urlscan.io logo urlscan.io
SecurityTrails logo

facebookguy.org Open in urlscan Pro
2606:4700:3034::ac43:9701  Public Scan

Go To Rescan Add Verdict Report
URL: https://facebookguy.org/
Submission Tags: @phishunt_io
Submission: On August 10 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3034::ac43:9701, located in United States and belongs to CLOUDFLARENET, US. The main domain is facebookguy.org.
TLS certificate: Issued by E1 on August 10th 2022. Valid for: 3 months.
This is the only time facebookguy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 103.167.150.226 63473 (HOSTHATCH)
6 2
Apex Domain
Subdomains		 Transfer
4 dlemp.net
script.dlemp.net
13 KB
2 facebookguy.org
facebookguy.org
3 KB
6 2
Domain Requested by
4 script.dlemp.net facebookguy.org
2 facebookguy.org facebookguy.org
6 2

This site contains links to these domains. Also see Links.

Domain
dlemp.net
wiki.nginx.org
nginx.org
php.net
mariadb.org
centos.org
Subject Issuer Validity Valid
*.facebookguy.org
E1		 2022-08-10 -
2022-11-08		 3 months crt.sh
script.dlemp.net
ZeroSSL ECC Domain Secure Site CA		 2022-07-31 -
2022-10-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://facebookguy.org/
Frame ID: 4104E5EF30C3742881E6669803C8DA21
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Test Page for the Nginx HTTP Server

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

16 kB
Transfer

18 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facebookguy.org/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9701 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / DLEMP
Resource Hash
b21c75b6e2d33fff40dc58d3fe8e114af32dca1d8021a09d363eeae301c82a84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
738ba5853bdebbdf-FRA
content-encoding
br
content-type
text/html
date
Wed, 10 Aug 2022 20:57:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 25 May 2021 16:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCakirIApSrPpk%2Fn3LuJgWqI2Yvzg9UP4VJ1O%2FcTvWG50wtFpv3YaCJvmSsX7ZESON%2Be0Md%2Bg0UI8YMZH4vF1ZVAdMCB3EMg5vUmMFotxVyQVXpFJabI0GuPZNUlOD6L0k%2Fx8A6u%2BRrKz70eRpw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
DLEMP
nginx.gif
script.dlemp.net/assets/images/ 		377 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dlemp.net/assets/images/nginx.gif
Requested by
Host: facebookguy.org
URL: https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.167.150.226 Singapore, Singapore, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software
nginx /
Resource Hash
c794a0fd63c8eee452c1090bb43e1e1324bf38c6cdd7f153db06bfe0bfb13efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://facebookguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:57:55 GMT
last-modified
Sun, 16 Aug 2020 02:08:50 GMT
server
nginx
etag
"179-5acf5228a3080"
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
377
php-power-white.gif
script.dlemp.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dlemp.net/assets/images/php-power-white.gif
Requested by
Host: facebookguy.org
URL: https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.167.150.226 Singapore, Singapore, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software
nginx /
Resource Hash
a1f493716b89bcc10c13776a3429eaca342d3ae6956efb1d6d739a4a3807dfc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://facebookguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:57:55 GMT
last-modified
Sun, 16 Aug 2020 02:08:50 GMT
server
nginx
accept-ranges
bytes
etag
"5f389532-8e0"
content-length
2272
content-type
image/gif
Mariadb.jpg
script.dlemp.net/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dlemp.net/assets/images/Mariadb.jpg
Requested by
Host: facebookguy.org
URL: https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.167.150.226 Singapore, Singapore, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software
nginx /
Resource Hash
f733feae6e4c88f0f5e1130b67809d8682c75cd6eb5cfadd665bb9ccb9ac7433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://facebookguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:57:55 GMT
last-modified
Sun, 16 Aug 2020 02:08:50 GMT
server
nginx
accept-ranges
bytes
etag
"5f389532-de8"
content-length
3560
content-type
image/jpeg
centos.png
script.dlemp.net/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.dlemp.net/assets/images/centos.png
Requested by
Host: facebookguy.org
URL: https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.167.150.226 Singapore, Singapore, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software
nginx /
Resource Hash
c00faea707f16fcee870d64012458fcf4281bff23ee7de929be15e666708082f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://facebookguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:57:55 GMT
last-modified
Sun, 16 Aug 2020 02:08:50 GMT
server
nginx
accept-ranges
bytes
etag
"5f389532-1926"
content-length
6438
content-type
image/png
email-decode.min.js
facebookguy.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facebookguy.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: facebookguy.org
URL: https://facebookguy.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9701 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://facebookguy.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Aug 2022 13:05:41 GMT
server
cloudflare
etag
W/"62ed15a5-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftX7eiBqziMiNpKxrGoqaMqQFgwQLffsHxR53Eked%2F27VJS%2B3TguLiKzyrI7e2KZ3jwOB8C%2Bzl9puEKD7VnNB4xXZVEJq3K6dcy43BkY5UXUm4h%2BTts%2F8aKIL64i2LkDCiazL%2BgKa5DmvCUXfSM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
738ba585dcedbbdf-FRA
vary
Accept-Encoding
expires
Fri, 12 Aug 2022 20:57:54 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

8 Console Messages

Source Level URL
Text
security warning URL: https://facebookguy.org/
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/nginx.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/php-power-white.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/Mariadb.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/centos.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/(Line 54)
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/nginx.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/(Line 54)
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/php-power-white.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/(Line 54)
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/Mariadb.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://facebookguy.org/(Line 54)
Message:
Mixed Content: The page at 'https://facebookguy.org/' was loaded over HTTPS, but requested an insecure element 'http://script.dlemp.net/assets/images/centos.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html