![](/screenshots/3bc6e3ce-14e5-4712-a846-47bae03269f0.png)
moises-es-tacanisimo2k23forever.directual.app
Open in
urlscan Pro
52.214.239.207
Malicious Activity!
Public Scan
Effective URL: https://moises-es-tacanisimo2k23forever.directual.app/
Submission: On January 08 via automatic, source openphish — Scanned from ES
Summary
TLS certificate: Issued by R3 on December 26th 2022. Valid for: 3 months.
This is the only time moises-es-tacanisimo2k23forever.directual.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 52.214.239.207 52.214.239.207 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
22 | 2a03:90c0:41:... 2a03:90c0:41:2801::24 | 199524 (GCORE) (GCORE) | |
1 | 54.171.37.162 54.171.37.162 | 16509 (AMAZON-02) (AMAZON-02) | |
1 3 | 198.54.116.106 198.54.116.106 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::681a:164 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 4 | 2606:4700:10:... 2606:4700:10::6816:4aab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 9 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-239-207.eu-west-1.compute.amazonaws.com
moises-es-tacanisimo2k23forever.directual.app | |
api.directual.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-37-162.eu-west-1.compute.amazonaws.com
api.alfa.directual.com |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium35-4.web-hosting.com
lifevideo4all.xyz |
ASN13335 (CLOUDFLARENET, US)
whos.amung.us | |
widgets.amung.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
directual.app
moises-es-tacanisimo2k23forever.directual.app cdn.directual.app |
3 MB |
4 |
amung.us
2 redirects
whos.amung.us — Cisco Umbrella Rank: 9585 widgets.amung.us — Cisco Umbrella Rank: 10582 |
3 KB |
3 |
lifevideo4all.xyz
1 redirects
lifevideo4all.xyz |
500 KB |
2 |
directual.com
api.alfa.directual.com api.directual.com |
37 KB |
1 |
geojs.io
get.geojs.io — Cisco Umbrella Rank: 15570 |
859 B |
1 |
gstatic.com
fonts.gstatic.com |
36 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 943 |
68 KB |
32 | 7 |
Domain | Requested by | |
---|---|---|
22 | cdn.directual.app |
moises-es-tacanisimo2k23forever.directual.app
cdn.directual.app |
3 | lifevideo4all.xyz |
1 redirects
moises-es-tacanisimo2k23forever.directual.app
|
2 | widgets.amung.us | |
2 | whos.amung.us | 2 redirects |
1 | get.geojs.io |
moises-es-tacanisimo2k23forever.directual.app
|
1 | api.directual.com |
cdn.directual.app
|
1 | fonts.gstatic.com |
cdn.directual.app
|
1 | api.alfa.directual.com |
moises-es-tacanisimo2k23forever.directual.app
|
1 | code.jquery.com |
moises-es-tacanisimo2k23forever.directual.app
|
1 | moises-es-tacanisimo2k23forever.directual.app | |
32 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.directual.app R3 |
2022-12-26 - 2023-03-26 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
cdn.directual.app R3 |
2022-12-22 - 2023-03-22 |
3 months | crt.sh |
api.alfa.directual.com R3 |
2022-11-23 - 2023-02-21 |
3 months | crt.sh |
lifevideo4all.xyz Sectigo RSA Domain Validation Secure Server CA |
2022-06-13 - 2023-06-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
api.prod.directual.com R3 |
2022-11-23 - 2023-02-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://moises-es-tacanisimo2k23forever.directual.app/
Frame ID: 56D83FDBF89735BBA29CB131F9E7A5B7
Requests: 35 HTTP requests in this frame
Screenshot
![](/screenshots/3bc6e3ce-14e5-4712-a846-47bae03269f0.png)
Page Title
Log into Facebook | FacebookPage URL History Show full URLs
-
http://moises-es-tacanisimo2k23forever.directual.app/
HTTP 307
https://moises-es-tacanisimo2k23forever.directual.app/ Page URL
Detected technologies
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://moises-es-tacanisimo2k23forever.directual.app/
HTTP 307
https://moises-es-tacanisimo2k23forever.directual.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://lifevideo4all.xyz/vics/location HTTP 301
- https://lifevideo4all.xyz/vics/location/
- https://whos.amung.us/widget/donkeydonna HTTP 307
- https://widgets.amung.us/classic/00/66.png
- https://whos.amung.us/widget/palanca12 HTTP 307
- https://widgets.amung.us/classic/00/68.png
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
moises-es-tacanisimo2k23forever.directual.app/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.slim.js
code.jquery.com/ |
230 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2067f7a2157c5c0e5a3c.css
cdn.directual.app/_next/static/css/ |
97 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ |
582 B 722 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ |
610 B 672 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-91b117697e716c22a78b.js
cdn.directual.app/_next/static/runtime/ |
1 KB 848 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework.919180708d05136dc6ed.js
cdn.directual.app/_next/static/chunks/ |
126 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62a2874c.4d381b6d4a3b6f59458a.js
cdn.directual.app/_next/static/chunks/ |
876 KB 233 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2c796e83.6d538cf506f030e37269.js
cdn.directual.app/_next/static/chunks/ |
746 KB 191 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29107295.f02fd81d3549ea789d99.js
cdn.directual.app/_next/static/chunks/ |
70 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9973dc0b.85711a77415f2aaee5c1.js
cdn.directual.app/_next/static/chunks/ |
294 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3cf2993f.8a7d70366f99a7299e2c.js
cdn.directual.app/_next/static/chunks/ |
431 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bee240a3.023e8a6d7636de0aba5f.js
cdn.directual.app/_next/static/chunks/ |
88 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
75fc9c18.f2a68c63cc36d5f3b772.js
cdn.directual.app/_next/static/chunks/ |
58 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.d49556b860622f49a01d.js
cdn.directual.app/_next/static/chunks/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b81828185b115147ae9bf919ec9f62acace6a238.5dbc337305143fd86c4b.js
cdn.directual.app/_next/static/chunks/ |
678 KB 178 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-dbed20d757de8f1be318.js
cdn.directual.app/_next/static/runtime/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
061e6b60.509f44a370829ba8f246.js
cdn.directual.app/_next/static/chunks/ |
590 KB 257 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
cdn.directual.app/_next/static/chunks/ |
2 MB 583 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8b09feb3-0e52-45cc-b776-b0a7f9fc4a0e.svg
api.alfa.directual.com/fileUploaded/directual-site/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lifevideo4all.xyz/vics/ |
718 KB 499 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/ |
299 B 362 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/ |
76 B 137 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHvxk.ttf
fonts.gstatic.com/s/lato/v23/ |
71 KB 36 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8432400d-0b09-40c7-8c5a-526d8b7aa558.woff
api.directual.com/fileUploaded/directual-site/ |
31 KB 31 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5B...path%5D.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ |
0 273 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
061e6b60.509f44a370829ba8f246.js
cdn.directual.app/_next/static/chunks/ |
0 257 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
cdn.directual.app/_next/static/chunks/ |
0 583 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lifevideo4all.xyz/vics/location/ Redirect Chain
|
1 KB 625 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo.json
get.geojs.io/v1/ip/ |
335 B 859 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66.png
widgets.amung.us/classic/00/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
68.png
widgets.amung.us/classic/00/ Redirect Chain
|
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
51 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| webpackJsonp object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| __SSG_MANIFEST object| __BUILD_MANIFEST function| _ function| Hammer function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a function| checking function| creatingInput function| searchingForms0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.alfa.directual.com
api.directual.com
cdn.directual.app
code.jquery.com
fonts.gstatic.com
get.geojs.io
lifevideo4all.xyz
moises-es-tacanisimo2k23forever.directual.app
whos.amung.us
widgets.amung.us
198.54.116.106
2001:4de0:ac18::1:a:3a
2606:4700:10::6816:4aab
2606:4700:20::681a:164
2a00:1450:4001:828::2003
2a03:90c0:41:2801::24
52.214.239.207
54.171.37.162
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
22be65b9f85ea72d3c0f10c5c59c6e8fa0fc72d534c697e5dd155224d354a173
2626befe4654a65eb01b6cab9749932ca08dfb909f63f45c6f732f05bdbbe2e5
28987f47a8a8f8d6792c6ae74844531922dc5b9a1f02c9fbb2c771e9d286598c
2ac4fe473ea65ec20d8ef712b9bc1328f65aa285cc6ebe9543fdc6094389a544
35c88d26c0a4c300dc6a6ec8d3db28d4b669b219e68936458283b5020158d740
4f8d6492ac7e38a54b457ef154d5224d6addae2dfa2974e3655400eb07ff3a39
54dc4e47aa79af84bc42d6cc17c52a738dc893faffaa9fe15311772f9afdf9f5
5acd2ba9f0f8a8a1f3efd2391fcb366b384144918eb8b6663efdb809d008f257
600c37ca55490189b32a5b93bf148c67caa3ccb161a68657b72f24f55fe709e7
63c9950387f2591fab55bfb45e79c4f42286040c4eca2aa8d6a02db4ba9bf120
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
6e67d9e9a9f3414293cb83a59fc284a9b3bf7b75dea1fda2d233ab2c137a636d
7120951beec4144ef6e13063637ca9f4317120c2e61f0d11d6007b3ed7c11a87
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7b72cf1a338dcef389d2ca08b8328135118a215f44c8869ca5a11f60dc6e36b5
94b945b7f189c978d8b53ad77606a6dde64b248354a82a772938ab61e1b9b974
9ddcbbdb296b1f80c5276f722a3fbe6b2c79e7527b1f5ecedda20928a9a4136c
9e2b9995ea74f7a9e6003d1f130bce2c9c54465dde4660745a34363b0b410299
abea2320dca8f7d72f2fc5496e7317247192eb12726aedf408ac59330fe08332
addbac319daecf9ca03834ca2cda2ca766a53e2a82b5cdf93a7120362a3a20b3
cc112754bde667c761bbec290a39bc2a645e67febfb6b08889937e624a7e538c
d10adccc76082c7d8efea600d201669bd58d28050085bca803346ae99e9ec6cf
d5e24ebfa99b08eeee32136f4ae659753fac7c6c60c4d64dd494d86ab0ca511c
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a2defdaf6696aeec83d8a7b4cc283012c1531cd4335426d01b6c897a90c350
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde
f44737f13fe28b92ee1008b30187bb36ec25e40c0d92d7f0c3ff683fe8ee77cc
f7dddd73817e6e9660ccab4c62a1eac17d4030edeae95efc3781a378ab7276d0
ff6b126d86d9795f3e14dd74327e6ec811f7445f43143c14fd7d2cdfc9b808d2