![](/screenshots/219e0533-2695-40db-8dae-8175ff34d2c9.png)
uglybox.tentoptoday.com
Open in
urlscan Pro
108.179.232.251
Malicious Activity!
Public Scan
Submission: On July 18 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.
This is the only time uglybox.tentoptoday.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 108.179.232.251 108.179.232.251 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2606:4700:303... 2606:4700:3033::ac43:ced0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 108-179-232-251.unifiedlayer.com
uglybox.tentoptoday.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
tentoptoday.com
uglybox.tentoptoday.com |
855 KB |
1 |
yourpillchoice.com
yourpillchoice.com — Cisco Umbrella Rank: 602648 Failed |
|
22 | 2 |
Domain | Requested by | |
---|---|---|
20 | uglybox.tentoptoday.com |
uglybox.tentoptoday.com
|
1 | yourpillchoice.com |
uglybox.tentoptoday.com
|
22 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.uglybox.tentoptoday.com R3 |
2022-06-04 - 2022-09-02 |
3 months | crt.sh |
*.yourpillchoice.com E1 |
2022-07-13 - 2022-10-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://uglybox.tentoptoday.com/.well-known/acme-challenge/open/?utm_medium=social&utm_source=heylink.me
Frame ID: 398AB6559AC38F9DEDF868D14E6B4873
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://uglybox.tentoptoday.com/search-services/suggestions/ HTTP 302
- https://yourpillchoice.com/
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uglybox.tentoptoday.com/.well-known/acme-challenge/open/ |
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/ |
350 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style2.css
uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/ |
222 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
uglybox.tentoptoday.com/.well-known/acme-challenge/open/css/ |
355 B 264 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.js
uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/ |
496 KB 184 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/ |
156 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
uglybox.tentoptoday.com/.well-known/acme-challenge/open/js/ |
49 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadingvbv.gif
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
169 KB 170 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apple.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
554 B 596 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mac.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
802 B 831 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipad.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
1002 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tv.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
264 B 294 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
music.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
390 B 420 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bag.svg
uglybox.tentoptoday.com/.well-known/acme-challenge/open/img/ |
416 B 446 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-text_regular.woff2
uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/ |
152 KB 153 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-display_semibold.woff2
uglybox.tentoptoday.com/.well-known/acme-challenge/open/fonts/ |
151 KB 152 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
yourpillchoice.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
yourpillchoice.com/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- yourpillchoice.com
- URL
- https://yourpillchoice.com/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| asMetrics object| asMicrodata function| acStoreClearCache object| acStoreApplePay object| acStoreApplePaySetup function| asGetReferrer function| asTelemetry function| $ function| jQuery object| AC1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uglybox.tentoptoday.com/ | Name: PHPSESSID Value: c7af995dacd81f9b9616409303eba122 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
uglybox.tentoptoday.com
yourpillchoice.com
yourpillchoice.com
108.179.232.251
2606:4700:3033::ac43:ced0
116b4ed761a37c139c91047ce0bc39b9bee9531f924fd518ad0a04dcf856a429
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
28f8977a12f0de984d665663073a824c7c834ef19de692ee066d396c19cfcfee
2e62bc362b6a128eecccfe1213dd7932397ac264f5621fa205c170eca943d459
3aff7c9a7e7770ba800ae672e3059379a22787edc69ae322b4e1209bd81e106e
57c2abe4333a9701438aa5a5e76d6fc94bc1febbedff100d93d7a882ea7039e2
5cdf3502ad0603de65fbac58b80d9085ddbf71e7f8b7ff193b59b10afcc0cb03
6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5
bf4c604723cc3858df2028bba4bbaffe1870f841e212a0e8d63db4f03c03904a
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
f1106e805d9becbfc348fdecb2183031e7d0699057a2474a53818769fa54c9e1