thumding.ubpages.com Open in urlscan Pro
104.18.41.137 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thumding.ubpages.com/overview-fr-1/
Submission: On April 15 via api (April 15th 2024, 10:14:57 pm UTC) from BE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 104.18.41.137, located in and belongs to CLOUDFLARENET, US. The main domain is thumding.ubpages.com.
TLS certificate: Issued by E1 on April 4th 2024. Valid for: 3 months.

This is the only time thumding.ubpages.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
4	104.18.41.137 104.18.41.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.84.9.120 99.84.9.120	16509 (AMAZON-02) (AMAZON-02)
5	52.222.137.129 52.222.137.129	16509 (AMAZON-02) (AMAZON-02)
12	4

4 104.18.41.137 (None, )

ASN13335 (CLOUDFLARENET, US)

thumding.ubpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.9.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-9-120.lhr62.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.137.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-129.ams50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudfront.net d9hhrg4mnvzow.cloudfront.net	5 KB
4	ubpages.com thumding.ubpages.com	22 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 23131	43 KB
12	3

	Domain	Requested by
5	d9hhrg4mnvzow.cloudfront.net	thumding.ubpages.com
4	thumding.ubpages.com	thumding.ubpages.com
2	builder-assets.unbounce.com	thumding.ubpages.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
ubpages.com E1	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://thumding.ubpages.com/overview-fr-1/
Frame ID: 85F11997AFC1F941E303EB39729F75C6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

70 kB
Transfer

227 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thumding.ubpages.com/overview-fr-1/	36 KB 6 KB	76ms 48ms	Document text/html	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f31cd3592adda56bba0be3286b12f7039954fab8bde605e1310e50c45b082c22` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 874f4a852aeb9bcb-FRA content-encoding br content-location https://thumding.ubpages.com/overview-fr-1/ content-type text/html; charset=utf-8 date Mon, 15 Apr 2024 22:14:53 GMT etag W/"a:7bb95ddde851458f93feda8dd6aba321" link <https://thumding.ubpages.com/overview-fr-1/>; rel="canonical" server cloudflare x-unbounce-pageid 16dbe46a-f934-11ee-b9ca-1669fb0dcad8 x-unbounce-variant a x-unbounce-visitorid 7bb95ddd-e851-458f-93fe-da8dd6aba321
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	69ms 16ms	Stylesheet text/css	99.84.9.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.9.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-9-120.lhr62.r.cloudfront.net Software AmazonS3 / Resource Hash `7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 13 Sep 2023 17:22:48 GMT content-encoding gzip via 1.1 ca1303affdca7d63f1f154f36f5c79b4.cloudfront.net (CloudFront) x-amz-version-id fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc x-amz-cf-pop LHR62-C2 age 18593526 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2902 last-modified Tue, 11 Jul 2023 16:18:48 GMT server AmazonS3 etag "99b89a3d5f7bab4f89aad694ef70a6d8" content-type text/css cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id tUdwVrizUCF9ukbnZi-Pi5NDkTQDX6GaNzyXLWPWYomPaDyLMO83lw==
GET H2	200	b907c51d6869e69d8a396f17f7ba15905e81aff2.js Show response thumding.ubpages.com/_ub/static/ts/	43 KB 15 KB	23ms 23ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thumding.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/overview-fr-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 22:14:53 GMT content-encoding br via 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront) x-amz-version-id TThSs9K50fISFfh18X9t.nFN4cUMwlpR cf-cache-status HIT x-amz-cf-pop FRA56-C2 age 217140 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 27 Mar 2024 15:44:09 GMT server cloudflare etag W/"7b3939265cdcbe6834a9c54d2dfcdfa2" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000 cf-ray 874f4a858b539bcb-FRA x-amz-cf-id jkekslTqTk2kv6xEnXZaw-dyyq1jIoCl55Y20dinmfJTlClh2F-vqQ== expires Tue, 15 Apr 2025 22:14:53 GMT
GET H2	200	main.bundle-c3f2a09.z.js Show response builder-assets.unbounce.com/published-js/	125 KB 39 KB	46ms 19ms	Script application/javascript	99.84.9.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.9.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-9-120.lhr62.r.cloudfront.net Software AmazonS3 / Resource Hash `c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 18:11:28 GMT content-encoding gzip via 1.1 ca1303affdca7d63f1f154f36f5c79b4.cloudfront.net (CloudFront) x-amz-version-id 0jCnCAYc2yatVAXrOQkKsboLCamv4Y6y x-amz-cf-pop LHR62-C2 age 878606 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 39961 last-modified Fri, 05 Apr 2024 17:38:36 GMT server AmazonS3 etag "8fde982b1747f0bf4dfb1b44d385c019" content-type application/javascript cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id gC7IUoqTtudA0JcSAir9NH5epECXAa2v4MsLPzcJW-ochjytWY77gA==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	i thumding.ubpages.com/_ub/	2 B 190 B	404ms 403ms	Ping text/plain	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thumding.ubpages.com/_ub/i Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://thumding.ubpages.com/overview-fr-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Response headers date Mon, 15 Apr 2024 22:14:53 GMT cf-cache-status DYNAMIC server cloudflare content-type text/plain; charset=UTF-8 access-control-allow-origin https://thumding.ubpages.com p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true cf-ray 874f4a860bec9bcb-FRA content-length 2
GET BLOB	200 OK	ff148930-a81b-43db-b266-5f60cfa8d7c0 https://thumding.ubpages.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://thumding.ubpages.com/ff148930-a81b-43db-b266-5f60cfa8d7c0 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Length 5427 Content-Type text/css
GET H2	200	4i8zw7-11111_107501d000000000000028.png d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/	2 KB 2 KB	61ms 20ms	Image image/png	52.222.137.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/4i8zw7-11111_107501d000000000000028.png Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-129.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash `250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 09:55:58 GMT x-amz-version-id aU1pl2g7Rrmb3h1z3CVE8EUtjjWbdtPk via 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 01:25:48 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 217136 etag "0366bc9d507764fa9984c28adedd5862" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 1801 x-amz-cf-id ouxVoCEO1F5Bpe4gdqqv0MfbrJLw9jedosMPQXQfStyGf63QzwM5Dw==
GET H2	200	1exvfcw--_10a0003000000000000028.png d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/	97 B 514 B	62ms 20ms	Image image/png	52.222.137.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/1exvfcw--_10a0003000000000000028.png Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-129.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash `2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 09:55:58 GMT x-amz-version-id JCNfeyOBiI8oNm5ctcU7TDoJmj0saUbp via 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 01:25:48 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 217136 etag "1221bcc453459e2dfe0f7e3552088838" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 97 x-amz-cf-id rtQopdP9H44mKnZFZio_Op-h9J2GFCjyYxzWGf_EVJRNqdtr0sJDSw==
GET H2	200	11n479g-untitled_100t00j000000000000028.png d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/	259 B 678 B	60ms 19ms	Image image/png	52.222.137.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/11n479g-untitled_100t00j000000000000028.png Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-129.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash `8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 09:55:58 GMT x-amz-version-id 2HQTbqWfwnKRtT1sQvNr66Ii6aA22QSw via 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 01:25:48 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 217136 etag "7dc58655100a9b1337a276f78b855556" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 259 x-amz-cf-id dz6VmS630aGZogcZQRg2bX-FuaUEqojW3Xm4arlhc11OOFH6gQ58XQ==
GET H2	200	9h24bp-xd_100d00d000000000000028.png d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/	227 B 648 B	63ms 21ms	Image image/png	52.222.137.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/9h24bp-xd_100d00d000000000000028.png Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-129.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash `76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 09:55:58 GMT x-amz-version-id e4okhUWmEZWRVdBH5bBKlqPFJQnE5sRK via 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 01:25:48 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 217136 etag "b15353fe5729359a2ef0e7b25b685ba4" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 227 x-amz-cf-id p2glZilzXJt1k8ChM5YWva58NhqvATvleUzAa_Cm3Q7GU4xq-HhXyA==
GET H2	200	1ui7j64-thong-bao_10av01e000000000000028.png d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/	485 B 907 B	59ms 18ms	Image image/png	52.222.137.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/1ui7j64-thong-bao_10av01e000000000000028.png Requested by Host: thumding.ubpages.com URL: https://thumding.ubpages.com/overview-fr-1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-129.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash `332bd7547dba1c0ddddf55126e44caee5596e8144d200445fcaa8e4a81e4ca58` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 13 Apr 2024 09:55:58 GMT x-amz-version-id .7NIMNzG6tSdX4X5UaR7YNEXsd5ruIQS via 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2024 01:25:48 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 217136 etag "b7ec7db8b9744e69586b7e22b6ceff6a" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 485 x-amz-cf-id ZzfhH6uarxuDw3tIU43QrQmJik9l1D5eyiyA-ACQNUPBVEzWO9F0sg==
GET H2	404	favicon.ico thumding.ubpages.com/	47 B 109 B	15ms 15ms	Other text/html	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thumding.ubpages.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thumding.ubpages.com/overview-fr-1/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 22:14:53 GMT server cloudflare cf-ray 874f4a867c459bcb-FRA content-length 47 vary Accept-Encoding content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thumding.ubpages.com/overview-fr-1/	1970-01-21 00:18:36	Name: ubpv Value: a%2C16dbe46a-f934-11ee-b9ca-1669fb0dcad8
thumding.ubpages.com/	1970-01-21 00:12:51	Name: ubvs Value: 7bb95ddd-e851-458f-93fe-da8dd6aba321
.ubpages.com/	1970-01-20 19:57:58	Name: ubvt Value: v2%7C7bb95ddd-e851-458f-93fe-da8dd6aba321%7C16dbe46a-f934-11ee-b9ca-1669fb0dcad8%3Aa%3Asingle
.ubpages.com/	1970-01-20 19:53:41	Name: __cf_bm Value: fjBvGg.fzD7Fs7yHLcwwvrv13trmm222cEuG6Ugajmo-1713219293-1.0.1.1-LZ.VwRo3YeB.Et.DJJMYy_8n6WrIQ.iqR.7gj66nRaDhMxlF0w6.eVUrRNA8fxKrMgJDrlh19I4f83k1nMbxXw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thumding.ubpages.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
thumding.ubpages.com
104.18.41.137
52.222.137.129
99.84.9.120
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2
332bd7547dba1c0ddddf55126e44caee5596e8144d200445fcaa8e4a81e4ca58
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31cd3592adda56bba0be3286b12f7039954fab8bde605e1310e50c45b082c22
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596

thumding.ubpages.com Open in urlscan Pro 104.18.41.137 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

70 kBTransfer

227 kBSize

4 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

thumding.ubpages.com Open in urlscan Pro
104.18.41.137 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

70 kB
Transfer

227 kB
Size

4
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!