![](/screenshots/7c87d06f-233b-4228-8ee6-c5bcd327886f.png)
facebookguy.org
Open in
urlscan Pro
2606:4700:3034::ac43:9701
Public Scan
Submission Tags: @phishunt_io
Submission: On August 10 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on August 10th 2022. Valid for: 3 months.
This is the only time facebookguy.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:303... 2606:4700:3034::ac43:9701 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 103.167.150.226 103.167.150.226 | 63473 (HOSTHATCH) (HOSTHATCH) | |
6 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
dlemp.net
script.dlemp.net |
13 KB |
2 |
facebookguy.org
facebookguy.org |
3 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
4 | script.dlemp.net |
facebookguy.org
|
2 | facebookguy.org |
facebookguy.org
|
6 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
dlemp.net |
wiki.nginx.org |
nginx.org |
php.net |
mariadb.org |
centos.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebookguy.org E1 |
2022-08-10 - 2022-11-08 |
3 months | crt.sh |
script.dlemp.net ZeroSSL ECC Domain Secure Site CA |
2022-07-31 - 2022-10-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://facebookguy.org/
Frame ID: 4104E5EF30C3742881E6669803C8DA21
Requests: 6 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: DLEMP
Search URL Search Domain Scan URL
Title: these
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
facebookguy.org/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nginx.gif
script.dlemp.net/assets/images/ |
377 B 538 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
php-power-white.gif
script.dlemp.net/assets/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mariadb.jpg
script.dlemp.net/assets/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
centos.png
script.dlemp.net/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
facebookguy.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebookguy.org
script.dlemp.net
103.167.150.226
2606:4700:3034::ac43:9701
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
a1f493716b89bcc10c13776a3429eaca342d3ae6956efb1d6d739a4a3807dfc4
b21c75b6e2d33fff40dc58d3fe8e114af32dca1d8021a09d363eeae301c82a84
c00faea707f16fcee870d64012458fcf4281bff23ee7de929be15e666708082f
c794a0fd63c8eee452c1090bb43e1e1324bf38c6cdd7f153db06bfe0bfb13efa
f733feae6e4c88f0f5e1130b67809d8682c75cd6eb5cfadd665bb9ccb9ac7433