pubgbox13.com Open in urlscan Pro
62.171.174.249  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pubgbox13.com/login/facebook/	17 KB 6 KB	142ms 43ms	Document text/html	62.171.174.249 CONTABO
General Check archive.org Show headers Download Go to Full URL https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.171.174.249 , United Kingdom, ASN51167 (CONTABO, DE), Reverse DNS Software LiteSpeed / Resource Hash dc5764b364c36f605d620cdd04c89f93802df5d73bc5113d3d974f8d5b3fe5fe Request headers :method GET :authority pubgbox13.com :scheme https :path /login/facebook/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 set-cookie PHPSESSID=00af00f373771a5d49e1218108f35a62; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Tue, 14 Jul 2020 05:24:00 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H2	200	-9E6azBTDYG.css z-m-static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/	86 KB 19 KB	20ms 6ms	Stylesheet text/css	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/-9E6azBTDYG.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a8006bff0823f8f2acdf20f250f0e3de61913a5cae1dc59596c75f200e112a3c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 SFz18ntCE5h6S0oQ+J7Dcw== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 19359 x-fb-debug uG4T7BKB0u6WHOxJJf7bAUCdGUmasriPHTsyJo6aJmDgnP2ejENpvqJ/swC4a3aa4wvvEBZJfr+IdQvl5IdnGA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Wed, 30 Jun 2021 15:40:50 GMT
GET H2	200	1S-x6XNTt2x.css z-m-static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/	14 KB 3 KB	25ms 11ms	Stylesheet text/css	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/1S-x6XNTt2x.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 165ef953ae1ae83e11a7ab64fa8a81b8e3eb8b9bb9d00ad1d14f8d27f710cc4c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 5OyQxtUA15i26sxoyhAa4w== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 3177 x-fb-debug HoGuomQazrR9Jy3hbq6aQLBHjn+snc6kgmwdkEAasNy+BWB9bSOXKF2rxIT1Rdc9+/SJFNIEi1nRpax0btJv8w== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Mon, 05 Jul 2021 17:44:43 GMT
GET H2	200	za0kEiD1hWZ.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/y8/r/	223 KB 58 KB	25ms 12ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y8/r/za0kEiD1hWZ.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8e266ec150b3e5d3087b165d0408582a5ccb19097a1aa49c18af8823925b2c57 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 lx6zk8prP6XlYAuUOMceTQ== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 58808 x-fb-debug 6PVBcfYQfpqFShhAtA91DIelaPyn9FN7L/1mV8FDOXxSPt4uxcCSLJTChRWBXnYULDtspafCq9/h7X7l7w5/PQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Mon, 05 Jul 2021 07:27:22 GMT
GET H2	200	icon_logo.jpg www.pubgmobile.com/id/event/royalepass10/images/	73 KB 74 KB	44ms 4ms	Image image/jpeg	2a01:4a0:1338:28::c38a:ff10 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Show image Full URL https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef Request headers Referer https://pubgbox13.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 05:24:00 GMT last-modified Thu, 16 Apr 2020 11:54:49 GMT server nginx etag "5e984789-1258d" content-type image/jpeg status 200 accept-ranges bytes content-length 75149
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 999 B	56ms 44ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://pubgbox13.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma no-cache x-fb-debug J75UiUjfTAdNIW0vfqTDFgrj7fXW5fisKc4ZY1BLuNWWpX6bV0Za57sbkhXXa4F/eKpgvltDigoK6bXSmYclnA== x-frame-options DENY date Tue, 14 Jul 2020 05:24:00 GMT vary Origin, Accept-Encoding access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cZNlE2MSude.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/	91 KB 26 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/cZNlE2MSude.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 52af6fb105cef3c3e29f9be79ca3d1b8e75f05f87442612d698604880b110a21 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 eIRYyBIQGU9dYQl8MW1D/Q== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 26123 x-fb-debug VC1dGVv0KfVpJhkpW/Me8CjhrMYsmGUrNb7pzmHSA9aFek9XHFi+A53rNx7OvWiX/TgsurgKf0HrXS6UylA6WA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Tue, 06 Jul 2021 02:08:38 GMT
GET H2	200	CpVr7AAHyi9.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3iS674/yv/l/en_US/	112 KB 31 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3iS674/yv/l/en_US/CpVr7AAHyi9.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7081180c7519f67f7942ffe6dbfa50c3821f47a2775c7acef3cd01eb262ba587 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 thdNki/plG2UiC9zTkcePQ== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 31623 x-fb-debug PMH789Ik0A8VASmXTic7RfXBSo6KbFWiS9GTMVFD4HvpdBBpe+7gt7hQPvJ5/37vVzSa81iahyFtq8oA6+2SUw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Wed, 30 Jun 2021 15:40:50 GMT
GET H2	200	7ZKsjz086BY.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3iooI4/y_/l/en_US/	69 KB 21 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3iooI4/y_/l/en_US/7ZKsjz086BY.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash feefae69c00678849cf9183a75ad6ceae806720e4e031bd132a60ae27fcae6e9 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://pubgbox13.com/ Origin https://pubgbox13.com Response headers date Tue, 14 Jul 2020 05:24:00 GMT content-encoding br x-content-type-options nosniff content-md5 sGndvzgboCgubjXZqCn1OA== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 21314 x-fb-debug VjUJDQugvbE1lg+Z1GZoZRX736hjGn0Q4E7R4IxuvbgYAWRoa/CFP6N7Dl0jjgCYxMqHNm7Jml57faP8G9F4uQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Mon, 05 Jul 2021 09:25:49 GMT
GET H2	200	YV5G0ZVUTlj.png z-m-static.xx.fbcdn.net/rsrc.php/v3/yr/r/	9 KB 9 KB	18ms 6ms	Image image/png	2a03:2880:f11c:8184:face:b00c:0:14c9 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yr/r/YV5G0ZVUTlj.png Requested by Host: pubgbox13.com URL: https://pubgbox13.com/login/facebook/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2ff70029c9c794884e15302907c07ade1382ff54cbca470fed546dd893d25420 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/-9E6azBTDYG.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fb-debug bVy+DN+AGW63bCwJYKdDuXjRURhlA91krkLMg3yco+gUPEZjaKT040vmTDUsosZRcSOPoinwe5+TgzhRlSn/Yg== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 l2vimuDlFo0Q3MuPnlHMIA== date Tue, 14 Jul 2020 05:24:00 GMT status 200 content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 8851 expires Wed, 30 Jun 2021 06:14:46 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network) Generic Gaming (Entertainment)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pubgbox13.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 00af00f373771a5d49e1218108f35a62

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
pubgbox13.com
www.pubgmobile.com
z-m-static.xx.fbcdn.net
2a01:4a0:1338:28::c38a:ff10
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f11c:8184:face:b00c:0:14c9
62.171.174.249
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
165ef953ae1ae83e11a7ab64fa8a81b8e3eb8b9bb9d00ad1d14f8d27f710cc4c
2ff70029c9c794884e15302907c07ade1382ff54cbca470fed546dd893d25420
52af6fb105cef3c3e29f9be79ca3d1b8e75f05f87442612d698604880b110a21
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7081180c7519f67f7942ffe6dbfa50c3821f47a2775c7acef3cd01eb262ba587
8e266ec150b3e5d3087b165d0408582a5ccb19097a1aa49c18af8823925b2c57
a8006bff0823f8f2acdf20f250f0e3de61913a5cae1dc59596c75f200e112a3c
dc5764b364c36f605d620cdd04c89f93802df5d73bc5113d3d974f8d5b3fe5fe
feefae69c00678849cf9183a75ad6ceae806720e4e031bd132a60ae27fcae6e9