urlscan.io logo urlscan.io
SecurityTrails logo

facebook-recovery-page10004552.61557512540771-about.biz.id Open in urlscan Pro
172.67.129.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Submission Tags: @phishunt_io
Submission: On May 02 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 172.67.129.186, located in United States and belongs to CLOUDFLARENET, US. The main domain is facebook-recovery-page10004552.61557512540771-about.biz.id.
TLS certificate: Issued by E1 on April 30th 2024. Valid for: 3 months.
This is the only time facebook-recovery-page10004552.61557512540771-about.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.129.186 13335 (CLOUDFLAR...)
1 172.67.208.95 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 3
Domain Requested by
2 facebook-recovery-page10004552.61557512540771-about.biz.id facebook-recovery-page10004552.61557512540771-about.biz.id
1 ajax.googleapis.com facebook-recovery-page10004552.61557512540771-about.biz.id
1 lal.rgrgfsdsdsfdfgvb.my.id facebook-recovery-page10004552.61557512540771-about.biz.id
4 3

This site contains no links.

Subject Issuer Validity Valid
61557512540771-about.biz.id
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh
rgrgfsdsdsfdfgvb.my.id
GTS CA 1P5		 2024-04-05 -
2024-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Frame ID: 09E28BE0C7E68D0549D3179AE57C2132
Requests: 3 HTTP requests in this frame

Frame: https://lal.rgrgfsdsdsfdfgvb.my.id/
Frame ID: FCA7092CBB1D002FBF62C083B877E894
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

39 kB
Transfer

106 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facebook-recovery-page10004552.61557512540771-about.biz.id/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee987df3abd5a299956465345b415021a4e4636ea217a7a4b02ba52ba074bce8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87d46f7ced263a5a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 02 May 2024 02:03:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNVqDdiGljm%2BJ7U2oDCPdM4HmzWjysSB5nWTDBmLq23I1RlaDac%2Bg5hCJVfDV7lBRQyzHtvIDTsBxyEOYkC4Fzy5XjhcKvI335T%2BUZwjyW8JD2AR6xtTAKj9e%2BrO52Z3GdjJVR9MqnxCUIaaDtYhcJSH9A%2BzqWloMM%2Ffmv3dESCOi5b41DdUrzYuVmCG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
rocket-loader.min.js
facebook-recovery-page10004552.61557512540771-about.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facebook-recovery-page10004552.61557512540771-about.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: facebook-recovery-page10004552.61557512540771-about.biz.id
URL: https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 02:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Apr 2024 17:56:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627f65e-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohzHTOQDSDhruoh7KinJBWjrh%2BEsTqBfhmfHfGGDLkuI6EkhbCmtbfCA057eOZ6FLCLu%2FdBtTTSOj8JEJ9pkAkGwXu2X2o%2FfP164ySC%2BX%2FDlkxaBHJwhFG%2FozXTNAnTdWBPElWFshP29Ow3KukzHoV0rWMsRvNHqzhLYxsHo2J%2Fg6b4Uv2YWT3IsQYHf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87d46f814f083a5a-FRA
expires
Sat, 04 May 2024 02:03:33 GMT
/
lal.rgrgfsdsdsfdfgvb.my.id/ Frame FCA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lal.rgrgfsdsdsfdfgvb.my.id/
Requested by
Host: facebook-recovery-page10004552.61557512540771-about.biz.id
URL: https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87d46f81b99c3626-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 02 May 2024 02:03:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhOpJKY2Fie8GbY9ACkTwVPsICP2xQWTRpZsA1%2FGrJh9nBam%2BgVe0JO9gts7stYp3fRLD7LibP3%2BT5HIJ%2BpU%2B0NBLbGDRMdaxWrFtEgC8ZrjH2436YJIpJSR3b%2F%2B%2FQcNep%2FCyTOXJ3%2FryzIabg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: facebook-recovery-page10004552.61557512540771-about.biz.id
URL: https://facebook-recovery-page10004552.61557512540771-about.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://facebook-recovery-page10004552.61557512540771-about.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:48:50 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR

0 Cookies