fb-cs-support.biz.id Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fb-cs-support.biz.id/	3 KB 1 KB	710ms 411ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fb-cs-support.biz.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f24a6862c74655b0815de9c2b70cef02f18637a2875edf6836fd16bc372b9c8b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fc4d824cb910482-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Aug 2023 15:24:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC%2FuAaTn%2FsM3wVMjTrlXcloUkTTZ0K0ec7U65Td79taXenjOg2rkwodjdEqTXgIBoVLxogvT3uHJLKV67QpKz6WOjBr2%2B2sWXRldHToYPekTyoM%2FWP7QCZKqwWe6gt1zcTC7e%2FlT87Ak8GBr%2BTyik%2B%2FCTA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	rocket-loader.min.js Show response fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	22ms 22ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://fb-cs-support.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 23 Aug 2023 13:09:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64e60500-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVNHzHUabniafxHLdJ7F1jGBcrZLN8AGlGlOYbUVTlQos%2FbHHFXvtWK6coSz3kH%2BSFAUc8QfY1zo%2B%2FOeYi5r96D770lJjdBW4a3khTtHAqHxB6xJNjUz9isVOS7GiHM5LmN5KMPMjKI2XcIcSJWqpOVTPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7fc4d8276a4e0482-FRA expires Sun, 27 Aug 2023 15:24:51 GMT
GET H2	200	/ Show response rgrgfsdsdsfdfgvb.my.id/ Frame 42D2	4 KB 2 KB	620ms 361ms	Document text/html	2606:4700:3031::ac43:8946 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rgrgfsdsdsfdfgvb.my.id/ Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8946 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 732ffda6228446083382e0961e33fa334aee54a4e7dfa312e3986c5f50d897c0 Request headers Referer https://fb-cs-support.biz.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fc4d8292ffc30c9-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Aug 2023 15:24:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYlykaO%2BcWTKJvoBz5RFylJn7vGTpXH1A5B3SSkhXz%2FzfPiFaoGhMQHMKhj0Z%2BP7mwiQBscD37WhiZ1Q0xMZxiV%2F6KEnDKps%2FQY58c09QrTmYbRMYm%2FoD9c4IT9U5%2FFMa2W4y%2BV9twBiPCXyjx7hH1dx2aEy"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 92 KB	70ms 23ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fb-cs-support.biz.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 12:57:05 GMT x-content-type-options nosniff age 8866 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93100 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Aug 2024 12:57:05 GMT
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ Frame 42D2	157 KB 25 KB	82ms 34ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rgrgfsdsdsfdfgvb.my.id/ Origin https://rgrgfsdsdsfdfgvb.my.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 1055 age 38567 cdn-cachedat 07/07/2023 01:23:40 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"816af0eddd3b4822c2756227c7e7b7ee" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 4bd4b5207e3f516b047f1f6acbb98ea0 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7fc4d82bbe08916e-FRA cdn-requestpullsuccess True
GET H2	200	styel.css rgrgfsdsdsfdfgvb.my.id/css/ Frame 42D2	855 B 671 B	359ms 356ms	Stylesheet text/css	2606:4700:3031::ac43:8946 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rgrgfsdsdsfdfgvb.my.id/css/styel.css Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8946 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c4007f08084fd9075d30dac082a481e260e864535d51a94731a23d9531ea06f Request headers accept-language nl-NL,nl;q=0.9 Referer https://rgrgfsdsdsfdfgvb.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 22 Aug 2023 02:57:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l6vOcIhiCqc7tuz8DP6XesaHJ6p0c1UuISQU3xwAjbsJf9vtLROL7DJ1oK5gqNrog62HSufp1C0i6ECm3olqowCpsYkBf9KQ6KMTNLmnv0D%2B6zKNiP%2FwB1OaHOqr%2BzfqVnrU%2BVoBaqaSK393GDpELPAj50E"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7fc4d82b6bf730c9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	Meta-Logo-Facebook-The-Apple-Post.jpeg rgrgfsdsdsfdfgvb.my.id/img/ Frame 42D2	25 KB 25 KB	359ms 357ms	Image image/jpeg	2606:4700:3031::ac43:8946 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rgrgfsdsdsfdfgvb.my.id/img/Meta-Logo-Facebook-The-Apple-Post.jpeg Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8946 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19385cf17bbefbf0d6b5fcde99e2782b9043a673a959ef761a9c3cc4c9a2d5cd Request headers accept-language nl-NL,nl;q=0.9 Referer https://rgrgfsdsdsfdfgvb.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT cf-cache-status REVALIDATED last-modified Thu, 24 Aug 2023 17:33:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoRbzjA9tKsoSM%2BhqvYgxoOnFWEdRohNdj5T8i5soy64RuIgmCqJY9NcdkrApw2uQv76MNIT21MORvDTW7PSR4oSDUyXa3qEY%2FDpHJOqR7NmYle4jteRpPHDTInlegbU8iojyBK6Y7tWDZgD3LXuehgU1U1q"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7fc4d82b6bfb30c9-FRA alt-svc h3=":443"; ma=86400 content-length 25727
GET H2	200	jquery-3.5.1.slim.min.js Show response code.jquery.com/ Frame 42D2	71 KB 24 KB	49ms 16ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.slim.min.js Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Request headers Referer https://rgrgfsdsdsfdfgvb.my.id/ Origin https://rgrgfsdsdsfdfgvb.my.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-11abc" vary Accept-Encoding x-hw 1692977092.dop257.am5.t,1692977092.cds265.am5.hn,1692977092.cds110.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24606
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 42D2	21 KB 8 KB	75ms 29ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rgrgfsdsdsfdfgvb.my.id/ Origin https://rgrgfsdsdsfdfgvb.my.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10374112 x-jsd-version 1.16.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230124-FRA, cache-yyz4561-YYZ x-jsd-version-type version server cloudflare etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGmDaM47KPYpK55OrMnqG0HKRXlzzGjaIvcuE9qMPg3L9qj2f3Xs48xA55qnsffr86ITtryjf9zfT6DL5FZoULjQu2qYDIIQmESS0Ym4W2VEylA785JjyRgJ1H3SheY4%2FcZJNewtRRsaj6OKIGk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 7fc4d82bbab137fc-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ Frame 42D2	59 KB 15 KB	82ms 36ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: rgrgfsdsdsfdfgvb.my.id URL: https://rgrgfsdsdsfdfgvb.my.id/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rgrgfsdsdsfdfgvb.my.id/ Origin https://rgrgfsdsdsfdfgvb.my.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 864 age 38567 cdn-cachedat 08/09/2023 18:09:04 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"02d223393e00c273efdcb1ade8f4f8b1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 6ce649a7f3a6394ac543d5cf6f622bbe timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7fc4d82bbe0b916e-FRA cdn-requestpullsuccess True
GET H2	404	jScript-first1.js cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/	0 0	211ms 210ms	Script text/plain	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-first1.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fb-cs-support.biz.id/ Origin https://fb-cs-support.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230098-FRA, cache-jnb7022-JNB server cloudflare etag W/"3f-4ou9zEPLWUxzw2KawGm4CSy7HyE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR4uhHFdFKHRtgaeZ9nuu3TLwqlc%2FHzJ8dmoNKlRxRIVlUlrqF3EsYkUKypzokLcn3zeL%2BsZFGF1uGqxFL55zrcUWuN20yPfC2H2agvKhU9L6RH1xDn9yaLwpJGGezKJO9WMDIOtsn8A3PlpxZU%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=600, s-maxage=600 timing-allow-origin * cf-ray 7fc4d82dfe6c37fc-FRA
GET H3	404	jScript-second.js cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/	0 0	212ms 211ms	Script text/plain	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-second.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fb-cs-support.biz.id/ Origin https://fb-cs-support.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230087-FRA, cache-jnb7026-JNB server cloudflare etag W/"3f-4ou9zEPLWUxzw2KawGm4CSy7HyE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivIaRjJPDYGq3OR%2FM7GsJ15NqwhfA1q%2FCZAuzTFJY8%2B5COHmyXejsNRHDgD6lMGYD1VB6RhDJOWwHLbzgNwSRyo1Yti5HY3f0s6UveIvwJkcD8EnRx%2BzuP4SvI0GAA3R%2BTxjxL2kGttsAA5IjCc%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=600, s-maxage=600 timing-allow-origin * cf-ray 7fc4d82f59296907-FRA
GET H3	404	jScript-third.js cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/	0 0	218ms 218ms	Script text/plain	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-third.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fb-cs-support.biz.id/ Origin https://fb-cs-support.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230124-FRA, cache-jnb7020-JNB server cloudflare etag W/"3f-4ou9zEPLWUxzw2KawGm4CSy7HyE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF8p0lSrZMd2NRb8Rhjbdt%2BWZMjMqdTUZDo7MONCnoFOCTITb%2FW0sYJcbSPdso155vtuQNuzSea4GmmgqikoAwfRNy5SkQ9oakM6QGzFSyvz%2Bamv1%2BwGhyJuMHAieTvZb1vs39Uwgy2VLM2tOko%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=600, s-maxage=600 timing-allow-origin * cf-ray 7fc4d830abea6907-FRA
GET H3	404	jScript-fifth.js cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/	0 0	210ms 209ms	Script text/plain	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-fifth.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fb-cs-support.biz.id/ Origin https://fb-cs-support.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230097-FRA, cache-jnb7022-JNB server cloudflare etag W/"3f-4ou9zEPLWUxzw2KawGm4CSy7HyE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvDaf%2Fa7Ri8akJghP6mMHhfL5R%2F6w9paviiUhPeRm2SeJFgG33Wy7xQn6ovzuZECT8yhNI102Z49PN9BCkMn9LYWe6v91HPYzYa95KHS0uv6j%2Fb5JwGFSZEGV1uSzJ3viWEK3RlN0ImB3jw01CI%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=600, s-maxage=600 timing-allow-origin * cf-ray 7fc4d8320e5a6907-FRA
GET H3	404	jScript-sixth.js cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/	0 0	212ms 212ms	Script text/plain	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-sixth.js Requested by Host: fb-cs-support.biz.id URL: https://fb-cs-support.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fb-cs-support.biz.id/ Origin https://fb-cs-support.biz.id accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 15:24:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230108-FRA, cache-jnb7020-JNB server cloudflare etag W/"3f-4ou9zEPLWUxzw2KawGm4CSy7HyE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlDfFQG2ddeXXnSGoyqHXmhavjKuJYiuQO0kM9cbVMLO7UC4Owl8HePXTEzCKWZzkvUVXNe%2BzlCu94%2By%2FKAn1sqocGmbz%2FAqBLOQlchO0xoMOY1Nb7OpI07%2Bs6CE7w5j4443HJ%2B2z5gOZCS5ZUk%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=600, s-maxage=600 timing-allow-origin * cf-ray 7fc4d8335fbb6907-FRA

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfQR function| $ function| jQuery function| calcHeight object| jQuery110207107009878763737 boolean| __cfRLUnblockHandlers

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-first1.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://fb-cs-support.biz.id/ Message: Refused to execute script from 'https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-first1.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-second.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://fb-cs-support.biz.id/ Message: Refused to execute script from 'https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-second.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-third.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://fb-cs-support.biz.id/ Message: Refused to execute script from 'https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-third.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-fifth.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://fb-cs-support.biz.id/ Message: Refused to execute script from 'https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-fifth.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-sixth.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://fb-cs-support.biz.id/ Message: Refused to execute script from 'https://cdn.jsdelivr.net/gh/swat-cloud-github/web-headers@main/jScript-sixth.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
fb-cs-support.biz.id
rgrgfsdsdsfdfgvb.my.id
stackpath.bootstrapcdn.com
2001:4de0:ac18::1:a:3b
2606:4700:3031::ac43:8946
2606:4700::6810:5714
2606:4700::6812:acf
2a00:1450:4001:803::200a
2a06:98c1:3121::3
0c4007f08084fd9075d30dac082a481e260e864535d51a94731a23d9531ea06f
19385cf17bbefbf0d6b5fcde99e2782b9043a673a959ef761a9c3cc4c9a2d5cd
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
732ffda6228446083382e0961e33fa334aee54a4e7dfa312e3986c5f50d897c0
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f24a6862c74655b0815de9c2b70cef02f18637a2875edf6836fd16bc372b9c8b
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f