![](/screenshots/25027829-f7dc-4e10-b155-efa99fb4ed2c.png)
sh007.whb.tempwebhost.net
Open in
urlscan Pro
162.241.123.36
Malicious Activity!
Public Scan
Submission: On December 03 via manual from US
Summary
This is the only time sh007.whb.tempwebhost.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 162.241.123.36 162.241.123.36 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
21 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 3 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
24 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sh007.webhostbox.net
sh007.whb.tempwebhost.net |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fbcdn.net
1 redirects
static.xx.fbcdn.net fbcdn.net |
298 KB |
2 |
tempwebhost.net
sh007.whb.tempwebhost.net |
46 KB |
1 |
fbsbx.com
fbsbx.com |
689 B |
1 |
facebook.com
1 redirects
facebook.com |
294 B |
24 | 4 |
Domain | Requested by | |
---|---|---|
21 | static.xx.fbcdn.net |
sh007.whb.tempwebhost.net
static.xx.fbcdn.net |
2 | sh007.whb.tempwebhost.net |
static.xx.fbcdn.net
|
1 | fbsbx.com |
sh007.whb.tempwebhost.net
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
24 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-10-16 - 2021-01-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sh007.whb.tempwebhost.net/~homelc3e/view/?listing=LmQ5ZTJ1LmZlcnBvYWxWYS5kOWUydS4
Frame ID: EF24BC3E79FCB48BD5D3E159A6DCFB63
Requests: 24 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() sh007.whb.tempwebhost.net/~homelc3e/view/ |
144 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
izCAij3qxTw.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ymGY8E8NCaF.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rxcice5RSel.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
57 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IbLkFvg3-EW.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
118 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lEv2MIzFRTU.js
static.xx.fbcdn.net/rsrc.php/v3iK-b4/yj/l/en_US/ |
142 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nG_cDrUNGWV.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ |
377 B 402 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ii-f6F919gk.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ |
73 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WKoRwie18XL.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tYpg-XT2Fji.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ |
47 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GLCDCqYBasn.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ |
222 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fbsbx.com/security/ Redirect Chain
|
43 B 689 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gcZGjl1rwno.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jEcgbOMeU-8.png
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7oVtGLsr9D2.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5igSlgQ8Jys.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
24 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lHidHW0r049.js
static.xx.fbcdn.net/rsrc.php/v3ih-D4/y6/l/en_US/ |
105 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
R7J3XUuKCkg.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
132 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKz2mypMzvh.js
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yL/l/en_US/ |
26 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gXBA2JQsJTt.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aQGRi7x7dFG.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BwjU4B_qfpp.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
sh007.whb.tempwebhost.net/a/ |
12 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| envFlush object| Env number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| validateLData object| form object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sh007.whb.tempwebhost.net/ | Name: PHPSESSID Value: 3ca9f8d0254217dde87f3ceaeca15302 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fbcdn.net
fbsbx.com
sh007.whb.tempwebhost.net
static.xx.fbcdn.net
162.241.123.36
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
17a5f0166d4daacea1e94680580a78e51a0fe14919ca734b6ebdeb78e3782d86
2c3ee05814efc7666dd2495ed9f271b3329ed317a54a9c1351f0b106aa888938
361f9cf95cef78adf40bd23890619e5dfae1ea0f443b6c16bd0bb68242247ccc
3b64454b9787b14b503cd35762be7e0c0300df13ebb7b908f5f715c55db95f8e
3c74f49c7ca7f521654e0b8084236c32f1c027c39218b5dd77543a5a3116d5e8
46e7d7455f292ed282cfd1c545b3cac97182e5e7ce0c563ffd9ecd1635acf48a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6e3bd72793da66f2cfdb77d492350e083e71817eae43d6d1a6eb527220db9286
81782f423b2a8136b7890c37d2c34dc328e796e7a73dc9b73df5ba3eeece6769
819fd82f07f8ff28e855f951b04026a18fa8ec98be05e7c51caf4261e03806df
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9ac2cb07fb633b0f99eb1314b69bd61034eac3660d972af12fa33630499de214
9f69b01e8619250d244a9019be16b52a6180dcdf6a89df67d216186c9f64537f
abc2ad69e40b717fff278d77fbfed833728a11bc147e7058c152744c1f4dfad7
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
bf480a441e54463b8d0fa6579b5b74c3c202ca740a75fcf0a4e155fdbd9dc3e9
c49661026688f7b3ae63426f1d8567179804f6c66d61a799f2bae67045bb63ed
dd88c81b11153ded78f3be9e8b20a105ca47bcd9a9d0ca277a02383f5d8b163d
ddb725d84a8d67729073dc5fda2cef62280402c619eda592a183495c3b230c75
e0169e76370d63229a0fc201bb920743271457a6784059c5498b66332f94ba23
e5574605b0258e77e6a4d9177b7760429362be90979717c42daac8a733eaf597
e63f2e429cfe27bfaf27e89b36c90437062f01676a00b3a4efeb7b9226f6d316
f02b7ccef06aa8ca0c2426a7ccab9c9243d1b65fb305a957bdd5d00a4bc6fc70
f1fca8e94bb8bf629c661aab1dbaacc969d8860d8ad22036d6df4166a339b272