![](/screenshots/3211938d-157b-4d54-8081-932cd6a51e65.png)
thumding.ubpages.com
Open in
urlscan Pro
104.18.41.137
Malicious Activity!
Public Scan
Submission: On April 15 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 4th 2024. Valid for: 3 months.
This is the only time thumding.ubpages.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 104.18.41.137 104.18.41.137 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 99.84.9.120 99.84.9.120 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 52.222.137.129 52.222.137.129 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-9-120.lhr62.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-129.ams50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
5 KB |
4 |
ubpages.com
thumding.ubpages.com |
22 KB |
2 |
unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 23131 |
43 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
5 | d9hhrg4mnvzow.cloudfront.net |
thumding.ubpages.com
|
4 | thumding.ubpages.com |
thumding.ubpages.com
|
2 | builder-assets.unbounce.com |
thumding.ubpages.com
|
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ubpages.com E1 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
*.unbounce.com Amazon RSA 2048 M03 |
2023-12-10 - 2025-01-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://thumding.ubpages.com/overview-fr-1/
Frame ID: 85F11997AFC1F941E303EB39729F75C6
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
thumding.ubpages.com/overview-fr-1/ |
36 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b907c51d6869e69d8a396f17f7ba15905e81aff2.js
thumding.ubpages.com/_ub/static/ts/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-c3f2a09.z.js
builder-assets.unbounce.com/published-js/ |
125 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
thumding.ubpages.com/_ub/ |
2 B 190 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ff148930-a81b-43db-b266-5f60cfa8d7c0
https://thumding.ubpages.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4i8zw7-11111_107501d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1exvfcw--_10a0003000000000000028.png
d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/ |
97 B 514 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11n479g-untitled_100t00j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/ |
259 B 678 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9h24bp-xd_100d00d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/ |
227 B 648 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1ui7j64-thong-bao_10av01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/thumding.ubpages.com/overview-fr-1/ |
485 B 907 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
thumding.ubpages.com/ |
47 B 109 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ub object| module function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
thumding.ubpages.com/overview-fr-1/ | Name: ubpv Value: a%2C16dbe46a-f934-11ee-b9ca-1669fb0dcad8 |
|
thumding.ubpages.com/ | Name: ubvs Value: 7bb95ddd-e851-458f-93fe-da8dd6aba321 |
|
.ubpages.com/ | Name: ubvt Value: v2%7C7bb95ddd-e851-458f-93fe-da8dd6aba321%7C16dbe46a-f934-11ee-b9ca-1669fb0dcad8%3Aa%3Asingle |
|
.ubpages.com/ | Name: __cf_bm Value: fjBvGg.fzD7Fs7yHLcwwvrv13trmm222cEuG6Ugajmo-1713219293-1.0.1.1-LZ.VwRo3YeB.Et.DJJMYy_8n6WrIQ.iqR.7gj66nRaDhMxlF0w6.eVUrRNA8fxKrMgJDrlh19I4f83k1nMbxXw |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
thumding.ubpages.com
104.18.41.137
52.222.137.129
99.84.9.120
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
250c28cf5889449562e78d30793dcb01d817b1ba9da9e660d29e2a560a5f7e74
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c34dc235157a54bb5f00dc719762b14b348ba7bc2256f52137052e935da4eb2
332bd7547dba1c0ddddf55126e44caee5596e8144d200445fcaa8e4a81e4ca58
76dcf702d295a671f9c3753b87e090a09833ea0f17734dc3d7b053d45e99a325
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8e459fecddade6ad3a901a23c149e8fc1a161cd34822e95e4fa019f0761e3912
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31cd3592adda56bba0be3286b12f7039954fab8bde605e1310e50c45b082c22
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596