![](/screenshots/3d54ac99-54db-4086-acca-c1033fb3ae85.png)
uncoeurdelionmessire.com
Open in
urlscan Pro
104.21.29.74
Malicious Activity!
Public Scan
Submission: On August 25 via api from GB — Scanned from IT
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.
This is the only time uncoeurdelionmessire.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 104.21.29.74 104.21.29.74 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 76.76.21.241 76.76.21.241 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 216.58.206.42 216.58.206.42 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 5 |
ASN16509 (AMAZON-02, US)
verification-pages-45345.vercel.app |
ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
vercel.app
verification-pages-45345.vercel.app |
145 KB |
4 |
uncoeurdelionmessire.com
1 redirects
uncoeurdelionmessire.com |
6 KB |
3 |
pcloud.id
gun.pcloud.id |
62 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982 |
12 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366 |
31 KB |
23 | 5 |
Domain | Requested by | |
---|---|---|
15 | verification-pages-45345.vercel.app |
uncoeurdelionmessire.com
verification-pages-45345.vercel.app |
4 | uncoeurdelionmessire.com |
1 redirects
uncoeurdelionmessire.com
|
3 | gun.pcloud.id |
uncoeurdelionmessire.com
|
1 | maxcdn.bootstrapcdn.com |
verification-pages-45345.vercel.app
|
1 | ajax.googleapis.com |
verification-pages-45345.vercel.app
|
23 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-17 - 2024-02-17 |
a year | crt.sh |
pcloud.id GTS CA 1P5 |
2023-07-23 - 2023-10-21 |
3 months | crt.sh |
*.vercel.app R3 |
2023-07-08 - 2023-10-06 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://uncoeurdelionmessire.com/
Frame ID: E4B2D80844FEEDAF9D68C87544C25BD0
Requests: 4 HTTP requests in this frame
Frame:
https://verification-pages-45345.vercel.app/
Frame ID: A28BD74C4DFDD399370BAE7368EBF7B1
Requests: 17 HTTP requests in this frame
Frame:
https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 7184F31E9D5634D7D78626B5E25D1CFE
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/3d54ac99-54db-4086-acca-c1033fb3ae85.png)
Page Title
Term Of ServiceDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- /_nuxt/
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uncoeurdelionmessire.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.gun.css
gun.pcloud.id/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.gun.js
gun.pcloud.id/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.gun.js
gun.pcloud.id/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
verification-pages-45345.vercel.app/ Frame A28B |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 7184 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7fc51363ce1c0e29
uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7184 |
0 599 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
verification-pages-45345.vercel.app/js/ Frame A28B |
905 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame A28B |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ Frame A28B |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entry.259bc8eb.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
140 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.09b8e7fa.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 324 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guest.543b0af1.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 317 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-404.7b8544b4.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 1 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-404.28bf4a97.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-500.cbe832a1.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 881 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-500.5f425638.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
0 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.57323940.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inF0loCk.5a5d93b7.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
104 B 235 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.09b8e7fa.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
187 B 257 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-info.bd6dbb79.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interview.b7eab2fc.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inF0loCk.png
verification-pages-45345.vercel.app/img/ Frame A28B |
65 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.uncoeurdelionmessire.com/ | Name: cf_clearance Value: iet4s8RfT40yO8.JVN.KEZNDKl7rdVAV21WbJSJdEM0-1692979520-0-1-c999a304.1caa92b1.4b0151d0-0.2.1692979520 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
gun.pcloud.id
maxcdn.bootstrapcdn.com
uncoeurdelionmessire.com
verification-pages-45345.vercel.app
104.18.11.207
104.21.29.74
188.114.96.3
216.58.206.42
76.76.21.241
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
4099fe2c082562adea11db7f7e34f3283387d65e16694aeba1f57eda2b5addf0
579688068d5233880af95e437cd2761356187ca24b446fc02f2719eff5741382
58daf5f45d1f4af0bdd5f7ba51c65c39e6ecb6d0a77b29554b19788225d74f95
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
70dae469f94f214b589d53521b903830a08b4fb589d47a4c269a83c79116886a
9a6dc1cc59bce3f56c7b9866979fa4bd9f0930a41830f5849703f15e924b522b
9e7d05b89dea7c04d4fb6f9e1c783a723ae914d1663f7171c0bcef7eb224e7cf
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
b5f786a0d6970cbc38a6fb767f42da419dbba8c002dd2815a9921f8acae53714
b7eab2fc15845e24efe5a4c9216fb4b50d32b1ca73fe184434ba33b6e681bc59
bd6dbb798426bd1cc96d44e39fc44edfb7afdb129603e9a393a739ee7062bb7c
bf1c5df443467d63eb35c0a7ea8ffc34a0226a6afb2419e18b0a3e5d6451a0a0
cb2e4e624020b2355fbe2ec6caf9c0d858d383ee8f998f51272b8b39fadf7eb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82aa428b205214b599f1568daae100555128fdbe51c726774da3f091135f17a