log URL: https://tulile858d.xyz/?api=1&lan=facebooknew&ht=2&counter0=l4v5xakml3(Line 71)
Message:
[object HTMLScriptElement]