uuul.unlversalfamily.com Open in urlscan Pro
162.213.255.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wxfu.marciaedarrell.com.br./ej#aHR0cDovL21hbWRhbGF5LmNvbT9qc2k9MzE2MzYxNmM2YzYxNmM2MTczNmI2MTQwNmU3MjYzNjMyZTYzNmY2ZCZzaG93
Effective URL:
https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
Submission: On November 30 via manual (November 30th 2022, 7:56:34 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 162.213.255.79, located in United States and belongs to NAMECHEAP-NET, US. The main domain is uuul.unlversalfamily.com.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time uuul.unlversalfamily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	162.241.60.111 162.241.60.111	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 5	162.213.255.79 162.213.255.79	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	108.156.172.60 108.156.172.60	16509 (AMAZON-02) (AMAZON-02)
13	4

2 162.241.60.111 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-60-111.unifiedlayer.com

wxfu.marciaedarrell.com.br.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.213.255.79 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server283-1.web-hosting.com

mamdalay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uuul.unlversalfamily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.156.172.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-60.cmh68.r.cloudfront.net

ok12static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	oktacdn.com ok12static.oktacdn.com — Cisco Umbrella Rank: 14056	260 KB
4	unlversalfamily.com uuul.unlversalfamily.com uuul.kerberos.unlversalfamily.com Failed	14 KB
2	com.br. wxfu.marciaedarrell.com.br.	17 KB
1	mamdalay.com 1 redirects mamdalay.com	755 B
13	4

	Domain	Requested by
6	ok12static.oktacdn.com	uuul.unlversalfamily.com
4	uuul.unlversalfamily.com	wxfu.marciaedarrell.com.br. ok12static.oktacdn.com uuul.unlversalfamily.com
2	wxfu.marciaedarrell.com.br.	wxfu.marciaedarrell.com.br.
1	mamdalay.com	1 redirects
0	uuul.kerberos.unlversalfamily.com Failed	ok12static.oktacdn.com
13	5

This site contains links to these domains. Also see Links.

Domain
cpanel.com
go.cpanel.net

Subject Issuer	Validity	Valid
*.unlversalfamily.com R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
Frame ID: 8F117ADC2C6AE5BFF06CF7CF2AA4D54C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page URL History Show full URLs

http://wxfu.marciaedarrell.com.br./ej Page URL
http://mamdalay.com/?jsi=3163616c6c616c61736b61406e7263632e636f6d&show HTTP 302
https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhT... Page URL
https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

77 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

292 kB
Transfer

515 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referral

Search URL Search Domain Scan URL

URL: https://go.cpanel.net/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wxfu.marciaedarrell.com.br./ej Page URL
http://mamdalay.com/?jsi=3163616c6c616c61736b61406e7263632e636f6d&show HTTP 302
https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR Page URL
https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://mamdalay.com/?jsi=3163616c6c616c61736b61406e7263632e636f6d&show HTTP 302
https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found ej
wxfu.marciaedarrell.com.br./ 13 KB
14 KB 439ms
42ms Document
text/html 162.241.60.111
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://wxfu.marciaedarrell.com.br./ej
Protocol: HTTP/1.1
Server: 162.241.60.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-111.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Type: text/html
Date: Wed, 30 Nov 2022 19:56:27 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c

GET
H/1.1 200
OK server_misconfigured.png
wxfu.marciaedarrell.com.br./img-sys/ 3 KB
3 KB 57ms
36ms Image
image/png 162.241.60.111
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wxfu.marciaedarrell.com.br./img-sys/server_misconfigured.png
Requested by: Host: wxfu.marciaedarrell.com.br.
URL: http://wxfu.marciaedarrell.com.br./ej
Protocol: HTTP/1.1
Server: 162.241.60.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-111.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://wxfu.marciaedarrell.com.br./ej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 19:56:27 GMT
Last-Modified: Thu, 11 Aug 2022 21:06:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3164

GET
H2

200

/ Show response
uuul.unlversalfamily.com/
Redirect Chain

http://mamdalay.com/?jsi=3163616c6c616c61736b61406e7263632e636f6d&show
https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0...

4 KB
2 KB

1945ms
1688ms

Document
text/html

162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR
Requested by: Host: wxfu.marciaedarrell.com.br.
URL: http://wxfu.marciaedarrell.com.br./ej
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed / PHP/7.1.33
Resource Hash: e69c050573c554d09b630922f49fd7f9566bb7ab86acd036a1c4a7b22f920fc2

Request headers

Referer: http://wxfu.marciaedarrell.com.br./
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2037
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 19:56:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-length: 1413
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 19:56:27 GMT
keep-alive: timeout=5, max=100
location: https://Uuul.unlversalfamily.com?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR#loginScreen
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-1.12.4.f0c25d68f3a45b1c99ecd61b21ea6c8c.js Show response
ok12static.oktacdn.com/assets/js/ 288 KB
101 KB 111ms
27ms Script
application/javascript 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/jquery-1.12.4.f0c25d68f3a45b1c99ecd61b21ea6c8c.js

Requested by

Host: uuul.unlversalfamily.com
URL: https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

fa8d06777006ade2f99117db1b55f67159ce977f52fdb04f373b1a93e70c7f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://uuul.unlversalfamily.com/
Origin: https://uuul.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 23:11:45 GMT
x-amz-meta-sha1sum: 5d791abfb02ff8c1143ded1af1c89dd68a7bfc35
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 74684
x-cache: Hit from cloudfront
last-modified: Tue, 29 Nov 2022 22:34:45 GMT
server: nginx
etag: W/"f0c25d68f3a45b1c99ecd61b21ea6c8c"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: abGpCvMwqeeEqgNLnwatUodkXFIntjHCvnEAyKX0Zs5U3GVd2TBORQ==
expires: Wed, 29 Nov 2023 23:11:45 GMT

GET
H2 200 jquery-migrate-1.3.0.f3e119df020e0fcf61d086d06b63c9a3.js Show response
ok12static.oktacdn.com/assets/js/ 22 KB
9 KB 152ms
68ms Script
application/javascript 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/jquery-migrate-1.3.0.f3e119df020e0fcf61d086d06b63c9a3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

b579f84836a97835b2e0d495b7a60ec1bdf334709bbebcf521c09e30754b196f

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://uuul.unlversalfamily.com/
Origin: https://uuul.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 08:47:25 GMT
x-amz-cf-pop: CMH68-P1
age: 212944
x-cache: Hit from cloudfront
last-modified: Mon, 17 Aug 2020 19:14:08 GMT
server: nginx
etag: W/"f3e119df020e0fcf61d086d06b63c9a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: bpjmi82SfleWlqFuSY6Sunq3ZEmjozvchc8e7mWhXsMuoirEhUHY7w==
expires: Tue, 28 Nov 2023 08:47:25 GMT

GET
H2 200 dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js Show response
ok12static.oktacdn.com/assets/js/app/active_directory/ 7 KB
3 KB 150ms
66ms Script
application/javascript 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

f5662c6b65138cf94a359babb8a426598f925f4f49a3f80534193755596814bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://uuul.unlversalfamily.com/
Origin: https://uuul.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
date: Fri, 25 Nov 2022 09:44:43 GMT
x-amz-cf-pop: CMH68-P1
age: 468706
x-cache: Hit from cloudfront
last-modified: Tue, 06 Oct 2020 20:30:27 GMT
server: nginx
etag: W/"136a50e3e54c5d7629825f309391b5fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: r9SsUJcKy-0PwmyeC7YTngO26pZ2xT1Xd9Svq0DgNyvYC5FbVBjZTw==
expires: Sat, 25 Nov 2023 09:44:43 GMT

GET
H2 200 dssoPreCheckWorker.76c831049921a9982c1869ee897e1b34.js Show response
ok12static.oktacdn.com/assets/js/app/active_directory/ 814 B
1 KB 152ms
69ms Script
application/javascript 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheckWorker.76c831049921a9982c1869ee897e1b34.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

7a2ba96a25312028a921554bfed32afd1b88e71a248cc34a69c92a7ff58ec6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://uuul.unlversalfamily.com/
Origin: https://uuul.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 08:01:47 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1338882
x-cache: Hit from cloudfront
last-modified: Mon, 17 Aug 2020 19:18:08 GMT
server: nginx
etag: W/"76c831049921a9982c1869ee897e1b34"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: 2PdnsriAZmaNHZCr2mSpuvi1xELokJGFwsL_kH2ombTWROY16Jj-LQ==
expires: Wed, 15 Nov 2023 08:01:47 GMT

GET
H2 200 interstitial.0853bbe594160e5608c40b3c3e3f680d.css
ok12static.oktacdn.com/assets/css/sections/ 8 KB
3 KB 107ms
24ms Stylesheet
text/css 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/css/sections/interstitial.0853bbe594160e5608c40b3c3e3f680d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

18b485a41cd34d42b48932730c71f668984b961260b10648c0607524d46a7a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uuul.unlversalfamily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:33:06 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 7d742df65452f74d1ef6daa93f595db8.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1322603
x-cache: Hit from cloudfront
last-modified: Tue, 23 Aug 2022 21:29:54 GMT
server: nginx
etag: W/"0853bbe594160e5608c40b3c3e3f680d"
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: xmdZONI28XY9OTSGNYyMIzG7y5TWK6MksDLQUPocGEEAsQFHUcagtw==
expires: Wed, 15 Nov 2023 12:33:06 GMT

GET
H2 200 interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok12static.oktacdn.com/assets/img/ui/indicators/ 143 KB
144 KB 30ms
29ms Image
image/gif 108.156.172.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok12static.oktacdn.com/assets/img/ui/indicators/interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-60.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uuul.unlversalfamily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
date: Sun, 13 Nov 2022 14:05:11 GMT
via: 1.1 7d742df65452f74d1ef6daa93f595db8.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1489878
x-cache: Hit from cloudfront
content-length: 146495
last-modified: Wed, 15 Dec 2021 01:36:12 GMT
server: nginx
etag: "d4ca51b5579d1772af159f12276beb72"
content-type: image/gif
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: awRpCGJmxXYweHrtCmVqGfAMO4Ptfe7RNMiyUrCcitiyWRF9Wshzjw==
expires: Mon, 13 Nov 2023 14:05:11 GMT

GET agentlessDssoPrecheck
uuul.kerberos.unlversalfamily.com/api/internal/v1/ 0
0

GET
H2 404 Primary Request 00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ Show response
uuul.unlversalfamily.com/login/interact/ 13 KB
6 KB 95ms
94ms Document
text/html 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
Requested by: Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: e80ca8b1552df5873c76d4daa8c917efec3637ab33ba20061af95841387348da

Request headers

Referer: https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 30 Nov 2022 19:56:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 server_misconfigured.png
uuul.unlversalfamily.com/img-sys/ 3 KB
3 KB 95ms
94ms Image
image/png 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuul.unlversalfamily.com/img-sys/server_misconfigured.png
Requested by: Host: uuul.unlversalfamily.com
URL: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:56:29 GMT
last-modified: Tue, 28 Oct 2014 01:09:05 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3164
expires: Wed, 07 Dec 2022 19:56:29 GMT

GET
H2 200 powered_by_cpanel.svg
uuul.unlversalfamily.com/img-sys/ 5 KB
3 KB 96ms
95ms Image
image/svg+xml 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuul.unlversalfamily.com/img-sys/powered_by_cpanel.svg
Requested by: Host: uuul.unlversalfamily.com
URL: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:56:29 GMT
content-encoding: br
last-modified: Fri, 17 Mar 2017 18:07:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2506
expires: Wed, 07 Dec 2022 19:56:29 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf54538a1951e9e4ed0b407ffbed2583fd441fcc087da5c6657a0cde6d0c0208

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uuul.kerberos.unlversalfamily.com
URL: https://uuul.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://wxfu.marciaedarrell.com.br./ej#aHR0cDovL21hbWRhbGF5LmNvbT9qc2k9MzE2MzYxNmM2YzYxNmM2MTczNmI2MTQwNmU3MjYzNjMyZTYzNmY2ZCZzaG93 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://uuul.unlversalfamily.com/?fpQ6RJw3s=oWraXusXbLQaYnOfCKL5&email=1callalaska@nrcc.com&tWPrpSnr22EQj3qhTKOSdNcrwJmGookZ0wDuM9tZXBZTd8zycQY6hw3iDTgVZAXnuGNLJdTUpLkXNRWFLpHOlbPQtI6tUpiQGps9vGqD0O7VzpgvSHI52Us5bxU7ALzImYF9EMuj3Yj2tTwb3OoSXGfoVohn09HqYBTVEU5jaTZwHVajIpjy3Op4ihlTuTItjhapDM3G0pxz9DusikjwgeVrHGc5qkYO6EWTnWix1HsE4eAuS1p9S7qXZFT038OlSyhrh3arBbU4ElSrI2Y05YU7YmJWuGOrgkamQqEG2VGTR#loginScreen Message: Access to XMLHttpRequest at 'https://uuul.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck' from origin 'https://uuul.unlversalfamily.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uuul.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://uuul.unlversalfamily.com/login/interact/00gYpE6T9-_1o0SH0qj3l3M9iMIYc3Bz8L_cAHsOvZ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mamdalay.com
ok12static.oktacdn.com
uuul.kerberos.unlversalfamily.com
uuul.unlversalfamily.com
wxfu.marciaedarrell.com.br.
uuul.kerberos.unlversalfamily.com
108.156.172.60
162.213.255.79
162.241.60.111
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
18b485a41cd34d42b48932730c71f668984b961260b10648c0607524d46a7a81
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
7a2ba96a25312028a921554bfed32afd1b88e71a248cc34a69c92a7ff58ec6db
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
b579f84836a97835b2e0d495b7a60ec1bdf334709bbebcf521c09e30754b196f
bf54538a1951e9e4ed0b407ffbed2583fd441fcc087da5c6657a0cde6d0c0208
e69c050573c554d09b630922f49fd7f9566bb7ab86acd036a1c4a7b22f920fc2
e80ca8b1552df5873c76d4daa8c917efec3637ab33ba20061af95841387348da
f5662c6b65138cf94a359babb8a426598f925f4f49a3f80534193755596814bf
fa8d06777006ade2f99117db1b55f67159ce977f52fdb04f373b1a93e70c7f02

uuul.unlversalfamily.com Open in urlscan Pro 162.213.255.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

77 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

292 kBTransfer

515 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

uuul.unlversalfamily.com Open in urlscan Pro
162.213.255.79 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

77 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

292 kB
Transfer

515 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions