fb-wyciek-zdjec12.netlify.app
Open in
urlscan Pro
2a05:d014:275:cb01:1f85:932b:b797:22f9
Malicious Activity!
Public Scan
Effective URL: https://fb-wyciek-zdjec12.netlify.app/
Submission: On August 01 via api from PL — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on February 15th 2022. Valid for: a year.
This is the only time fb-wyciek-zdjec12.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 2a05:d014:275... 2a05:d014:275:cb01:1f85:932b:b797:22f9 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:401... 2a00:1450:4014:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:32::178 | 15169 (GOOGLE) (GOOGLE) | |
34 | 6 |
ASN16509 (AMAZON-02, US)
fb-wyciek-zdjec12.netlify.app |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
netlify.app
fb-wyciek-zdjec12.netlify.app |
3 MB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52 |
20 KB |
2 |
gstatic.com
fonts.gstatic.com |
75 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226 |
82 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93 |
41 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72 |
1 KB |
34 | 6 |
Domain | Requested by | |
---|---|---|
26 | fb-wyciek-zdjec12.netlify.app |
fb-wyciek-zdjec12.netlify.app
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdnjs.cloudflare.com |
fb-wyciek-zdjec12.netlify.app
cdnjs.cloudflare.com |
1 | www.googletagmanager.com |
fb-wyciek-zdjec12.netlify.app
|
1 | fonts.googleapis.com |
fb-wyciek-zdjec12.netlify.app
|
34 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-02-15 - 2023-03-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://fb-wyciek-zdjec12.netlify.app/
Frame ID: FF3A8C505BB5E6E2DD0398DB2C22B7E5
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
Wyciek zdjęć. [+18]Grono odbiorców: PublicznePage URL History Show full URLs
-
http://fb-wyciek-zdjec12.netlify.app/
HTTP 307
https://fb-wyciek-zdjec12.netlify.app/ Page URL
Detected technologies
Netlify (Web Servers) ExpandDetected patterns
- ^https?://[^/]+\.netlify\.(?:com|app)/
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fb-wyciek-zdjec12.netlify.app/
HTTP 307
https://fb-wyciek-zdjec12.netlify.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fb-wyciek-zdjec12.netlify.app/ Redirect Chain
|
22 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
fb-wyciek-zdjec12.netlify.app/css/ |
102 B 209 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
fb-wyciek-zdjec12.netlify.app/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile.css
fb-wyciek-zdjec12.netlify.app/ |
1 KB 493 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
106 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logofb.svg
fb-wyciek-zdjec12.netlify.app/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumb-up-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
koment-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smile-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aparat-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smile2-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smile3-dark.png
fb-wyciek-zdjec12.netlify.app/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
fb-wyciek-zdjec12.netlify.app/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
fb-wyciek-zdjec12.netlify.app/ |
675 B 761 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-icon.png
fb-wyciek-zdjec12.netlify.app/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pobrane.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mov.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
83 KB 83 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.svg
fb-wyciek-zdjec12.netlify.app/img/ |
1 KB 934 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sad.svg
fb-wyciek-zdjec12.netlify.app/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrr.svg
fb-wyciek-zdjec12.netlify.app/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
55 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
667 KB 668 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
429 KB 429 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
191 KB 192 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
407 KB 408 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.jpg
fb-wyciek-zdjec12.netlify.app/img/ |
561 KB 561 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fb-wyciek-zdjec12.netlify.app/ | Name: _ga Value: GA1.3.1595231491.1659364294 |
|
.fb-wyciek-zdjec12.netlify.app/ | Name: _gid Value: GA1.3.677806582.1659364294 |
|
.fb-wyciek-zdjec12.netlify.app/ | Name: _gat_gtag_UA_232971269_4 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fb-wyciek-zdjec12.netlify.app
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::178
2606:4700::6811:190e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4014:80f::200a
2a05:d014:275:cb01:1f85:932b:b797:22f9
075cd9ff13a9860fa4cb345843853843993cb559fe4a9a3e939e44942842ec72
0d9ad3cb175539ef1564a3eceb37729be7f09872e81a3be1b3fe8b055aa693b2
1772b47c4a85498f96564a9101c9b6a977ea9401c5b6430a81b233058be1db36
1a4d524ad2c21a7f50dc64ce4ee3a345e28972961c16513465d5161a8c0a3d1b
1d0c7af705d5ccfb8a3bea8d35f0009c1765bd20917fe0922589e8e6dc542bf1
1d947c9ed30f67300b6a8a1bb940420cb4d11feec096705a163f2ae39f974895
24ca2eafb111ce1be1b23eccff5e471e68b5a30fda963e1de568601313fa1a27
278a0df72a010f0e98c4537d95060608bf1f6835e0e9c6f29380f2d0d7fa11d0
3e3cc9a361e2af0c2b9dd8864c79d768be5dd7d1c1ce6db77848b6fb91535cc9
5e7c8fcdb9fc5d5bfe18fb59f9dcf78d6cd4682efb4e206ffdd8fad4f807eedb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a322e5108c0483c8091d85e1152b32972512ffe607b22a6befd5e1240490faa
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8759e99792ef0358ca81f6f755363639aefec484353c120cdc10cad2db15c8a5
88fa21de64ae127c35a94f7b501e1a886745864fa705858628e3b2c4ed2d9722
89fec68720f06ac1889b3641970178cbf4999c9754552c036771381b92a26585
8a3e72b21a6221bb6dd08cc91c0b1f030294724a58236160a99e04b562f9138a
8ac6e3d06c891cfa198ac007c556162d5a90bb36c48738d885d145d8987c5f42
8ed266432070eac55401ee8865aabf8912bed3d94fb9c536f4f4f508b55ebb00
935be36155c74981c8f8baf473058b6798ab14eafcf898fcf17c1fc7bb0c254a
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9714e3ff732bb9da66bdf29ff410f4c99b3a5933ef6c99d131155282d0da689e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
bc2529d1bf7f1fdd22e49f54f96c82e4d23e89366877571655c6b303d7451556
cac8515b2feb3ed1d82a0be160d79741e0407722c24a1dc1ed7554e9d4a94742
ce1f792689feadc5af0391217748cef0cfee873ccf83e35a661bed979fe0528c
d306e4dd25e259717403bb7691c0219ebe4497e00dc2250a62352786dbf0b034
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9440a7cdb9841a562f8ce8180e8609a19feffe4eca13c8a6d34a33884fd83d3
e40a7c1b8120baa3fd729ef520955e1e43818d7bc15b0673d407633fe6bf8cb0
f7e72fe1a70219ff8d2144629e535f732ad4221abe06ec9fca01b3fa1807e28b
f87a35d2d1f7b012ed25e6ce1f60f4a5da2f08b99f9e097ac5ee3debdf938e81