www.facebook.com.https.s1.gvirabi.com
Open in
urlscan Pro
188.129.143.42
Malicious Activity!
Public Scan
Submission: On May 14 via automatic, source phishtank
Summary
This is the only time www.facebook.com.https.s1.gvirabi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 188.129.143.42 188.129.143.42 | 16010 (MAGTICOMA...) (MAGTICOMAS Caucasus-Online) | |
13 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
gvirabi.com
www.facebook.com.https.s1.gvirabi.com static.xx.fbcdn.net.https.s1.gvirabi.com facebook.com.https.s1.gvirabi.com |
256 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
7 | static.xx.fbcdn.net.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
5 | www.facebook.com.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
1 | facebook.com.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
13 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.facebook.com.https.s1.gvirabi.com/Validation/
Frame ID: C6D74EDFF7E630A1C24AC0851F10DEA2
Requests: 13 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
Title: Русский
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Azərbaycan dili
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Ελληνικά
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: მესენჯერი
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: დეველოპერები
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.facebook.com.https.s1.gvirabi.com/Validation/ |
84 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-script.js
www.facebook.com.https.s1.gvirabi.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-xml-hr-trap.js
www.facebook.com.https.s1.gvirabi.com/ |
1021 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-plugins.js
www.facebook.com.https.s1.gvirabi.com/ |
409 B 628 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s1BuT2PzN4_.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ys/l/0,cross/ |
245 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
x4dEJXv3AtX.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yF/l/0,cross/ |
236 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ovO9hLZ-yEb.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yX/l/0,cross/ |
84 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IFR_sxSLQJ1.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yW/l/0,cross/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FI-2470axBR.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y_/l/0,cross/ |
21 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9GSDedH0-WM.js
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yo/r/ |
296 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsts-pixel.gif
facebook.com.https.s1.gvirabi.com/security/ |
43 B 819 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AkAC0oGIBW_.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yq/r/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-log-page-load
www.facebook.com.https.s1.gvirabi.com/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Gvirabi object| xmlHrLoadCallbacks object| XmlHrTrap number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| bigPipe0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com.https.s1.gvirabi.com
static.xx.fbcdn.net.https.s1.gvirabi.com
www.facebook.com.https.s1.gvirabi.com
188.129.143.42
0526735d377488409ca28aec58e61a1dd60f2c20ad65e7026152b80ee932be4b
39701efc78ec00dac8752a14bff63f34d82f8c2542ea86bebb890075f11cf27d
46f0473a22003fcf5576a84a429da9a179d8ea30611cbc7f395eb3c0ed5245ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a95272d5af902e054269786f03786f1ae288a76682c20364aeb219b822455b
591a67e3c5f84519d3f43a0090c273798d3d32dc44d28df35e592ccc6b5442e2
77f9c4eb5ff8659a403a06b7d26370bccc849aba970cb8de1b9dfd294dd06ede
c77fa14e27510dcd5492ae49ccddced75a0e6bceac09683cc5206e65548fa09a
dcac62b479085bc43cce7dbd39b7c30f15588daed47dca1f3dd8a51c7ed48b6f
e302e43da4c96ae503cd54b6574e04a715a0c4a397cfdfc6324b74b28ea4c3a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb262bcfba21c2b90f58a57b38fb0ef3267e64958ef8109495ecec5b4683ff5
ff57170044e1e46ad2906fc1b1268188484e7b05a6f1ca6a3ef04498f91da427