uglybox.tentoptoday.com Open in urlscan Pro
108.179.232.251 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me
Submission: On July 18 via manual (July 18th 2022, 7:21:47 pm UTC) from IN — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 108.179.232.251, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is uglybox.tentoptoday.com.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.

This is the only time uglybox.tentoptoday.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
20	108.179.232.251 108.179.232.251	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2606:4700:303... 2606:4700:3033::ac43:ced0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	3

20 108.179.232.251 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-179-232-251.unifiedlayer.com

uglybox.tentoptoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:ced0 (United States)

ASN13335 (CLOUDFLARENET, US)

yourpillchoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tentoptoday.com uglybox.tentoptoday.com	855 KB
1	yourpillchoice.com yourpillchoice.com — Cisco Umbrella Rank: 602648 Failed
22	2

	Domain	Requested by
20	uglybox.tentoptoday.com	uglybox.tentoptoday.com
1	yourpillchoice.com	uglybox.tentoptoday.com
22	2

This site contains no links.

Subject Issuer	Validity	Valid
www.uglybox.tentoptoday.com R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.yourpillchoice.com E1	`2022-07-13` - `2022-10-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me
Frame ID: 398AB6559AC38F9DEDF868D14E6B4873
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In — Secure Checkout - Apple

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

855 kB
Transfer

1775 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://uglybox.tentoptoday.com/search-services/suggestions/ HTTP 302
https://yourpillchoice.com/

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response uglybox.tentoptoday.com/.well-known/acme-challenge/open/	22 KB 5 KB	1582ms 635ms	Document text/html	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `2e62bc362b6a128eecccfe1213dd7932397ac264f5621fa205c170eca943d459` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 4665 content-type text/html; charset=UTF-8 date Mon, 18 Jul 2022 19:21:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H2	200	style.css uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/	350 KB 76 KB	364ms 363ms	Stylesheet text/css	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style.css Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `5cdf3502ad0603de65fbac58b80d9085ddbf71e7f8b7ff193b59b10afcc0cb03` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css
GET H2	200	style2.css uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/	222 KB 38 KB	536ms 535ms	Stylesheet text/css	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `116b4ed761a37c139c91047ce0bc39b9bee9531f924fd518ad0a04dcf856a429` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css
GET H2	200	fonts.css uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/	355 B 264 B	186ms 185ms	Stylesheet text/css	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/fonts.css Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `bf4c604723cc3858df2028bba4bbaffe1870f841e212a0e8d63db4f03c03904a` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 197
GET H2	200	header.js Show response uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/	496 KB 184 KB	536ms 535ms	Script application/javascript	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/header.js Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `57c2abe4333a9701438aa5a5e76d6fc94bc1febbedff100d93d7a882ea7039e2` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	jquery.min.js Show response uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/	156 KB 52 KB	535ms 535ms	Script application/javascript	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/jquery.min.js Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	jquery.validate.min.js Show response uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/	49 KB 16 KB	191ms 191ms	Script application/javascript	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/jquery.validate.min.js Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `3aff7c9a7e7770ba800ae672e3059379a22787edc69ae322b4e1209bd81e106e` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:41 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 16582
GET H2	200	loadingvbv.gif uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	169 KB 170 KB	182ms 181ms	Image image/gif	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/loadingvbv.gif Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 172593 content-type image/gif
GET H2	200	apple.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	554 B 596 B	182ms 181ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/apple.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 554 content-type image/svg+xml
GET H2	200	mac.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	802 B 831 B	192ms 190ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/mac.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 802 content-type image/svg+xml
GET H2	200	ipad.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	1002 B 1 KB	189ms 187ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ipad.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 1002 content-type image/svg+xml
GET H2	200	iphone.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	1 KB 1 KB	189ms 188ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/iphone.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 1160 content-type image/svg+xml
GET H2	200	watch.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	2 KB 2 KB	187ms 185ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/watch.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 1694 content-type image/svg+xml
GET H2	200	tv.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	264 B 294 B	185ms 184ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/tv.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 264 content-type image/svg+xml
GET H2	200	music.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	1 KB 1 KB	190ms 189ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/music.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 1082 content-type image/svg+xml
GET H2	200	support.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	2 KB 2 KB	190ms 189ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/support.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 1661 content-type image/svg+xml
GET H2	200	search.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	390 B 420 B	189ms 188ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/search.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 390 content-type image/svg+xml
GET H2	200	bag.svg uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/	416 B 446 B	299ms 298ms	Image image/svg+xml	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/bag.svg Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42` Request headers accept-language de-DE,de;q=0.9 Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/style2.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 416 content-type image/svg+xml
GET H2	200	sf-pro-text_regular.woff2 uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/	152 KB 153 KB	299ms 298ms	Font font/woff2	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/sf-pro-text_regular.woff2 Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a` Request headers Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/fonts.css Origin https://uglybox.tentoptoday.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 155504 content-type font/woff2
GET H2	200	sf-pro-display_semibold.woff2 uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/	151 KB 152 KB	300ms 299ms	Font font/woff2	108.179.232.251 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/sf-pro-display_semibold.woff2 Requested by Host: uglybox.tentoptoday.com URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.232.251 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 108-179-232-251.unifiedlayer.com Software Apache / Resource Hash `f1106e805d9becbfc348fdecb2183031e7d0699057a2474a53818769fa54c9e1` Request headers Referer https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/fonts.css Origin https://uglybox.tentoptoday.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 18 Jul 2022 19:21:42 GMT last-modified Sat, 09 Jul 2022 22:48:35 GMT server Apache accept-ranges bytes content-length 154460 content-type font/woff2
GET		/ yourpillchoice.com/ Redirect Chain https://uglybox.tentoptoday.com/search-services/suggestions/ https://yourpillchoice.com/	0 0

OPTIONS H2	200	/ yourpillchoice.com/	0 0	1314ms 1205ms	Preflight text/html	2606:4700:3033::ac43:ced0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yourpillchoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:ced0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://uglybox.tentoptoday.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 72cd94fccf7f9bdc-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 18 Jul 2022 19:21:44 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6YopCOQj63Hj26eO2yKrmyRLzMybhVu9%2FaXPDEsgypAMcT132NueyM1lrifADedyD6aMcEe775wSfnI81vFvoTztFXZCemzCY%2BrG5OclvWB9C6%2BHlmmnucPFhBOu1rjID1827nIj2Fpu6L6IlPkovI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.1.33

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yourpillchoice.com
URL: https://yourpillchoice.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uglybox.tentoptoday.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c7af995dacd81f9b9616409303eba122

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me Message: Access to XMLHttpRequest at 'https://yourpillchoice.com/' (redirected from 'https://uglybox.tentoptoday.com/search-services/suggestions/') from origin 'https://uglybox.tentoptoday.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://yourpillchoice.com/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

uglybox.tentoptoday.com
yourpillchoice.com
yourpillchoice.com
108.179.232.251
2606:4700:3033::ac43:ced0
116b4ed761a37c139c91047ce0bc39b9bee9531f924fd518ad0a04dcf856a429
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
2e62bc362b6a128eecccfe1213dd7932397ac264f5621fa205c170eca943d459
3aff7c9a7e7770ba800ae672e3059379a22787edc69ae322b4e1209bd81e106e
57c2abe4333a9701438aa5a5e76d6fc94bc1febbedff100d93d7a882ea7039e2
5cdf3502ad0603de65fbac58b80d9085ddbf71e7f8b7ff193b59b10afcc0cb03
6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5
bf4c604723cc3858df2028bba4bbaffe1870f841e212a0e8d63db4f03c03904a
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
f1106e805d9becbfc348fdecb2183031e7d0699057a2474a53818769fa54c9e1

uglybox.tentoptoday.com Open in urlscan Pro 108.179.232.251 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

855 kBTransfer

1775 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

uglybox.tentoptoday.com Open in urlscan Pro
108.179.232.251 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

855 kB
Transfer

1775 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!