gtf69xx.pe.hu
Open in
urlscan Pro
31.170.166.180
Malicious Activity!
Public Scan
Submission: On March 20 via automatic, source openphish
Summary
This is the only time gtf69xx.pe.hu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 31.170.166.180 31.170.166.180 | 47583 (HOSTINGER-AS) (HOSTINGER-AS) | |
6 | 162.125.66.6 162.125.66.6 | 19679 (DROPBOX) (DROPBOX - Dropbox) | |
1 | 185.60.216.19 185.60.216.19 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
8 | 3 |
ASN19679 (DROPBOX - Dropbox, Inc., US)
dl.dropboxusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
dropboxusercontent.com
dl.dropboxusercontent.com |
136 KB |
1 |
fbcdn.net
static.xx.fbcdn.net |
876 B |
1 |
pe.hu
gtf69xx.pe.hu |
3 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
6 | dl.dropboxusercontent.com |
gtf69xx.pe.hu
|
1 | static.xx.fbcdn.net |
gtf69xx.pe.hu
|
1 | gtf69xx.pe.hu | |
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://gtf69xx.pe.hu/login.php
Frame ID: 1BCDD85EA5D84378CBBB474DC3CBBAE3
Requests: 8 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Lua (Programming Languages) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
gtf69xx.pe.hu/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-001.css
dl.dropboxusercontent.com/s/r569q2xpt0xti0l/ |
86 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-002.css
dl.dropboxusercontent.com/s/u7jck0wqkk9y3oh/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-003.css
dl.dropboxusercontent.com/s/z3r1icfvhfi9eqh/ |
71 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-004.js
dl.dropboxusercontent.com/s/i1r5f93n5cjcn1k/ |
240 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-iLOGOOO2.png
dl.dropboxusercontent.com/s/m62oi2d3dx54d5f/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
95 B 876 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4SyundElK-iLOGOOO1.png
dl.dropboxusercontent.com/s/bglqhgh90ipzto5/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| Env object| ErrorUtils function| ProfilingCounters object| TimeSlice function| Arbiter object| JSCC function| $ function| ge function| emptyFunction function| goURI object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister object| Parent function| wait_for_load0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dl.dropboxusercontent.com
gtf69xx.pe.hu
static.xx.fbcdn.net
162.125.66.6
185.60.216.19
31.170.166.180
1797d4e480a124997d9632fa2f2311a5b2110ace440394ef760ad650b596d710
34950715c4f9acf50431983b33cfc94ae64121c2b9431346d6104e0237e9163c
527b47b6ad2fe861da2d0cd38366a6737bd56132b07b6d2eff3734b03ddc9558
61f78d32d049e9aaed8661e8d2d7d5f08761741e5c4c814ad562aa9a86c42a10
6f12e7d43af3fc54aaf5279e0f9c36cfe23bf4ce01baed57b6cd09979bb6d9b5
a8378326749364d189d0cb55e9d769385ad8f1e7653cf9f2b12e9ed0a5f1de32
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
fdc6cfe2677dd8c3da51bc3b92909bcf8ab8e6d04d989ec60f74feb9198a0c28