newall.ubpages.com Open in urlscan Pro
172.64.146.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newall.ubpages.com/overview-tw-1/
Submission: On April 21 via manual (April 21st 2024, 6:17:30 am UTC) from CA — Scanned from CA

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 172.64.146.119, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is newall.ubpages.com.
TLS certificate: Issued by E1 on April 4th 2024. Valid for: 3 months.

This is the only time newall.ubpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.64.146.119 172.64.146.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.238.4.71 18.238.4.71	16509 (AMAZON-02) (AMAZON-02)
5	13.224.208.18 13.224.208.18	16509 (AMAZON-02) (AMAZON-02)
12	4

5 172.64.146.119 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newall.ubpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-71.phl51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.208.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-18.phl50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudfront.net d9hhrg4mnvzow.cloudfront.net	5 KB
5	ubpages.com 1 redirects newall.ubpages.com	22 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 22871	43 KB
12	3

	Domain	Requested by
5	d9hhrg4mnvzow.cloudfront.net	newall.ubpages.com
5	newall.ubpages.com	1 redirects newall.ubpages.com
2	builder-assets.unbounce.com	newall.ubpages.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
ubpages.com E1	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://newall.ubpages.com/overview-tw-1/
Frame ID: 780D0E3E33307A0CC9D267CA5AD5A785
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook

Page URL History Show full URLs

https://newall.ubpages.com/overview-tw-1 HTTP 301
https://newall.ubpages.com/overview-tw-1/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

69 kB
Transfer

227 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newall.ubpages.com/overview-tw-1 HTTP 301
https://newall.ubpages.com/overview-tw-1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response newall.ubpages.com/overview-tw-1/ Redirect Chain https://newall.ubpages.com/overview-tw-1 https://newall.ubpages.com/overview-tw-1/	36 KB 6 KB	73ms 73ms	Document text/html	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41befe423f328daa09a8e3c42ba4eacd7bd3543d2a10184309b8d1282d7b3697` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 877b403d7e8936d4-YYZ content-encoding br content-location https://newall.ubpages.com/overview-tw-1/ content-type text/html; charset=utf-8 date Sun, 21 Apr 2024 06:17:25 GMT etag W/"a:29320b48b1dc4242a6809235c5961395" link <https://newall.ubpages.com/overview-tw-1/>; rel="canonical" server cloudflare x-unbounce-pageid c30633a0-fdf6-11ee-ac40-de7fb5e8f765 x-unbounce-variant a x-unbounce-visitorid 29320b48-b1dc-4242-a680-9235c5961395 Redirect headers cf-cache-status DYNAMIC cf-ray 877b403cadf036d4-YYZ content-length 0 date Sun, 21 Apr 2024 06:17:25 GMT location /overview-tw-1/ server cloudflare
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	322ms 97ms	Stylesheet text/css	18.238.4.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-71.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash `7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 09:29:06 GMT content-encoding gzip via 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront) x-amz-version-id mFW9LLvQ8mydqn6jpbrpx4VqiAoDRALO x-amz-cf-pop PHL51-P1 age 2062100 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2902 last-modified Wed, 27 Mar 2024 21:23:00 GMT server AmazonS3 etag "0b727c29f7444e78220ac8b97dc5f5e7" content-type text/css cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id kp3zTPWiz9dfD6JLOopG9IuxqyqQ0yWBWPd7K0-rMEoJ2GczOJS99w==
GET H2	200	b907c51d6869e69d8a396f17f7ba15905e81aff2.js Show response newall.ubpages.com/_ub/static/ts/	43 KB 15 KB	67ms 66ms	Script application/javascript	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:25 GMT content-encoding br via 1.1 c25a49ac620ee5012d86873dd02999aa.cloudfront.net (CloudFront) x-amz-version-id TThSs9K50fISFfh18X9t.nFN4cUMwlpR cf-cache-status MISS x-amz-cf-pop YTO50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 27 Mar 2024 15:44:09 GMT server cloudflare etag W/"7b3939265cdcbe6834a9c54d2dfcdfa2" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 877b403dfef136d4-YYZ x-amz-cf-id CTG5cL7kwHKrCeDmUDuImiy8tyKAJ37rpbaBhU3k7tUVs3ffVa5e3g== expires Mon, 21 Apr 2025 06:17:25 GMT
GET H2	200	main.bundle-c3f2a09.z.js Show response builder-assets.unbounce.com/published-js/	125 KB 39 KB	255ms 104ms	Script application/javascript	18.238.4.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.4.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-71.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash `c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 18:09:05 GMT content-encoding gzip via 1.1 1f8f39239caa9483a95872353afdef00.cloudfront.net (CloudFront) x-amz-version-id 0jCnCAYc2yatVAXrOQkKsboLCamv4Y6y x-amz-cf-pop PHL51-P1 age 1339701 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 39961 last-modified Fri, 05 Apr 2024 17:38:36 GMT server AmazonS3 etag "8fde982b1747f0bf4dfb1b44d385c019" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id ckCkH5X9dNgCSNHI-RaUQDsYMDJ8A3OuvkWV39WwDHueLSWIZNeWtQ==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	i newall.ubpages.com/_ub/	2 B 190 B	123ms 121ms	Ping text/plain	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/_ub/i Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sun, 21 Apr 2024 06:17:25 GMT cf-cache-status DYNAMIC server cloudflare content-type text/plain; charset=UTF-8 access-control-allow-origin https://newall.ubpages.com p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true cf-ray 877b404058b836d4-YYZ content-length 2
GET BLOB	200 OK	9444014e-25ed-46c2-8d99-6aad899480f9 https://newall.ubpages.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://newall.ubpages.com/9444014e-25ed-46c2-8d99-6aad899480f9 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc` Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 5427 Content-Type text/css
GET H2	200	8ol4gj-11111_107501d000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	2 KB 2 KB	445ms 241ms	Image image/png	13.224.208.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/8ol4gj-11111_107501d000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.208.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-208-18.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash `250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:27 GMT x-amz-version-id _YRsDDu0F1y7z9I3LvjkYxNCTbZ9GIUP via 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 etag "0366bc9d507764fa9984c28adedd5862" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 1801 x-amz-cf-id w1hzMWQLIhM4vW66Zfh1JhPL-3vwlrtphIst0qhGwb1MjCz0IirU-w==
GET H2	200	f7p8cj--_10a0003000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	97 B 507 B	348ms 144ms	Image image/png	13.224.208.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/f7p8cj--_10a0003000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.208.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-208-18.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash `2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:27 GMT x-amz-version-id 1qAD6sSge_RpyF6IZAc1ndrwNHppbgDK via 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 etag "1221bcc453459e2dfe0f7e3552088838" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 97 x-amz-cf-id fFZITxkcq1eNyzxGglFa1yhobpzpVTCiEFryQ2WyjcL4R5I41BGDyQ==
GET H2	200	jrahnk-untitled_100t00j000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	259 B 669 B	374ms 170ms	Image image/png	13.224.208.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/jrahnk-untitled_100t00j000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.208.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-208-18.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash `8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:27 GMT x-amz-version-id E.RdeSIYJoyW7UWynMlpRjftm_PSyaKU via 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 etag "7dc58655100a9b1337a276f78b855556" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 259 x-amz-cf-id x8U3oAhnpO8osoaAav0LSr_wZIpG6mlyIDwfALRC0ZQn9U3i2sNuuw==
GET H2	200	1u02xza-xd_100d00d000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	227 B 638 B	374ms 170ms	Image image/png	13.224.208.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/1u02xza-xd_100d00d000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.208.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-208-18.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash `76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:27 GMT x-amz-version-id 7qwGKC7tkPs1rfPgDJcx6hlfHiHlC2RI via 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 etag "b15353fe5729359a2ef0e7b25b685ba4" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 227 x-amz-cf-id WuyiCq0_d7C5V3Q17N0YdT5RTL3BZGlMQ9230RGBf7-vZk4s4liMoA==
GET H2	200	159phi5-thong-bao_10aw01e000000000000028.png d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/	498 B 910 B	435ms 232ms	Image image/png	13.224.208.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/newall.ubpages.com/overview-tw-1/159phi5-thong-bao_10aw01e000000000000028.png Requested by Host: newall.ubpages.com URL: https://newall.ubpages.com/overview-tw-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.208.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-208-18.phl50.r.cloudfront.net Software AmazonS3 / Resource Hash `fa8788b62b8517f70776037cddfd9d29f43310817ed8ba258bf1dacc5ae73d67` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:27 GMT x-amz-version-id CeNeB_LP7BHdb1xoFWpUcnSXCMmrZ4YV via 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront) last-modified Fri, 19 Apr 2024 03:01:51 GMT server AmazonS3 x-amz-cf-pop PHL50-C1 etag "faa98931af3d976ca0026b8948df460a" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 498 x-amz-cf-id 6iblH119Bz8xKVcJKO3rI8GuMDSHCl5-RX9T65j-wTAFu48s-AZXLQ==
GET H2	404	favicon.ico newall.ubpages.com/	47 B 133 B	42ms 42ms	Other text/html	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newall.ubpages.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://newall.ubpages.com/overview-tw-1/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 21 Apr 2024 06:17:26 GMT server cloudflare cf-ray 877b40438b9236d4-YYZ content-length 47 vary Accept-Encoding content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newall.ubpages.com/overview-tw-1/	1970-01-21 00:26:17	Name: ubpv Value: a%2Cc30633a0-fdf6-11ee-ac40-de7fb5e8f765
.ubpages.com/	1970-01-20 20:01:22	Name: __cf_bm Value: FJJIPePxn5zVx1pUB9d6CHish.JLHeG6R_.niSK4Nnk-1713680245-1.0.1.1-TTj0fg3gLrus8Vw6mjl7mfn9lQ8Bvv_U1c9YsodFTTStOK.PUidw0Ik_dLvoUhXLtGIlU06nyGkjHu6DQb6YzQ
newall.ubpages.com/	1970-01-21 00:20:32	Name: ubvs Value: 29320b48-b1dc-4242-a680-9235c5961395
.ubpages.com/	1970-01-20 20:05:39	Name: ubvt Value: v2%7C29320b48-b1dc-4242-a680-9235c5961395%7Cc30633a0-fdf6-11ee-ac40-de7fb5e8f765%3Aa%3Asingle

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newall.ubpages.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
newall.ubpages.com
13.224.208.18
172.64.146.119
18.238.4.71
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2
41befe423f328daa09a8e3c42ba4eacd7bd3543d2a10184309b8d1282d7b3697
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596
fa8788b62b8517f70776037cddfd9d29f43310817ed8ba258bf1dacc5ae73d67

newall.ubpages.com Open in urlscan Pro 172.64.146.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

69 kBTransfer

227 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

newall.ubpages.com Open in urlscan Pro
172.64.146.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

69 kB
Transfer

227 kB
Size

4
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!