testando.xyz Open in urlscan Pro
177.55.120.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJF...
Submission Tags: 6285460
Submission: On November 19 via api (November 19th 2019, 12:03:20 pm UTC) from NL

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 177.55.120.2, located in Brazil and belongs to RedeHost Internet Ltda., BR. The main domain is testando.xyz.

This is the only time testando.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
9	177.55.120.2 177.55.120.2	53057 (RedeHost ...) (RedeHost Internet Ltda.)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
11	3

9 177.55.120.2 (Brazil)

ASN53057 (RedeHost Internet Ltda., BR)

testando.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	testando.xyz testando.xyz	145 KB
1	imgur.com i.imgur.com	802 B
0	akamaihd.net Failed fbstatic-a.akamaihd.net Failed
11	3

	Domain	Requested by
9	testando.xyz	testando.xyz
1	i.imgur.com	testando.xyz
0	fbstatic-a.akamaihd.net Failed	testando.xyz
11	3

This site contains links to these domains. Also see Links.

Domain
m.wefwfwefwf.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en
Frame ID: BD63DC1E3511CD5FD43B14DAF5E8F711
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

146 kB
Transfer

527 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://m.wefwfwefwf.com/login/?refid=8
Title: wefwfwefwf

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://goo.gl/izVd27 HTTP 302
https://fbstatic-a.akamaihd.net/rsrc.php/v2/yw/r/C8gYaQFqrv-.css

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response testando.xyz/app/facebook.com/	13 KB 4 KB	520ms 488ms	Document text/html	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / PHP/5.6.30 Resource Hash `9964b9b1ca43635e0741e25d3c5d1c452897c74be553ce72d2706efdbf0a2107` Request headers Host testando.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Server Apache X-Powered-By PHP/5.6.30 Expires Thu, 19 Nov 1981 08:52:00 GMT Wed, 11 Jan 1984 05:00:00 GMT Pragma no-cache no-cache Cache-control private Set-Cookie PHPSESSID=kjnek5t2k7v8tok11huhot0l62; path=/ Vary Accept-Encoding Content-Encoding gzip Cache-Control max-age=0, no-cache, no-store, must-revalidate Content-Length 3718 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=ISO-8859-15
GET		C8gYaQFqrv-.css fbstatic-a.akamaihd.net/rsrc.php/v2/yw/r/ Redirect Chain https://goo.gl/izVd27 https://fbstatic-a.akamaihd.net/rsrc.php/v2/yw/r/C8gYaQFqrv-.css	0 0

GET H/1.1	200 OK	EzVal-wlDVl.css testando.xyz/app/facebook.com/mamaguebo/	100 KB 23 KB	259ms 257ms	Stylesheet text/css	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/EzVal-wlDVl.css Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `272797f40ebb2fd5d87d6b8d42b32f5d95821de7a82d0f33a68c0cddb316c0da` Request headers Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "190da-532cdf654f280-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 22894 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	69tiZv6zntL.css testando.xyz/app/facebook.com/mamaguebo/	5 KB 1 KB	484ms 466ms	Stylesheet text/css	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/69tiZv6zntL.css Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `d4f0dbc547092abbd3942b1132966864d73fc27f5a62055dab8124b8967f5632` Request headers Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "1237-532cdf654f280-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 909 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	NVEWVx5ynw1.js Show response testando.xyz/app/facebook.com/mamaguebo/	21 KB 8 KB	496ms 478ms	Script application/javascript	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/NVEWVx5ynw1.js Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `35859166484dc45ee29481a5e59830bffe84af3df4aaf8f3a8b68d8e9306af52` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Origin http://testando.xyz Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "55b4-532cdf654f280-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7697 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	HK15Uinpdrf.js Show response testando.xyz/app/facebook.com/mamaguebo/	57 KB 15 KB	500ms 482ms	Script application/javascript	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/HK15Uinpdrf.js Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `7c5b14cf5f44f3c5be49c7d37c2c902a147ee0fb5b1daf01f00067c1f0b54320` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Origin http://testando.xyz Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "e2bd-532cdf654f280-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 15338 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	Phxu0hOCD9z.js Show response testando.xyz/app/facebook.com/mamaguebo/	222 KB 60 KB	503ms 485ms	Script application/javascript	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/Phxu0hOCD9z.js Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `2a4bcf36642618800963b8938bed7a1b8310e835047a8978b516c125858172a2` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Origin http://testando.xyz Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "37993-532cdf654f280-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	fsh7_sGHnga.js Show response testando.xyz/app/facebook.com/mamaguebo/	73 KB 19 KB	502ms 484ms	Script application/javascript	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/fsh7_sGHnga.js Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `053c25ca9bedef0eced014afdedb0422ed8dfe1b09bca51803341f033862bd7f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Origin http://testando.xyz Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "12383-532cdf654f280-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19128 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	9LqMJKx_7d5.js Show response testando.xyz/app/facebook.com/mamaguebo/	31 KB 10 KB	728ms 249ms	Script application/javascript	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Full URL http://testando.xyz/app/facebook.com/mamaguebo/9LqMJKx_7d5.js Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / Resource Hash `4384c938b8935aed5af8b76e71fc3d30559e6bee83a54e52f9d5801539366a2a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Origin http://testando.xyz Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Content-Encoding gzip Last-Modified Sat, 14 May 2016 14:11:06 GMT Server Apache ETag "7b7e-532cdf654f280-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 9789 Expires Wed, 20 Nov 2019 12:03:03 GMT
GET H/1.1	200 OK	LE87vI1.png i.imgur.com/	282 B 802 B	58ms 39ms	Image image/png	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL http://i.imgur.com/LE87vI1.png Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash `b2a9c99239fa0a487f1dc690afab1585a4ea7e79751e60d59d709f496ead4fc5` Request headers Referer http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Tue, 19 Nov 2019 12:03:03 GMT Age 14524038 X-Cache HIT, HIT Connection keep-alive Content-Length 282 X-Served-By cache-bwi5151-BWI, cache-hhn4056-HHN Last-Modified Fri, 13 Feb 2015 04:14:18 GMT Server cat factory 1.0 X-Timer S1574164983.340746,VS0,VE1 ETag "177479222edd3185d802a198f5729616" Access-Control-Allow-Methods GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * cache-control public, max-age=31536000 Accept-Ranges bytes X-Cache-Hits 1, 1
GET H/1.1	404 Not Found	GPGyYijOozz.png testando.xyz/rsrc.php/v2/yQ/r/	4 KB 4 KB	261ms 261ms	Image text/html	177.55.120.2 RedeHost Internet...
General Check archive.org Show headers Download Go to Show image Full URL http://testando.xyz/rsrc.php/v2/yQ/r/GPGyYijOozz.png Requested by Host: testando.xyz URL: http://testando.xyz/app/facebook.com/?key=cJCGjqAMEbzOgNAW57mCGRIisS7uvRmTG5X7vzdW6lk8SsnpBhsjD1OD0lKlgw9GGhe8BZ8eJFuAgfgK3jlYzVl3rbY7XQ44ppZqKzQWBbudr29XTQpNs0qeCQnnO3bK7Oa5LqvhONHL7WB9gCaJLARGTMdH4Ne7qEJniSDVIkzHQQfWGIovoYwJLwGkbUvbhuzkjIa3&lang=en Protocol HTTP/1.1 Server 177.55.120.2 , Brazil, ASN53057 (RedeHost Internet Ltda., BR), Reverse DNS Software Apache / PHP/5.6.30 Resource Hash `5d6725d87173ebef9b6a24534749345065d7bdf3748c5db421aab691dd48b149` Request headers Referer http://testando.xyz/app/facebook.com/mamaguebo/EzVal-wlDVl.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Tue, 19 Nov 2019 12:03:04 GMT Content-Encoding gzip Last-Modified Mon, 15 May 2017 14:17:58 GMT Server Apache X-Powered-By PHP/5.6.30 ETag "113b-54f90b8ced180-gzip" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2067

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fbstatic-a.akamaihd.net
URL: https://fbstatic-a.akamaihd.net/rsrc.php/v2/yw/r/C8gYaQFqrv-.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
testando.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: kjnek5t2k7v8tok11huhot0l62
testando.xyz/app/facebook.com	1969-12-31 23:59:59	Name: wd Value: 1600x1200
testando.xyz/app/facebook.com	1969-12-31 23:59:59	Name: m_pixel_ratio Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fbstatic-a.akamaihd.net
i.imgur.com
testando.xyz
fbstatic-a.akamaihd.net
151.101.112.193
177.55.120.2
053c25ca9bedef0eced014afdedb0422ed8dfe1b09bca51803341f033862bd7f
272797f40ebb2fd5d87d6b8d42b32f5d95821de7a82d0f33a68c0cddb316c0da
2a4bcf36642618800963b8938bed7a1b8310e835047a8978b516c125858172a2
35859166484dc45ee29481a5e59830bffe84af3df4aaf8f3a8b68d8e9306af52
4384c938b8935aed5af8b76e71fc3d30559e6bee83a54e52f9d5801539366a2a
5d6725d87173ebef9b6a24534749345065d7bdf3748c5db421aab691dd48b149
7c5b14cf5f44f3c5be49c7d37c2c902a147ee0fb5b1daf01f00067c1f0b54320
9964b9b1ca43635e0741e25d3c5d1c452897c74be553ce72d2706efdbf0a2107
b2a9c99239fa0a487f1dc690afab1585a4ea7e79751e60d59d709f496ead4fc5
d4f0dbc547092abbd3942b1132966864d73fc27f5a62055dab8124b8967f5632

testando.xyz Open in urlscan Pro 177.55.120.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

146 kBTransfer

527 kBSize

3 Cookies

1 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

3 Cookies

Indicators

testando.xyz Open in urlscan Pro
177.55.120.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

146 kB
Transfer

527 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!