facebook-help.support Open in urlscan Pro
185.155.96.35  Malicious Activity! Public Scan

Submitted URL: https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBAOS63H55D08gboRqAAAA
Effective URL: https://facebook-help.support/
Submission: On April 06 via manual from IN — Scanned from DE

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.155.96.35, located in Estonia and belongs to FAIRYHOSTING, EE. The main domain is facebook-help.support.
TLS certificate: Issued by R3 on March 31st 2022. Valid for: 3 months.
This is the only time facebook-help.support was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2a03:2880:f01... 32934 (FACEBOOK)
10 185.155.96.35 202759 (FAIRYHOSTING)
1 34.117.59.81 396982 (GOOGLE-CL...)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 88.80.147.129 44901 (BELCLOUD)
18 5
Apex Domain
Subdomains
Transfer
10 facebook-help.support
facebook-help.support
1 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
140 KB
2 apifreshteam.com
apifreshteam.com
312 B
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6710
382 B
1 fbsbx.com
www.fbsbx.com — Cisco Umbrella Rank: 155251
3 KB
18 5
Domain Requested by
10 facebook-help.support facebook-help.support
4 www.facebook.com facebook-help.support
2 apifreshteam.com facebook-help.support
1 ipinfo.io facebook-help.support
1 www.fbsbx.com
18 5

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-14 -
2022-04-14
3 months crt.sh
facebook-help.support
R3
2022-03-31 -
2022-06-29
3 months crt.sh
ipinfo.io
GTS CA 1D4
2022-02-24 -
2022-05-25
3 months crt.sh
apifreshteam.com
R3
2022-03-31 -
2022-06-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://facebook-help.support/
Frame ID: 1E0B04D2ABD15A9AC743076D620A9EF7
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Help Center

Page URL History Show full URLs

  1. https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBA... Page URL
  2. https://facebook-help.support/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1675 kB
Transfer

1675 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBAOS63H55D08gboRqAAAA Page URL
  2. https://facebook-help.support/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.fbsbx.com/developer/tools/playable-preview/preview-asset/
6 KB
3 KB
Document
General
Full URL
https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBAOS63H55D08gboRqAAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c72f2c47ebb115e5922bc6a85c79c5d6df2b713de72570527cdb0135ba5dcec
Security Headers
Name Value
Content-Security-Policy default-src data: blob: *.fbcdn.net *.fbsbx.com;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' *.fbsbx.com;font-src *.fbsbx.com fbsbx.com *.fbcdn.net data:;img-src *.fbsbx.com *.fbcdn.net data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: *.fbcdn.net *.fbsbx.com;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' *.fbsbx.com;font-src *.fbsbx.com fbsbx.com *.fbcdn.net data:;img-src *.fbsbx.com *.fbcdn.net data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 06 Apr 2022 19:49:46 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
KzwecEWMwTyfK8VP4xo6s1CQ6o1r0Mua74OrpmXL1S4SX66BUZAISMq2c9b28BOq/88gW6HafMDsMYyupdf+MA==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
Primary Request /
facebook-help.support/
746 B
678 B
Document
General
Full URL
https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c2435db27ddf6a45722350331f207dd2ff513ff163e93481bcdb51b6bb970f09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fbsbx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 06 Apr 2022 19:49:47 GMT
ETag
W/"6246559a-2ea"
Last-Modified
Fri, 01 Apr 2022 01:30:02 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
main.b09c3a4d.js
facebook-help.support/static/js/
788 KB
788 KB
Script
General
Full URL
https://facebook-help.support/static/js/main.b09c3a4d.js
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4d6076ed3b84aaeebed013602859317f84323e382e741ceefc517cab1ad49fd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:47 GMT
Last-Modified
Fri, 01 Apr 2022 01:30:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246559a-c4e39"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
806457
main.f82ce72a.css
facebook-help.support/static/css/
585 KB
586 KB
Stylesheet
General
Full URL
https://facebook-help.support/static/css/main.f82ce72a.css
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a14fd4d49f053df2ff5c8c4bee5fa141cbc1878cf8a006207b9d5265bf6548e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:47 GMT
Last-Modified
Fri, 01 Apr 2022 01:30:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246559a-92571"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
599409
json
ipinfo.io/
262 B
382 B
Fetch
General
Full URL
https://ipinfo.io/json
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/js/main.b09c3a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
8c05b96c3c1136ec227f3fe190af91274ff685fdd29440b685b7a79a4759434f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 19:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
clear
via
1.1 google
facebookLogo1.png
facebook-help.support/
58 KB
59 KB
Image
General
Full URL
https://facebook-help.support/facebookLogo1.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8ee6e378d2d70a5f5c9772c38571e5334ef8620c34bcdd479d06cd6b16dfb964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-e918"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59672
secure.png
facebook-help.support/
28 KB
28 KB
Image
General
Full URL
https://facebook-help.support/secure.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e2d85b7515cbe41fed7e43bde39ecab913e2702708d9901ef0918ded28e69bec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-7022"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28706
arrowdown.png
facebook-help.support/
172 B
418 B
Image
General
Full URL
https://facebook-help.support/arrowdown.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f0467f9693642f683f97262490f36b1dfc43095b2ad7fa758bf572a49563d132

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-ac"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172
yourprivacy.png
facebook-help.support/
35 KB
36 KB
Image
General
Full URL
https://facebook-help.support/yourprivacy.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2313c3fceb42deca30dc26839f7133146d43cdd5963a702743688ff4af829a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-8d47"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36167
drawimage.png
facebook-help.support/
15 KB
16 KB
Image
General
Full URL
https://facebook-help.support/drawimage.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
84e30295e10b684475b110001987652754c5738c32f691a1196f95107b0784f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-3d45"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15685
reportingabuse.png
facebook-help.support/
4 KB
5 KB
Image
General
Full URL
https://facebook-help.support/reportingabuse.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5aaf62fae22726833ee9736565e82156d138373ee93a8e56d1554abad557f495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-11a4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4516
logometa.png
facebook-help.support/
14 KB
14 KB
Image
General
Full URL
https://facebook-help.support/logometa.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.96.35 , Estonia, ASN202759 (FAIRYHOSTING, EE),
Reverse DNS
raik.designute.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ee17fdd9c919e7aab8295e1ab3f24929126298033354db9e0b712597b7aaea29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
Last-Modified
Fri, 01 Apr 2022 01:29:35 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6246557f-37e7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14311
11cdjuP55Lo.png
www.facebook.com/rsrc.php/v3/yF/r/
28 KB
28 KB
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/yF/r/11cdjuP55Lo.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/css/main.f82ce72a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d5e444b8ea1d79da3d6de98145c64c6387c2514c08cd18e3159a2907d3a9c13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fb-debug
wOsIn7Am+6lDVWohsDXvaiVxK8dUfZlP/wBAbNZEFbEXxRZauIcd5Q1jzkkQnTAcraOJixfDNiRNOECUsU4DCA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
sTMXzBHYUsyVJhCGvqP1wQ==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
date
Tue, 05 Apr 2022 18:32:21 GMT
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28231
x-fb-rlafr
0
expires
Wed, 05 Apr 2023 18:32:21 GMT
gjTEpitnxIv.png
www.facebook.com/rsrc.php/v3/yl/r/
7 KB
7 KB
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/yl/r/gjTEpitnxIv.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/css/main.f82ce72a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09ca171e68260913bfd1a1e535662b0095c00eb3f54c167aa0cb367110254496
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fb-debug
ixeVuEWF7K3KnxPrPQNSzZsiiBCrnIJuIE44lFOO6c9+weqOvFXuY5dYHIwcgQ5Hj2yeaV9t4wSIWN6jQYqsxw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
denKNB0QDFNlNyJQ6qRvTQ==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
date
Fri, 01 Apr 2022 22:48:45 GMT
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7188
x-fb-rlafr
0
expires
Sat, 01 Apr 2023 22:48:45 GMT
Y4qEfNKxt-z.png
www.facebook.com/rsrc.php/v3/yu/r/
84 KB
84 KB
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/yu/r/Y4qEfNKxt-z.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/css/main.f82ce72a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
916e0b22e5455f61e2a75459d2087456caa97896dc25853f76e5b853d08ef611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fb-debug
MrCxn72bkMh0Z9lpr3Iv1m4zQGXELfC7Uninz8as8rHZKDVlo2uNT38w/eRnOcrUn82Jl/l+3DFUS7dXl0nWyg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
OEK+5PpFOsnLrRHD93i48A==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
date
Sun, 27 Mar 2022 22:26:48 GMT
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
86266
x-fb-rlafr
0
expires
Mon, 27 Mar 2023 22:26:48 GMT
oSkF_jfLLiO.png
www.facebook.com/rsrc.php/v3/ym/r/
21 KB
21 KB
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/ym/r/oSkF_jfLLiO.png
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/css/main.f82ce72a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c60702e5c6f634d24f67ab5cd7e2971716284e20453b168dc642ec503428add
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://facebook-help.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fb-debug
Bt54NJ3rbCFcQBTdY5TIZfOmHjwvvFvSdplvRiJad0Z2adejEZkPQCrrYy6se974iXVI9QHd9z6VHUof8wJ4dw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
sAREdLw+FCVacQOmZWsylg==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
date
Sun, 27 Mar 2022 22:26:48 GMT
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
21113
x-fb-rlafr
0
expires
Mon, 27 Mar 2023 22:26:48 GMT
oneToken
apifreshteam.com/api/users/
37 B
312 B
XHR
General
Full URL
https://apifreshteam.com/api/users/oneToken
Requested by
Host: facebook-help.support
URL: https://facebook-help.support/static/js/main.b09c3a4d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
88.80.147.129 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
nginx/1.18.0 / Express
Resource Hash
4851ed4c04f358bf3a4886c77726c10d6304bdd5d5a7a4784851987cc5b1f966

Request headers

Accept
application/json, text/plain, */*
Referer
https://facebook-help.support/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 06 Apr 2022 19:49:48 GMT
ETag
W/"25-RF0+ZEj5ypFumYpyPiU6rouDCys"
Server
nginx/1.18.0
X-Powered-By
Express
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
37
oneToken
apifreshteam.com/api/users/
0
0
Preflight
General
Full URL
https://apifreshteam.com/api/users/oneToken
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
88.80.147.129 Sofia, Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
Software
nginx/1.18.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://facebook-help.support
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Apr 2022 19:49:48 GMT
Server
nginx/1.18.0
Vary
Access-Control-Request-Headers
X-Powered-By
Express

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackChunkfbae_clone object| regeneratorRuntime

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://apifreshteam.com/api/users/oneToken
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: blob: *.fbcdn.net *.fbsbx.com;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' *.fbsbx.com;font-src *.fbsbx.com fbsbx.com *.fbcdn.net data:;img-src *.fbsbx.com *.fbcdn.net data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0