grub-wabkp18.wikaba.com
Open in
urlscan Pro
94.176.238.82
Malicious Activity!
Public Scan
Submission: On July 26 via automatic, source openphish
Summary
This is the only time grub-wabkp18.wikaba.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 94.176.238.82 94.176.238.82 | 62282 (RACKRAY U...) (RACKRAY UAB Rakrejus) | |
15 | 2a03:2880:f11... 2a03:2880:f11c:8184:face:b00c:0:14c9 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:204... 2a03:2880:204f:fffe:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
19 | 4 |
ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: node04.spacehosting.live
grub-wabkp18.wikaba.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
z-m-static.xx.fbcdn.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
h.facebook.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
fbcdn.net
z-m-static.xx.fbcdn.net |
282 KB |
2 |
facebook.com
h.facebook.com facebook.com |
2 KB |
2 |
wikaba.com
grub-wabkp18.wikaba.com |
25 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
15 | z-m-static.xx.fbcdn.net |
grub-wabkp18.wikaba.com
z-m-static.xx.fbcdn.net |
2 | grub-wabkp18.wikaba.com |
z-m-static.xx.fbcdn.net
|
1 | facebook.com |
grub-wabkp18.wikaba.com
|
1 | h.facebook.com |
grub-wabkp18.wikaba.com
|
19 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://grub-wabkp18.wikaba.com/auth/
Frame ID: C8E01517AC77BE0E5A88ED8B59A93584
Requests: 19 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Get Facebook for Android and browse faster.
Search URL Search Domain Scan URL
Title: Syarat & Ketentuan
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
grub-wabkp18.wikaba.com/auth/ |
92 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upXpD3lr9Z5.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ |
100 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
y3IjvQ6xfzr.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jQj1x1CcZTT.js
z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/ |
444 KB 102 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
h.facebook.com/hr/xp/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 925 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mj6r4HmJHYi.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iooI4/y6/l/en_GB/ |
53 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idnWT1arnzh.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yl/r/ |
32 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7VnMv5rHrHh.png
z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fz45rNsJh3t.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yl/l/en_GB/ |
50 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j0ze7QubiVY.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y-/r/ |
47 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sc3QB7l113M.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iN6O4/yy/l/en_GB/ |
28 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dC4KnPJyu6M.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yD/r/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
--d1ZYWrjv6.js
z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/y_/l/en_GB/ |
48 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_lc6-vWL24i.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
34 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UpWM3yse__c.js
z-m-static.xx.fbcdn.net/rsrc.php/v3ig7n4/yP/l/en_GB/ |
40 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZDkYDWlp1vg.js
z-m-static.xx.fbcdn.net/rsrc.php/v3izp84/yY/l/en_GB/ |
65 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4WgC_pJT9B.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
grub-wabkp18.wikaba.com/a/ |
321 B 542 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame object| MAjaxify string| _script_path0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
grub-wabkp18.wikaba.com
h.facebook.com
z-m-static.xx.fbcdn.net
2a03:2880:204f:fffe:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f11c:8184:face:b00c:0:14c9
94.176.238.82
0f609452aef659075fabc39d695a39cc5a4899276f99ad689f102fe51128990c
424ec606b543f391ab61fa53d5df24f586b075b70772ad840193024ed900ee20
43fbafd05d31a7cd74972b47fc32b9cef067990ff04364175a90ca842f31db81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59ca9385bcaddd3583d0147d7d5fd916cd02d28a94af59cbd2d4cad741d42155
5a02e285bd9dccaa561f7a1e9e8df98ecad40aeb493c035cf9b410a637794d7f
62ab3797c07a33b7030157d5288533aca26be12cdb831be375752fde712cb54c
6ef99c6fe73738327d4a017abf484460d6719ba58fdc2d55ca16205f22bda1e9
7b116716ec38106494605fdb6571db8e680257d5042085dfbdba47e8fc339953
82497abbb1465a86f5d4d23d5e47a256a6aad5695a986ffeb484d97a0486834e
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
c0ac3288d32fe47e3bf8edd7d6479279b0113695a8f5996c461c65e5cd46e403
c8c85346ba8c9751199e0846fddcf7288c78cc77c4e44f35688c9e97959c3b13
c97d0121b977a02fd1f1a9337e9a30aca9681eb7f7f459cea20ebe57ef1cbac5
d386a9d294e7cd38e8fc4adff2f221d53a513303a1a06a6c8c16c4e928e92205
da76fd32a976e6f3853aa48c688ee5ec337d94a03c070f51aa88ab346d8f382b
dbc69c1a84b0bacfef76a2c57cd25d5a326c8949db88aaf3dee01293a4539604
e7c40c9c740d3d33e5c699496579b9834dfc94c12a966e65fc330056238fe635