urlscan.io logo urlscan.io
SecurityTrails logo

sh007.whb.tempwebhost.net Open in urlscan Pro
162.241.123.36  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Submission: On December 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 162.241.123.36, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is sh007.whb.tempwebhost.net.
This is the only time sh007.whb.tempwebhost.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 162.241.123.36 46606 (UNIFIEDLA...)
21 2a03:2880:f01... 32934 (FACEBOOK)
2 3 2a03:2880:f11... 32934 (FACEBOOK)
24 3
Apex Domain
Subdomains		 Transfer
22 fbcdn.net
static.xx.fbcdn.net
fbcdn.net
298 KB
2 tempwebhost.net
sh007.whb.tempwebhost.net
46 KB
1 fbsbx.com
fbsbx.com
689 B
1 facebook.com
facebook.com
294 B
24 4
Domain Requested by
21 static.xx.fbcdn.net sh007.whb.tempwebhost.net
static.xx.fbcdn.net
2 sh007.whb.tempwebhost.net static.xx.fbcdn.net
1 fbsbx.com sh007.whb.tempwebhost.net
1 fbcdn.net 1 redirects
1 facebook.com 1 redirects
24 5

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2020-10-16 -
2021-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Frame ID: EF24BC3E79FCB48BD5D3E159A6DCFB63
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

92 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

345 kB
Transfer

1241 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
  • https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
  • https://fbsbx.com/security/hsts-pixel.gif

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
sh007.whb.tempwebhost.net/~homelc3e/view/ 		144 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
HTTP/1.1
Server
162.241.123.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh007.webhostbox.net
Software
Apache /
Resource Hash
3c74f49c7ca7f521654e0b8084236c32f1c027c39218b5dd77543a5a3116d5e8

Request headers

Host
sh007.whb.tempwebhost.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Dec 2020 20:58:30 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=3ca9f8d0254217dde87f3ceaeca15302; path=/
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=75
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
izCAij3qxTw.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/izCAij3qxTw.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd88c81b11153ded78f3be9e8b20a105ca47bcd9a9d0ca277a02383f5d8b163d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZQUiLpGrEgZMd652eTvgHA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4481
x-fb-debug
0NCAgPT9GCb1HWPfME9Ze6R1TqMRUf9ypVWnxaohoZd6mmwAEiO0asoARRHyxxmAvpR2OtH3tL5dZtO07MzPaA==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 21:55:54 GMT
ymGY8E8NCaF.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ymGY8E8NCaF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c49661026688f7b3ae63426f1d8567179804f6c66d61a799f2bae67045bb63ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Fo4czyilsHO0tPzVyTvq2Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
3442
x-fb-debug
WEaFHZTCqXi6eZxJ0TQeZaJ0ZvltEECA1Go7mJkK6Jti+xdANELr8ROdr/UcyqhsUzmEhnmZh7lh+5RURBDV6w==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 20:10:11 GMT
rxcice5RSel.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/rxcice5RSel.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ac2cb07fb633b0f99eb1314b69bd61034eac3660d972af12fa33630499de214
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Uvi0iS0BS4g/s9YonhZWlg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
15992
x-fb-debug
CPOUVNA8lTZpzREX8UXXhWGOq9Hp4mSiXzYhZ/kM+W6KZZjig9kjbVnAjGT5w9Aij4epSK8aFTzHeareABo8Yg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 Dec 2021 05:17:04 GMT
IbLkFvg3-EW.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/IbLkFvg3-EW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
361f9cf95cef78adf40bd23890619e5dfae1ea0f443b6c16bd0bb68242247ccc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H2WQqCE8HwFlTFlbt1LmXg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34289
x-fb-debug
OxdKZ9YfnrEjCpwGNvg3VWcwnPCnVmmRs10TfFu8vEAuQXnKWJVoLOs8bBBvrEZ5bERiB53+s3ICuxWitdnmcg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 19:42:12 GMT
lEv2MIzFRTU.js
static.xx.fbcdn.net/rsrc.php/v3iK-b4/yj/l/en_US/ 		142 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iK-b4/yj/l/en_US/lEv2MIzFRTU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81782f423b2a8136b7890c37d2c34dc328e796e7a73dc9b73df5ba3eeece6769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cPGc40kE6rWLZV86mwUN+A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
39495
x-fb-debug
oDctrWRLCnj5RS4oqOQU4uQrhdtJyboUxAGlZ14ZSBhVJ6aTp+Ad7JU8tEF9AvOtgSckASFkCWyZbqjEMf0wWg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 21:54:41 GMT
nG_cDrUNGWV.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ 		377 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/nG_cDrUNGWV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5574605b0258e77e6a4d9177b7760429362be90979717c42daac8a733eaf597
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kMcFNwLFU/0k5UYFLlcKHQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
236
x-fb-debug
1VI4ErEAldLcZ4RoTCtyiC4AMajx0i3Pb10i0VLjQ88YKDOrLlILtmwRObzrSEUgS8ulzW3+8b2YH4ZRJeWfjg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 19:42:12 GMT
Ii-f6F919gk.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ 		73 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/Ii-f6F919gk.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e3bd72793da66f2cfdb77d492350e083e71817eae43d6d1a6eb527220db9286
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YtGD3zJ4r/BRQU6VY/77jg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
16880
x-fb-debug
pcfS7GEPgLJFAnCLWcQgbjbMBOQBXOo9tnUovmfu7VzAJCFQ6sfLgq+BZXfnD/xMy6Gh+h7g1+2BbaHINATjIg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 20:10:12 GMT
WKoRwie18XL.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/WKoRwie18XL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddb725d84a8d67729073dc5fda2cef62280402c619eda592a183495c3b230c75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b57Un4deE3WoH8QMpVoveA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
9475
x-fb-debug
1K1Q8P3kJJ1yWYmR/DUAz9x8khlk88/2RdKGLELkKKus6H74lcxriwXAn1+4C5iRqFV7Cmh0sv/QskWiIeEHcg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 19:42:12 GMT
tYpg-XT2Fji.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/tYpg-XT2Fji.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
819fd82f07f8ff28e855f951b04026a18fa8ec98be05e7c51caf4261e03806df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V1YkpE5rSxd1k6JpCMZ85Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
14181
x-fb-debug
s9hz8nhKerZsEtzA5oiIyX6iq+PNV+sghg26OzfKbKJiHKuA8LPqZMEvXIr4NBux3ANrToLgCEBr5I64zJDhqg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 30 Nov 2021 17:03:27 GMT
GLCDCqYBasn.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ 		222 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f69b01e8619250d244a9019be16b52a6180dcdf6a89df67d216186c9f64537f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yNjWESZHqRDu8i9IgZi3MQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59017
x-fb-debug
CZHqtZIjvm1sBDfNcCoRTyE0v4S7bFq/Sz1LkW5xSN3ZeC3RdL2z85XCnVFt7oGLml2zLGjGs7DNB1lrskvUHQ==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 Dec 2021 00:36:27 GMT
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
Content-Security-Policy default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1027
x-xss-protection
0
x-fb-debug
fyLd+OJTYPfBo4HVFFW7nhFGw7KiQ/k3cmqu5q5w9EMgspo3OrBmBGdTtmnPHBP6tju4kt2xk+u7zco+ZlPyXg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
date
Thu, 03 Dec 2020 20:58:31 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 30 Nov 2021 17:02:43 GMT
hsts-pixel.gif
fbsbx.com/security/
Redirect Chain
  • https://facebook.com/security/hsts-pixel.gif?c=3.2
  • https://fbcdn.net/security/hsts-pixel.gif?c=2
  • https://fbsbx.com/security/hsts-pixel.gif
43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbsbx.com/security/hsts-pixel.gif
Requested by
Host: sh007.whb.tempwebhost.net
URL: http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src fbsbx.com *.fbsbx.com fbcdn.net *.fbcdn.net data: blob:;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbsbx.com *.fbsbx.com fbcdn.net *.fbcdn.net;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src fbsbx.com *.fbsbx.com fbcdn.net *.fbcdn.net data: blob:;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbsbx.com *.fbsbx.com fbcdn.net *.fbcdn.net;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
lhKcS4x9Wdqj8WgF4ZbuYyW3QG5jlGuAniYNnlnYmOhps1L3bsDR4gSClEvR5x3Qer3vwQql3gU+dixxzWtewA==
x-frame-options
DENY
date
Thu, 03 Dec 2020 20:58:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

x-fb-debug
fcBzJ5fLAJQ1KFYRQMTA0pwn6fLro/3qSFjcwQkWNyyRwYqxoqVLvfMUiFBHBHnT+9W4LgyTMRNjM+AX82ZVpg==
access-control-allow-origin
*
date
Thu, 03 Dec 2020 20:58:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
text/html; charset="utf-8"
location
https://fbsbx.com/security/hsts-pixel.gif
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
gcZGjl1rwno.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/gcZGjl1rwno.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/izCAij3qxTw.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abc2ad69e40b717fff278d77fbfed833728a11bc147e7058c152744c1f4dfad7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/izCAij3qxTw.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug
MJ1uYvZNM7nbcqh1d+y5RfCqMhFczrUa0PmldzLiD9hZg3A3yrfOXKFRh2hPYApkqDjgQXhX8naveMjIwVErNw==
x-fb-trip-id
664085054
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
WUJAgUKj4qgsY0ku3hErYw==
date
Thu, 03 Dec 2020 20:58:31 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1564
expires
Wed, 01 Dec 2021 05:13:39 GMT
jEcgbOMeU-8.png
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/jEcgbOMeU-8.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ymGY8E8NCaF.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c3ee05814efc7666dd2495ed9f271b3329ed317a54a9c1351f0b106aa888938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ymGY8E8NCaF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug
Vj9tacgS3716XhDsAvEbOxQz7QEQ0Rqsf5WQBTIsNzAU4RvQMV2cZST2MR2yfmQS3CuONoWdi/iRp4MafgZODA==
x-fb-trip-id
664085054
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
UukL1dwIB+RAG/5BzwIVFA==
date
Thu, 03 Dec 2020 20:58:31 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
18381
expires
Sun, 21 Nov 2021 03:45:32 GMT
7oVtGLsr9D2.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/7oVtGLsr9D2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46e7d7455f292ed282cfd1c545b3cac97182e5e7ce0c563ffd9ecd1635acf48a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7h0gldsC0tltsdvifbkxPA==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2298
x-fb-debug
CSByXaUTu2mWu5u/RsDtBra7tXW9y6D0UXZirH2BRYGqyOQO2U02EtmWAAIkFwLNINIe+f3NnqWwh0R4ric8+Q==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 01 Dec 2021 15:26:08 GMT
5igSlgQ8Jys.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/5igSlgQ8Jys.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b64454b9787b14b503cd35762be7e0c0300df13ebb7b908f5f715c55db95f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gOYC0mzzUnXPzoZh9l1u3Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7559
x-fb-debug
vwP2lsV+sKxKQT+uKP/VS//cy9MeXxMaf2uAsKRiYo9ZPEuTjkjnABEoWoeYyi0zHjoEYWo/+rfgSw34u1hpRA==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 28 Nov 2021 21:22:33 GMT
lHidHW0r049.js
static.xx.fbcdn.net/rsrc.php/v3ih-D4/y6/l/en_US/ 		105 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ih-D4/y6/l/en_US/lHidHW0r049.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf480a441e54463b8d0fa6579b5b74c3c202ca740a75fcf0a4e155fdbd9dc3e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8aStJoP4YllEApJ/OiQTUQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
27322
x-fb-debug
agSnec1mcSEDf16rdcSWg2JFmgSJCbohM3sfPyuX3lQ+asCC/1YtkjQJ+8ftqdQaV5G/T0Qkw2I4vpzQNeN4Xg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 21:56:55 GMT
R7J3XUuKCkg.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ 		132 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/R7J3XUuKCkg.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f02b7ccef06aa8ca0c2426a7ccab9c9243d1b65fb305a957bdd5d00a4bc6fc70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+2V6LAVRtkxfI4DjDuY/gQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24417
x-fb-debug
CwtJmCh+uR2WOll+nC56qhGQaixPT28WlEPVJUFVvDBUozMuOqkLe1lM1OooHtp3I0+Wjh6JPLVY7EweLq71ug==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 24 Nov 2021 05:04:40 GMT
yKz2mypMzvh.js
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yL/l/en_US/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLQG4/yL/l/en_US/yKz2mypMzvh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e63f2e429cfe27bfaf27e89b36c90437062f01676a00b3a4efeb7b9226f6d316
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XxOWrp8SNxP7PmFYmUL5Ug==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7049
x-fb-debug
Ja73Zx1cmKx9NBfi8ns8MSlici3ueo7eWbWHUG9hsBJowHGveo0v8Z6BY/XghbRiRsKod62SQOeXOGjf9Ej+vQ==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 17:39:17 GMT
gXBA2JQsJTt.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/gXBA2JQsJTt.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0169e76370d63229a0fc201bb920743271457a6784059c5498b66332f94ba23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tsNE7hdfKTmnK2Y7tK+W9g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2928
x-fb-debug
p8ZydPHMsKRiQtL4D8aeqm8szJcpKu62SwN5bmw0FVCRPvZwSiLb7yay9DLXua6MrwiQqe9qOPFUV5gH/2mkrg==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 17:25:04 GMT
aQGRi7x7dFG.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/aQGRi7x7dFG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1fca8e94bb8bf629c661aab1dbaacc969d8860d8ad22036d6df4166a339b272
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cAHPLICxwPhCrXoHbSx6oA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7546
x-fb-debug
8X12SrswPWkKU3LV36UGt7hf9RWH07qmDooxQHkTFWve1qzDMuSs3u19AFr7f/fCwz4smIPenBx5RM5RmUYK8A==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Dec 2021 02:32:11 GMT
BwjU4B_qfpp.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/BwjU4B_qfpp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17a5f0166d4daacea1e94680580a78e51a0fe14919ca734b6ebdeb78e3782d86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sh007.whb.tempwebhost.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dUd638DekzAj7gxzmFJgHg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2569
x-fb-debug
J6rXM+yh3iFJzuev8e+DJastMOxPZZurFmcDa8Dvt4tM5SYeJtBIWbfO9DnKmiAd9BDG1Zq5u71FHZa71frrvQ==
x-fb-trip-id
664085054
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Nov 2021 21:50:18 GMT
bz
sh007.whb.tempwebhost.net/a/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sh007.whb.tempwebhost.net/a/bz?m_sess=&fb_dtsg=AQF6e6lnlKF5%3AAQHh1-dhX0y2&jazoest=21934&lsd=AVpUdSloOtQ&__dyn=1Z3paBwk8aU4ifGh0BBBg9odE4a2i5U4e0C86u7E39x64o7S0PEhwem0iy1gCwjE2Nwde0MU0D2US0se229w4NwqU3rw9O1Aw4vw8W0hC&__csr=&__req=1&__a=AYmwv5-9T8MGtCRUInO0OkKnNnOOf-q3TRJm7g1u2lin5VGXbb8iaK0I4i7FsTRvca-KzjIcOVVluLztrbnox1zcG302tayqlJjg0UDb3Uaerw&__user=0
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/IbLkFvg3-EW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
HTTP/1.1
Server
162.241.123.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh007.webhostbox.net
Software
Apache /
Resource Hash
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Request headers

Referer
http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
X-Requested-With
XMLHttpRequest
X_FB_BACKGROUND_STATE
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Response-Format
JSONStream
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryyBmGV6MNmcxmTufL

Response headers

Date
Thu, 03 Dec 2020 20:58:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 08:05:05 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
4677

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| envFlush object| Env number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| validateLData object| form object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

1 Cookies

Domain/Path Name / Value
sh007.whb.tempwebhost.net/ Name: PHPSESSID
Value: 3ca9f8d0254217dde87f3ceaeca15302

2 Console Messages

Source Level URL
Text
console-api error URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz(Line 62)
Message:
ErrorUtils caught an error: find(<node>, "form", "m_login_form"): matched no nodes. TAAL[1] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api error URL: https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/GLCDCqYBasn.js?_nc_x=Ij3Wp8lg5Kz(Line 62)
Message:
ErrorUtils caught an error: Cannot set property 'isHandled' of null Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
fbcdn.net
fbsbx.com
sh007.whb.tempwebhost.net
static.xx.fbcdn.net
162.241.123.36
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
17a5f0166d4daacea1e94680580a78e51a0fe14919ca734b6ebdeb78e3782d86
2c3ee05814efc7666dd2495ed9f271b3329ed317a54a9c1351f0b106aa888938
361f9cf95cef78adf40bd23890619e5dfae1ea0f443b6c16bd0bb68242247ccc
3b64454b9787b14b503cd35762be7e0c0300df13ebb7b908f5f715c55db95f8e
3c74f49c7ca7f521654e0b8084236c32f1c027c39218b5dd77543a5a3116d5e8
46e7d7455f292ed282cfd1c545b3cac97182e5e7ce0c563ffd9ecd1635acf48a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6e3bd72793da66f2cfdb77d492350e083e71817eae43d6d1a6eb527220db9286
81782f423b2a8136b7890c37d2c34dc328e796e7a73dc9b73df5ba3eeece6769
819fd82f07f8ff28e855f951b04026a18fa8ec98be05e7c51caf4261e03806df
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9ac2cb07fb633b0f99eb1314b69bd61034eac3660d972af12fa33630499de214
9f69b01e8619250d244a9019be16b52a6180dcdf6a89df67d216186c9f64537f
abc2ad69e40b717fff278d77fbfed833728a11bc147e7058c152744c1f4dfad7
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
bf480a441e54463b8d0fa6579b5b74c3c202ca740a75fcf0a4e155fdbd9dc3e9
c49661026688f7b3ae63426f1d8567179804f6c66d61a799f2bae67045bb63ed
dd88c81b11153ded78f3be9e8b20a105ca47bcd9a9d0ca277a02383f5d8b163d
ddb725d84a8d67729073dc5fda2cef62280402c619eda592a183495c3b230c75
e0169e76370d63229a0fc201bb920743271457a6784059c5498b66332f94ba23
e5574605b0258e77e6a4d9177b7760429362be90979717c42daac8a733eaf597
e63f2e429cfe27bfaf27e89b36c90437062f01676a00b3a4efeb7b9226f6d316
f02b7ccef06aa8ca0c2426a7ccab9c9243d1b65fb305a957bdd5d00a4bc6fc70
f1fca8e94bb8bf629c661aab1dbaacc969d8860d8ad22036d6df4166a339b272