facabook.site.gazafood.com
Open in
urlscan Pro
18.198.107.34
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On December 13 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 13th 2022. Valid for: 3 months.
This is the only time facabook.site.gazafood.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 18.198.107.34 18.198.107.34 | 16509 (AMAZON-02) (AMAZON-02) | |
28 | 2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
32 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-107-34.eu-central-1.compute.amazonaws.com
facabook.site.gazafood.com |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 833 |
247 KB |
3 |
gazafood.com
facabook.site.gazafood.com |
63 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 30 |
3 KB |
32 | 3 |
Domain | Requested by | |
---|---|---|
28 | static.xx.fbcdn.net |
facabook.site.gazafood.com
static.xx.fbcdn.net |
3 | facabook.site.gazafood.com |
static.xx.fbcdn.net
|
1 | facebook.com |
facabook.site.gazafood.com
|
32 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
facabook.site.gazafood.com cPanel, Inc. Certification Authority |
2022-12-13 - 2023-03-13 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-09-21 - 2022-12-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://facabook.site.gazafood.com/
Frame ID: D05966A9A90223BE2853FFF8A8A57543
Requests: 33 HTTP requests in this frame
20 Outgoing links
These are links going to different origins than the main page.
Title: Türkçe
Search URL Search Domain Scan URL
Title: Kurdî (Kurmancî)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Zaza
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: فارسی
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Meta Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
facabook.site.gazafood.com/ |
62 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pYrjM7I1_Bh.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xv165oDvQLn.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53yLFFYXQfC.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EImC69cM2ZL.css
static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uaRUZk18yNI.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ |
1 KB 648 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BrbLRXK6ngn.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ |
305 KB 81 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kv2X48D5A4p.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ |
792 B 622 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FeYGKKadag_.js
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yD/l/en_GB/ |
59 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HuZeLzvrtWc.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qu9vi-bmWl3.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LFJDMBbOfee.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
22 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
95 B 146 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kNYkizqJr9j.png
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
p0bcnVbl1Lr.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
34 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mgxJrPv-D2y.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
j_uHdvkyoIZ.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
M08arqdo_nN.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
2 KB 773 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lS9_2HUikEH.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2X0xHj2P49v.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ |
32 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LgvwffuKmeX.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ |
42 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_tJ17sGyxOX.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
18 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
xXDOO3oMCfl.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ |
50 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suMutEJRCGD.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LHUxA4o6J25.js
static.xx.fbcdn.net/rsrc.php/v3iX3c4/ye/l/en_GB/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TUouD0noK13.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
C3CnmLDYuAn.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
q4LVwOVqyFF.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
1 KB 568 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
facabook.site.gazafood.com/ajax/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
facabook.site.gazafood.com/ajax/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)70 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onafterunloadhooks object| __FB_STORE object| onbeforeunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_rmode function| intl_set_locale boolean| domready object| onleavehooks boolean| loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facabook.site.gazafood.com
facebook.com
static.xx.fbcdn.net
18.198.107.34
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
16d3c0482184680796a3622434a267886c1b38335d40b5e3732c89b807c8f2a9
1ed26be1faf820c67ff656420ca4f6692cb0ca3a0b6e853065733a5a9a0cac60
21a1e9d17764909c2f8baaa7696f255aab37f5205246de484e5fec935c4bacb7
25afdf2d14f2c8c99ec39e1302b43b6e62b680d3620e56ccc7eee1dd97ee7a2c
2e4be2aad34cce455fc007fbd7be603fb27a8e6b756f5841327cad667667f83b
54338a6613654cab4d723709f45b831d63ba155ec6814409f899697b3ede052e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fc0e8a16bfa3654a7527c5c6f3c5162f70281b01d5d64ee72e39a03ccbbb7ce
626814a1d050ac62d3290457b6c9986220b14b4719e5e7ed54c84ae75cd07c37
742f8eeeadfee940e963a61b1183494bfd03db727ddef675489d8efeb0a369a7
75b139e9b60cdf8b809cd299e6f7392901ccc66ec99f1881180457f79779b242
8b7076acb1ce29f168ec532714af1d6a29e2177a2c45c76da906af7521f73ac1
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9d579e32084507a36fba99b6f8aa161c69c7e5cecece44409b6bd5f26a14043f
a1794060e1ad5af5abac2f5f1ddc804bffc1efeff0897600e637905512d24ebd
aa02b33dfe82a64584679af094ed8f0abb3b139aecdc0465e400a2bf64861f89
ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98
beaf5c573e1b368797a20f87798064ad813f72d4312a5458ea9bed0b839af110
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c2bcbf5726a802bfa2753ce4c7dc78529ac99ac4032c520d38d613b985deb21d
c4083b77c15ab55fb09f460918b7553f3a857333c26391332a5deea966d75a4d
c9c47a188ee5d5f3faf4258ea33e236acc02ddf312572f25a94818e55057aa77
ccfb7d47c93b56e90b2257f378fe31c8efe83b6c4718f599af85638ff4d5f63c
cdda9fa2f77a8fa8c4d7e886d1396c706c85f91a57f98108170daea305e6a81e
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e620f089ef52fff2fbf8f89489be6c94359148d967369ad10b991f4d3a870387
e6c9da044e1b9a16d015fbda0a0c8553a7b5d44d5a7ebb6aa95ec0422b3405cc
eb4b9e69ce3f703d5425be42f4c7688ae5a1f70314bb6a021f10239e1f3f79f1
f714f0bed5115f754f528c52a54a02343a6d6acb7d264bea03ae5ea8fb758784
f741e54388247a257d705394e2aadd23f20c5f9508ff78a6aa00f7aa3202fe8b
faaeb80123a9c17961b97c4f556f8e13f8fc3ce343b61e053414e8889668811a