www_facebook_com.jam.dev
Open in
urlscan Pro
2606:4700::6812:c65
Malicious Activity!
Public Scan
Effective URL: https://www_facebook_com.jam.dev/
Submission Tags: jam.dev-6f8ed8
Submission: On April 08 via manual from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time www_facebook_com.jam.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 2606:4700::68... 2606:4700::6812:c65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2606:4700::68... 2606:4700::6812:d65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f13... 2a03:2880:f13f:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
24 | 4 |
ASN13335 (CLOUDFLARENET, US)
connect_facebook_net.jam.dev | |
www_facebook_com.jam.dev | |
static_xx_fbcdn_net.jam.dev |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
jam.dev
1 redirects
connect_facebook_net.jam.dev www_facebook_com.jam.dev static_xx_fbcdn_net.jam.dev |
855 KB |
1 |
facebook.com
facebook.com |
232 B |
1 |
fbcdn.net
static.xx.fbcdn.net |
2 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
20 | static_xx_fbcdn_net.jam.dev |
www_facebook_com.jam.dev
static_xx_fbcdn_net.jam.dev |
2 | www_facebook_com.jam.dev |
www_facebook_com.jam.dev
|
1 | facebook.com |
www_facebook_com.jam.dev
|
1 | static.xx.fbcdn.net |
www_facebook_com.jam.dev
|
1 | connect_facebook_net.jam.dev | 1 redirects |
24 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-04 - 2021-08-04 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www_facebook_com.jam.dev/
Frame ID: 692487A307DA830D84A45A19E5B6FB11
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://connect_facebook_net.jam.dev/
HTTP 302
https://www_facebook_com.jam.dev/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Google Cloud (CDN) Expand
Detected patterns
- headers via /^1\.1 google$/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: English (UK)
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Polski
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Română
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Entwickler
Search URL Search Domain Scan URL
Title: Datenschutzinfo
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://connect_facebook_net.jam.dev/
HTTP 302
https://www_facebook_com.jam.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www_facebook_com.jam.dev/ Redirect Chain
|
2 MB 688 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Qc0R9B5HTo22AHRnnh4AdzLORU0.js
www_facebook_com.jam.dev/cdn-cgi/apps/head/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F4mOXJDMx3X.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yL/l/0,cross/ |
10 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XzMVk90uhh2.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/ym/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4jXqN3g1bKq.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/ye/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mU74pXnh9Mb.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yo/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F3UIXEd3iEy.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yC/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F_8NTWljRrz.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yI/l/0,cross/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kRLcvHvqDYi.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yr/l/0,cross/ |
1 KB 594 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CnzxB_yJWWz.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yR/l/0,cross/ |
515 B 805 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7n9M8qSDX7b.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yQ/l/0,cross/ |
1 KB 603 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hMMuyiOxP-5.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/y0/l/0,cross/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tHl3o6ag5Zt.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yl/l/0,cross/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HhNsAhnQh0P.js
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/y0/r/ |
272 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GbSal1vIhzD.png
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yL/r/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 232 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
W3AEsyr2JkD.js
static_xx_fbcdn_net.jam.dev/rsrc.php/v3iN_84/yz/l/de_DE/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2QhhFgvLJku.js
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yA/r/ |
100 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e4vb5pUJH8_.js
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/y3/r/ |
650 B 605 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5zeYSLLaMs7.png
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/ye/r/ |
504 B 693 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EnL9ExzQHeX.css
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yx/l/0,cross/ |
457 B 458 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_qffko0Bu_F.js
static_xx_fbcdn_net.jam.dev/rsrc.php/v3/yL/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CloudflareApps number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger object| regeneratorRuntime function| now_inl number| __bigPipeFR number| __bigPipeCtor0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; preload |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect_facebook_net.jam.dev
facebook.com
static.xx.fbcdn.net
static_xx_fbcdn_net.jam.dev
www_facebook_com.jam.dev
2606:4700::6812:c65
2606:4700::6812:d65
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
068d6595283fc0b5497e2abce36b64a68b99da1c48bca795f3247fc8e97101e8
127708e58caf60ab3de4424afc5775875758c28df4626f24e322c6db65986730
1b00bc6e68388c9c7d798471dfca65c80ca8363fa766d475666e5f2a89911081
1ea3bcac43bc3f4cce7a6b0e9e741bb6ba998c416bcdfc4079c19983f9b91855
303095f23aa51635567d0cc30f4b50f13ab70b0ae79c6e0816907852bab94659
463853997b0f2a739c12d11eb9cfbc4c2f525edccc76467ecc7256879c11c150
497131b52b6fb1d648c66a53b74c0e4657c73667869441f21ea22148d0958cb1
4eb1a4065276c89784cd94dcd40433da91e07380d32295b112e210cd14a040b0
53d302d420e83594ba063ea6f388974998a671c2b4cb654f9aed6b6546c9ef04
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a46c39f1ac89672c265b9b3570e2aa065741d988c3c95fcaa07617b2d4bb21
65f6834346d0a645e80e49ec88205faf0e23a7d16a3ff0bad1a83b23bda9e49c
71727c67d404513631945707245d6de88a4cdcfb7a99bf18f3905be7204660ab
86b4e3aad7d827e7777fccbec1c145c95bb82c9658cdd7255f7f5866e2e5548d
90c9e7748fe5c469918ee2a3f4e9cd312215b20bf4e9a14d62bc3f3afa0cb4d7
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a5936c2fba62f37df5373aba3800425e4d5f540556f8bd7f909228df4030841d
a999184c4d1393e2a73da3e78fea66b93e171e7f8e0f5ef49338da9d458105a4
be58afe8daab90bce365a4a8d2f18828290f403ab2ea91e823532cc791efbbe8
c08638354bb3473be7a2e0465526ddc89ce497a7f1bd49eb5ec6d0ebd5f5b47c
d1f4a5bdd62423f7b0a6608c5f0eaed152063dce527c0893a7db455b534c7701
d7ba7f19929d02e7f98e5f3e65349789c828819ae25a0e5c7e39cfbdce640c51
d806d56b2ddd445f41bacc0b09c6ab2b6e3ae4743c11d4dfd89bc895259e3a14
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f