![](/screenshots/77c2ceea-a3b7-4939-9163-bb9e9519aec5.png)
www.citizenencoveragebonus.com
Open in
urlscan Pro
3.224.141.128
Public Scan
Submission: On October 10 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on September 10th 2023. Valid for: 3 months.
This is the only time www.citizenencoveragebonus.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.224.141.128 3.224.141.128 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 143.204.29.73 143.204.29.73 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:9000:20e... 2600:9000:20ed:ce00:b:3165:13c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 172.104.216.67 172.104.216.67 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
7 | 108.139.29.117 108.139.29.117 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 18.160.146.44 18.160.146.44 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 184.72.178.168 184.72.178.168 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
22 | 11 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-141-128.compute-1.amazonaws.com
www.citizenencoveragebonus.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-29-73.den50.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
d1wbjksx0xxdn3.cloudfront.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: emailrelaysys.com
api.stimiinc.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-117.jfk50.r.cloudfront.net
fonts.ub-assets.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-160-146-44.den52.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-178-168.compute-1.amazonaws.com
events.ub-analytics.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 31611 |
83 KB |
4 |
cloudfront.net
d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net |
242 KB |
2 |
ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 36641 |
241 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187 |
87 KB |
2 |
unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 26844 |
37 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 116 |
185 B |
1 |
stimiinc.com
api.stimiinc.com |
289 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 925 |
30 KB |
1 |
citizenencoveragebonus.com
www.citizenencoveragebonus.com |
10 KB |
22 | 9 |
Domain | Requested by | |
---|---|---|
7 | fonts.ub-assets.com |
builder-assets.unbounce.com
fonts.ub-assets.com |
3 | d9hhrg4mnvzow.cloudfront.net |
www.citizenencoveragebonus.com
|
2 | events.ub-analytics.com |
d1wbjksx0xxdn3.cloudfront.net
|
2 | connect.facebook.net |
www.citizenencoveragebonus.com
connect.facebook.net |
2 | builder-assets.unbounce.com |
www.citizenencoveragebonus.com
|
1 | www.facebook.com |
www.citizenencoveragebonus.com
|
1 | api.stimiinc.com |
code.jquery.com
|
1 | d1wbjksx0xxdn3.cloudfront.net |
www.citizenencoveragebonus.com
|
1 | code.jquery.com |
www.citizenencoveragebonus.com
|
1 | www.citizenencoveragebonus.com | |
22 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.citizenencoveragebonus.com R3 |
2023-09-10 - 2023-12-09 |
3 months | crt.sh |
*.unbounce.com Amazon RSA 2048 M01 |
2023-02-21 - 2024-02-07 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
api.stimiinc.com R3 |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
fonts.ub-assets.com Amazon RSA 2048 M02 |
2023-06-01 - 2024-06-29 |
a year | crt.sh |
*.ub-analytics.com Amazon RSA 2048 M01 |
2023-03-11 - 2024-04-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.citizenencoveragebonus.com/
Frame ID: 32E2548419A42D3BFD6B1FCA0DD5B635
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/77c2ceea-a3b7-4939-9163-bb9e9519aec5.png)
Detected technologies
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.citizenencoveragebonus.com/ |
46 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
d1wbjksx0xxdn3.cloudfront.net/lts/ |
43 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.bundle-b8bce47.z.js
builder-assets.unbounce.com/published-js/ |
104 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
198 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.stimiinc.com/is-valid-fbclid/ |
0 289 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f4a9d13d-35a3-4f11-83f2-53e55213f9dc
https://www.citizenencoveragebonus.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.ub-assets.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f9a8ade6-group-171.svg
d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/ |
34 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62e82ffe-animation-16892802444991.gif
d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/ |
179 KB 180 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eadb9c6e-adobestock-192875699-converted-_107805k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/www.citizenencoveragebonus.com/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
i
events.ub-analytics.com/_ub/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
events.ub-analytics.com/_ub/ |
2 B 241 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
651346190305405
connect.facebook.net/signals/config/ |
131 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ub object| module function| $ function| jQuery function| fbq function| _fbq function| waitingInfo undefined| interval function| countdown function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| ubSnowplowInitialized4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.citizenencoveragebonus.com/ | Name: ubvs Value: a66ffa0e-bf36-4299-a3ca-5e31bc98476a |
|
.citizenencoveragebonus.com/ | Name: ubvt Value: v2%7Ca66ffa0e-bf36-4299-a3ca-5e31bc98476a%7Cff24ea70-d514-43bd-acbe-0d728ad63bd2%3Aa%3Asingle |
|
www.citizenencoveragebonus.com/ | Name: ubpv Value: a%2Cff24ea70-d514-43bd-acbe-0d728ad63bd2 |
|
.citizenencoveragebonus.com/ | Name: _fbp Value: fb.1.1696974005626.416585143 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.stimiinc.com
builder-assets.unbounce.com
code.jquery.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
www.citizenencoveragebonus.com
www.facebook.com
108.139.29.117
143.204.29.73
172.104.216.67
18.160.146.44
184.72.178.168
2600:9000:20ed:ce00:b:3165:13c0:21
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::649
3.224.141.128
0eddd1cdd321be399e897d44d4c6e7fe9eda6a769495ec7df7ed29003cc336e2
1d4e475fab43eb4f3e136918474d18c425ee26191dd6358bee4fb4721bc51a20
24afec876188f08bd8648d3b3db184c92cd72fa3b02638693d03c4ce1c45ffd8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
5c44b14ce11aa4371833261eb0dc8dced651f9d5c994a86654d09df42f8e8e1c
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
cb70fd4c80c82f3754c005a95b272350bf54038d1a71d690109245e36867e459
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d10cf18bb6410c9849aace6f6d41c277ce8f0edfd5c8e8edef4bfdd790b90002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e