urlscan.io logo urlscan.io
SecurityTrails logo

pec-school.com Open in urlscan Pro
148.251.188.185  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Submission: On May 02 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 148.251.188.185, located in Germany and belongs to HETZNER-AS, DE. The main domain is pec-school.com.
This is the only time pec-school.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank AL Habib (Banking)

Domain & IP information

IP Address AS Autonomous System
3 148.251.188.185 24940 (HETZNER-AS)
8 117.20.16.130 38193 (TWA-AS-AP...)
3 2a03:2880:f02... 32934 (FACEBOOK)
15 4
Domain Requested by
8 secure.bankalhabib.com pec-school.com
secure.bankalhabib.com
3 pec-school.com pec-school.com
2 connect.facebook.net pec-school.com
connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
15 4

This site contains no links.

Subject Issuer Validity Valid
secure.bankalhabib.com
DigiCert Global CA G2		 2019-04-11 -
2021-06-09		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-03-08 -
2019-06-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Frame ID: 0867D4C19528D7B7929AF3F8E0929474
Requests: 21 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 4AAB676D05E6B486BC95C5AE51EC4B16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

15
Requests

73 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1632 kB
Transfer

2912 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request accDetailss.php
pec-school.com/wpinclude/error/query/baalhabib/ 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Server
148.251.188.185 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
uptime.skyhost.pk
Software
Apache /
Resource Hash
dd7fff833f3c2936f9c027d83ca1433739b25c5778d514ef4354da9c632d8923

Request headers

Host
pec-school.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Server
Apache
Cache-Control
max-age=2592000
Expires
Sat, 01 Jun 2019 04:08:48 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17431
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
banking.uri.css
secure.bankalhabib.com/T001/css/cmn/ 		2 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/css/cmn/banking.uri.css
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
d3ea4ce324f9aac0545af8d2805e0a56f09d71237f91c0e0aeb1c01e396aa618

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2015 22:12:24 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/css
scrollbars.uri.css
secure.bankalhabib.com/T001/css/C_COLPAL1/ 		1 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/css/C_COLPAL1/scrollbars.uri.css
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
0e46f5023a6287cb88deb4ec543e02068df3865476dbd0882c0bb682d8fe2993

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2015 15:59:30 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/css
virtualkeyboard.uri.css
secure.bankalhabib.com/T001/css/cmn/ 		2 KB
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/css/cmn/virtualkeyboard.uri.css
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
cef637b6200f4e367f1999982dba8c572b3b2e7a1e64fa6bd9059455a7ae8669

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Jul 2015 06:12:38 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
Content-Type
text/css
jquery-includes.js
secure.bankalhabib.com/T001/JS/combined/ 		601 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/JS/combined/jquery-includes.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
39eb514373689012a877cd1d0ec94b7270aa15405806af7edb28867ad54e588f

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Max-Age
Thu, 09 May 2019 04:08:48 GMT
Cache-Control
private
Content-Type
text/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 09 May 2019 04:08:48 GMT
common.js
secure.bankalhabib.com/T001/jsdir/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/jsdir/common.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
1d1c77ff50644be5493cce781cdbecf8d084d9f1b9f725f374192168dcbc75e5

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jan 2017 08:49:54 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
virtualkeyboard.js
secure.bankalhabib.com/T001/jsdir/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/jsdir/virtualkeyboard.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
66b9c89e4d1f070ffeddfe9c208b3aaf80c71affcd1116c7f40089f40c726058

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 17 Oct 2015 00:38:10 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
rsa_compiled.js
secure.bankalhabib.com/T001/jsdir/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/jsdir/rsa_compiled.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
224cb317b3d31f58294b6523f37c28c99dc3e20cd92e7c8e4e77a59482fb5ba1

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2015 15:59:26 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
fb.js
secure.bankalhabib.com/T001/jsdir/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankalhabib.com/T001/jsdir/fb.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.20.16.130 Karachi, Pakistan, ASN38193 (TWA-AS-AP Transworld Associates (Pvt.) Ltd., PK),
Reverse DNS
tw16-static130.tw1.com
Software
/
Resource Hash
083a3c65e8f133d5b5da9b387ea4cc969cb90d231656ac219ea16fb0bb02b9d1

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2015 15:59:24 GMT
Accept-Ranges
bytes
Transfer-Encoding
chunked
jquery-includes.js
pec-school.com/wpinclude/error/query/baalhabib/JS/combined/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pec-school.com/wpinclude/error/query/baalhabib/JS/combined/jquery-includes.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Server
148.251.188.185 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
uptime.skyhost.pk
Software
Apache /
Resource Hash

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:48 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://pec-school.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Roboto-Light.ttf
secure.bankalhabib.com/T001/css/fonts/ 		0
0
jquery-includes.js
pec-school.com/wpinclude/error/query/baalhabib/JS/combined/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pec-school.com/wpinclude/error/query/baalhabib/JS/combined/jquery-includes.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
HTTP/1.1
Server
148.251.188.185 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
uptime.skyhost.pk
Software
Apache /
Resource Hash

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 02 May 2019 04:08:51 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://pec-school.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=98
Expires
Wed, 11 Jan 1984 05:00:00 GMT
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0da176a4b1c07f0353e61f30f14f72f7cd21c9f3963fbd528696fe220030cf79

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6508db97988c4a25313e365e68888da188ce91d22632cfd81e26a49df2f9c6c0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
974c7c5fdb37d035d4e4a1e5ff4671e38e6a4673608c4c04fe150231518b8cae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c6110aa4b4b4f75a42a46460aced12ddcd8d74a1a616e35658c70fac152e710

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7400cbe9cfc2749338143d4af4a9719ae4d1c55b2d50895d6af628a313314606

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cb6fffac123f5a2fc50057967748c48cb102509f2bf08fc2b3f2005732aafac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23db1895d52ad4414f1979bb66a947ed7950953f16ca276a6c8f2d1ac3bcde2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: pec-school.com
URL: http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
38d9cb85ade49bbd76f619952f927beae562d4cbecc19c10d61ff268ceccd819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
P7oudKF7uSqM4h29fgSOdg==
status
200
date
Thu, 02 May 2019 04:08:52 GMT
vary
Accept-Encoding
content-length
1781
x-fb-debug
zXJ3fblG9mPEv/CJVG1BKCSxQAbg/Son5sxe4Y+k1b/1HTdP9GcydqxGSlfmn0Ypm/j2+WmlYD+eiZEhSR1FjA==
x-fb-content-md5
0b4392fc7430e8e0dba9f1b439a67465
etag
"37f62bad404bffaffe7124911f2e01c2"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 02 May 2019 04:23:15 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml.js=1&appId=null
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_US/ 		186 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=9957116a9950c2df9271718c2a765469&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
de5ed0b06fb22e7a0bdb517e1dfe927d6aedd1fb561c1f8cfe5a72cd98ed059b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
Origin
http://pec-school.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jSgIcSLrZ7o3U10JiywyYA==
status
200
date
Thu, 02 May 2019 04:08:52 GMT
vary
Accept-Encoding
content-length
56247
x-fb-debug
uWL0S/7fgcWNhA0hytkYWyUBlgIR/lH7DthfXvHz2fxalhKHpmVL/9wppB2BNgWbxlPmrBoz6D8+/FhehA5BCQ==
x-fb-content-md5
ccf136604ef9b9b776e4b5c52e3f70e9
etag
"28518af8c4a3a9db7e6df8059034c307"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 01 May 2020 03:28:40 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 4AAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9957116a9950c2df9271718c2a765469&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://pec-school.com/wpinclude/error/query/baalhabib/accDetailss.php?r=2EE7C64B-C228-F24A-F1B8-D5D35F5A4D43

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Thu, 30 Apr 2020 21:01:15 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
7GNBA6K451pwbIwNfSHsSwRuoCEa+LcW2LZAecsU0AHOQmP99EOXLgvLZFRM9u5lkALGp3tlqARoLuMAEmplKw==
content-length
10984
date
Thu, 02 May 2019 04:08:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.bankalhabib.com
URL
https://secure.bankalhabib.com/T001/css/fonts/Roboto-Light.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank AL Habib (Banking)

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| debugData function| showOptions function| showState function| addThemeSwitcher function| removeUITheme function| isTouchDevice function| touchTableScroll function| $ function| jQuery object| meta function| validateAndSet function| SendRequest function| SendTxnRequest function| SendFrmRequest function| disableForm function| returnFalse function| disablekeyboardnavigation function| displayResult function| sendEmail function| restrictEnterKey function| enableForm function| trim function| trimLeft function| trimRight function| validateInp function| setVisibility string| sResizableElement number| iResizeThreshold number| iEdgeThreshold number| iSizeThreshold string| sVBarID object| oResizeTarget object| iStartX object| iEndX object| iSizeX undefined| engagedCell undefined| objTable string| selected_obj_index string| relaesed_for_obj_index string| enaged_obj string| release_obj function| release function| releasefor function| engage function| swapColumns function| TableResize_CreateVBar function| TableResize_GetOwnerHeader function| TableResize_GetFirstColumnCell function| TableResize_CleanUp function| TableResize_OnMouseMove function| TableResize_OnMouseDown function| TableResize_OnMouseUp function| highlight undefined| menuType undefined| mcontent function| ButtonLevel1 function| ButtonLevel2 function| DisplayButton function| scrollL function| scrollR function| calculateMaxMenuTabWidth function| displayMenuLevel1 function| isIE function| setStylesheet function| chooseStyle function| changeTheme function| autoCompleteDB function| autoComplete function| callNewPopUp function| onReturnSuccess function| onReturnError function| onReturnWarning function| closeNewPopUp function| getIndicator function| formatFavourite object| alphaArray object| numArray object| SpCharArray object| currSpArray object| currAlphaArray object| currNumArray object| currControlArray object| randomAlpha object| randomNum object| randomSpChar object| finalAlphaImage object| finalNumImage object| finalSpCharImage number| caps string| entry_field string| form_name string| textValue boolean| isUpper undefined| timeoutObj undefined| selectedObj boolean| isRandom boolean| isMouseClicked boolean| isProcessing number| HOVER_TIMEOUT function| setKeyboardFocus function| capsLock function| showValue function| chooseNum function| imageAlphaOnPage function| imageNumOnPage function| imageSpCharOnPage function| disableKeyBoard function| changeToStar function| changeBack function| setRandom function| doRandomize function| setCase function| changeCase function| startHover function| stopHover function| showVal function| RSAKey undefined| RSAKey.encrypt undefined| RSAKey.setPublic object| config undefined| accessToken undefined| showFrndDialog undefined| showFrndDiv undefined| showUserFunction undefined| picture undefined| isModify boolean| FbLoaded boolean| isRemoveRequired object| intervalTimer boolean| loginStatus boolean| fldGblIsRemoveReq number| selectedCount undefined| openedWindows function| initialize_fb function| doFBLogIn function| doFBLogOut function| fshowuser function| OnFblogIn function| OnFblogOut function| flogoff function| setuserinfo function| delinkSocialMedia function| fnOnClickRemove function| paintUser function| paintMultiUser function| markselected function| highlightUser function| deselectFriend function| flinksuccess function| fName function| fPicture function| flinkerror function| fselectfrnd function| fgetfrndlist function| fgetMultifrndlist function| fpaintfrndlist function| fFriendPushInArray function| fCreateFrndCell function| fCreateMultiFrndCell function| fpaintMultifrndlist function| selectAll function| showSelected function| showAll function| fTextFieldFocus function| fTextFieldBlur function| fCloseDialog function| fsetaccesstoken function| fPostToFeed function| runMethod function| setLoginStatus function| getLoginStatus undefined| closeOpenWin function| passwordStrength function| detectBrowser function| detectOther function| detectie function| redirectError undefined| scr_w string| scr_w1 undefined| scr_h string| scr_h1 function| fLogon function| setScreenSize function| locateBranches function| registerUser function| opengoal function| showFAQ function| getStatus function| window_open function| aboutbox function| extractFieldsFromURL function| createHiddenField function| unloadPopupBox function| loadPopupBox function| loadPopupBox1 function| unloadPopupBox1 function| postSocial boolean| virtKeyb undefined| speedMbps number| BW_THRESHOLD function| initializelogin function| getBandWidth function| redirectToSummaryPage function| mySetCookie function| myGetCookie function| setheight function| DeletePwd function| ClearPwd function| formwindow_open object| jQuery1102034019766808134344 function| fbAsyncInit object| FB object| fieldElem

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: https://connect.facebook.net/en_US/all.js?hash=9957116a9950c2df9271718c2a765469&ua=modern_es6(Line 52)
Message:
The method FB.getLoginStatus will soon stop working when called from http pages. Please update your site to use https for Facebook Login. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
pec-school.com
secure.bankalhabib.com
staticxx.facebook.com
secure.bankalhabib.com
117.20.16.130
148.251.188.185
2a03:2880:f02d:12:face:b00c:0:3
083a3c65e8f133d5b5da9b387ea4cc969cb90d231656ac219ea16fb0bb02b9d1
0da176a4b1c07f0353e61f30f14f72f7cd21c9f3963fbd528696fe220030cf79
0e46f5023a6287cb88deb4ec543e02068df3865476dbd0882c0bb682d8fe2993
1d1c77ff50644be5493cce781cdbecf8d084d9f1b9f725f374192168dcbc75e5
224cb317b3d31f58294b6523f37c28c99dc3e20cd92e7c8e4e77a59482fb5ba1
38d9cb85ade49bbd76f619952f927beae562d4cbecc19c10d61ff268ceccd819
39eb514373689012a877cd1d0ec94b7270aa15405806af7edb28867ad54e588f
6508db97988c4a25313e365e68888da188ce91d22632cfd81e26a49df2f9c6c0
66b9c89e4d1f070ffeddfe9c208b3aaf80c71affcd1116c7f40089f40c726058
6c6110aa4b4b4f75a42a46460aced12ddcd8d74a1a616e35658c70fac152e710
7400cbe9cfc2749338143d4af4a9719ae4d1c55b2d50895d6af628a313314606
8cb6fffac123f5a2fc50057967748c48cb102509f2bf08fc2b3f2005732aafac
974c7c5fdb37d035d4e4a1e5ff4671e38e6a4673608c4c04fe150231518b8cae
cef637b6200f4e367f1999982dba8c572b3b2e7a1e64fa6bd9059455a7ae8669
d23db1895d52ad4414f1979bb66a947ed7950953f16ca276a6c8f2d1ac3bcde2
d3ea4ce324f9aac0545af8d2805e0a56f09d71237f91c0e0aeb1c01e396aa618
dd7fff833f3c2936f9c027d83ca1433739b25c5778d514ef4354da9c632d8923
de5ed0b06fb22e7a0bdb517e1dfe927d6aedd1fb561c1f8cfe5a72cd98ed059b