www.facebook-gaming-verify.com
Open in
urlscan Pro
2001:8d8:100f:f000::28c
Malicious Activity!
Public Scan
Effective URL: https://www.facebook-gaming-verify.com/home/
Submission: On May 06 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on May 6th 2020. Valid for: a year.
This is the only time www.facebook-gaming-verify.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2001:8d8:100f... 2001:8d8:100f:f000::20d | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 2001:8d8:100f... 2001:8d8:100f:f000::28c | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
13 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
14 | 3 |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
face.gamingsssgoogle.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
www.facebook-gaming-verify.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
fbcdn.net
static.xx.fbcdn.net |
312 KB |
1 |
facebook-gaming-verify.com
www.facebook-gaming-verify.com |
21 KB |
1 |
gamingsssgoogle.com
1 redirects
face.gamingsssgoogle.com |
132 B |
14 | 3 |
Domain | Requested by | |
---|---|---|
13 | static.xx.fbcdn.net |
www.facebook-gaming-verify.com
|
1 | www.facebook-gaming-verify.com | |
1 | face.gamingsssgoogle.com | 1 redirects |
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
en-gb.facebook.com |
en-gb.messenger.com |
l.facebook.com |
developers.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook-gaming-verify.com Encryption Everywhere DV TLS CA - G1 |
2020-05-06 - 2021-05-06 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.facebook-gaming-verify.com/home/
Frame ID: BDB348FAF39D6AAC4B84FD1C90E147BA
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://face.gamingsssgoogle.com/
HTTP 302
https://www.facebook-gaming-verify.com/home/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgotten account?
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://face.gamingsssgoogle.com/
HTTP 302
https://www.facebook-gaming-verify.com/home/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.facebook-gaming-verify.com/home/ Redirect Chain
|
65 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rH_ZH3w5ZKM.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
611 KB 126 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q1yc7ZkGNEO.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2eHx9MWN5FF.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6p1uuxI96R0.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-SJlOLxA1SR.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lZ86cv9aR90.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
40 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gi8EFDskdtx.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ |
328 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OBaVg52wtTZ.png
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GsNJNwuI-UM.gif
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ |
522 B 716 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F5fJ75JdD_h.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kwovnGkGPEE.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DQDvQ2X3Nby.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DmtZWLqoTvz.png
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI function| ProfilingCounters object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
face.gamingsssgoogle.com
static.xx.fbcdn.net
www.facebook-gaming-verify.com
2001:8d8:100f:f000::20d
2001:8d8:100f:f000::28c
2a03:2880:f02d:12:face:b00c:0:3
062f5287b2a7325c61202bb2a96706605c5e80ac870df0321b92541a3eef0353
12d85aa47b02c34604bd589ec5d53ac95fdae78f590799564d3e85117529f939
16e5b165ce2e5b62aca9993d269a64a6fcdfd488145ddacba893f9904076c606
7016aa4e4c44068433c3f505cee18dbb5007b4baab680b62436970a0f4ec2f80
7478fec203c38c43a6385f1679fe41febb7fd812c3e48f5d17f565972e60b124
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
8c6c85ef1393c9e888eb441a23e7547ba1d8032b46b71add8216a1268f183097
8cd4fbace2cfb229efbe56186db8413abd1aacebf448ed89a004738814f2a8a3
9129f98571529baec0167b6a26169329c5a758609b29f05efd8b2ab3a518630b
9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773
a5656efbaa9fdb94e87817f8f73246aa47615f6616264fea462633e3ec69a342
bcd48f7f1f3edfebb6321003a1ea903cbea7d2a58da4a5817c42616104dab9ae
c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b
cf9cac0fa688e2c311617d6d62a9a54adffb006f5d90f9dc22b89b2f373cd9bd
f4287d1528382e5a28f80ea974fe73f74c6516bcf60cdabfc3f6202f1f6da03f