facebooknotify.herokuapp.com
Open in
urlscan Pro
52.70.139.21
Malicious Activity!
Public Scan
Submission: On June 04 via manual from US
Summary
This is the only time facebooknotify.herokuapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 52.70.139.21 52.70.139.21 | 14618 (AMAZON-AES) (AMAZON-AES) | |
15 | 2a03:2880:f04... 2a03:2880:f046:f:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f14... 2a03:2880:f146:82:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
19 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-139-21.compute-1.amazonaws.com
facebooknotify.herokuapp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
fbcdn.net
static.xx.fbcdn.net |
656 KB |
3 |
herokuapp.com
facebooknotify.herokuapp.com |
56 KB |
1 |
facebook.com
facebook.com |
936 B |
19 | 3 |
Domain | Requested by | |
---|---|---|
15 | static.xx.fbcdn.net |
facebooknotify.herokuapp.com
|
3 | facebooknotify.herokuapp.com |
facebooknotify.herokuapp.com
|
1 | facebook.com |
facebooknotify.herokuapp.com
|
19 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://facebooknotify.herokuapp.com/
Frame ID: 24C2F4EABFA707025463253AB0BBD56A
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /^Cowboy$/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /^Cowboy$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgot account?
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
facebooknotify.herokuapp.com/ |
37 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.css
facebooknotify.herokuapp.com/assets/ |
0 269 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-91fc280778cf9d1f7b8e.js
facebooknotify.herokuapp.com/packs/js/ |
69 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5RCCBPr-XuU.css
static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ |
68 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XFfGk7QuCqv.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bFBGLBww3et.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ |
312 KB 77 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lO3ZOdjjTF3.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ |
224 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WUk7VB5DvIG.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lZ86cv9aR90.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
40 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GsNJNwuI-UM.gif
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ |
522 B 794 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 936 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65GdIG6Jgwp.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yt/l/en_US/ |
64 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jIZjM6AtU_c.js
static.xx.fbcdn.net/rsrc.php/v3iiTD4/yg/l/en_US/ |
2 MB 422 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01c6tvSm0ot.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oMHMinUn6wx.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Vb79ZNQ5DxJ.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DQDvQ2X3Nby.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Zk8_83wcUCC.png
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2USVNQFG-rZ.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate boolean| _rails_loaded object| Turbolinks number| __DEV__ function| CavalryLogger1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
facebooknotify.herokuapp.com/ | Name: _napster_session Value: mvDXADwv0ntMaMTzlF2mf84Rakx9bGvp%2FY8U%2BtKU2dzzUZ2OPI2Yp3AeMgycPKOHIbDk%2BGUo041rIAUtIeqbJmHDB6CDrhRrK3b7y8RAobq07ICwFnie6JMHzuuzX1ENXY840%2FfQTTaSpI2p5SaQ1mN4PBp1wN%2BEZoU1yKDnSE3%2FySV4Fsp29RnGQmU5RhZ%2Faq9PJRybUHA%2B9q0xT2uyn0mWUzxE4UHZ2LCjLAUQmsAyWi88y9FJFnCM8oHoluXFQ%2FsRho%2BEDHf79rEzt4%2Ftb7FmTJRdx90y--tZbKtS7RUIoxfXF5--XowvkbPZoCBqv2wDPvSUlA%3D%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
facebooknotify.herokuapp.com
static.xx.fbcdn.net
2a03:2880:f046:f:face:b00c:0:3
2a03:2880:f146:82:face:b00c:0:25de
52.70.139.21
01b8df8a0a516d55fd374bf04f73a34f7f2a5220ef5b1cb62a2b3f4cffa80677
0c33419a91cade5912dbfff73632def9618cf8c7f4f3fcf6173619a03f705fe7
10997f7772bd42c70ff83439d0554b208f0b60615d3450db863083f22463d67b
122b2999e1b518669d4b94dbfdcc3302dd8d72fc38048066131be887be8e763c
2d0296c7d9ef20af098dacbbb5a9247bcb1912b15fa88b025c411c962899fdb3
2d6c37860b6e4a1610879d5b3d4a80310eaa63e533641d77e2903e48e2e5dc87
3d3aa758acc2220838eac617c0aaf3d4b5c044a2c97a69ff894c66ed4ffcc483
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
9a29f91c2d92227dbea5f55134543fbdcc4d4a998484f48be909927e2d0157a1
9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773
b3f5f12f8744c101889c9f5ce27f0c4edab9f5596bb0d9db387f0199aba4fb0a
b9763e9be148b0824d550ea1310b41769398abc407a3532ebec8cf0c11312c5c
c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b
cf9cac0fa688e2c311617d6d62a9a54adffb006f5d90f9dc22b89b2f373cd9bd
d06acdd7b6475edb8a50a543aae6dd439bb62e731215a5a7d04b16cf2067ecc2
db453073b56dd7769ff759b6ef853017dcae864d5cd7b8fa3dc185585d0290b6
e108d8dc0d1081906cb116ac872156a3031395dc56b2ef4eb0829186e10104de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee33568a649fe7dcbdd4b7f7df09153f7698f1383cb3cb96dcca75010f7c149c
f4f172b324b9c42919b52d56295013538e3d5ff1fa6a15d371168e91c1276ba3