flag-fbook-784745348.asayel.ps
Open in
urlscan Pro
198.204.235.10
Malicious Activity!
Public Scan
Submission: On October 21 via automatic, source openphish
Summary
TLS certificate: Issued by *.asayel.ps on October 20th 2020. Valid for: a year.
This is the only time flag-fbook-784745348.asayel.ps was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 198.204.235.10 198.204.235.10 | 33387 (NOCIX) (NOCIX) | |
6 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 3 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
9 | 3 |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
fbcdn.net
1 redirects
static.xx.fbcdn.net fbcdn.net |
47 KB |
2 |
asayel.ps
flag-fbook-784745348.asayel.ps |
102 KB |
1 |
fbsbx.com
fbsbx.com |
169 B |
1 |
facebook.com
1 redirects
facebook.com |
129 B |
9 | 4 |
Domain | Requested by | |
---|---|---|
6 | static.xx.fbcdn.net |
flag-fbook-784745348.asayel.ps
static.xx.fbcdn.net |
2 | flag-fbook-784745348.asayel.ps |
flag-fbook-784745348.asayel.ps
|
1 | fbsbx.com |
flag-fbook-784745348.asayel.ps
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
9 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.asayel.ps *.asayel.ps |
2020-10-20 - 2021-10-20 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-08-18 - 2020-11-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://flag-fbook-784745348.asayel.ps/gate.html?location=bc6fc007ee0b7851f5be74cef75f1ec8
Frame ID: D5752E8897CE7705633ED7823C3E3F1D
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
gate.html
flag-fbook-784745348.asayel.ps/ |
60 B 301 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myscr908173.js
flag-fbook-784745348.asayel.ps/ |
101 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s0XShOAXyWC.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ |
89 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h43SCKgbNeg.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fbsbx.com/security/ Redirect Chain
|
43 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JJsC9S33ata.png
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EjzW2F-_k3z.png
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fbcdn.net
fbsbx.com
flag-fbook-784745348.asayel.ps
static.xx.fbcdn.net
198.204.235.10
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
32338b3a796b0ee8df97dbe07f7223448831ea3f115ccf52348961a0d0d2a318
39851cf509d8e6142c7e77cc2ee475c50ad358ca3be899954bf17c2155ae49ca
4c8875aaa67ca65c188527d4e6d6313eb32654931b8c6d01a1712bb66462cfde
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cf6803b140baf8787a91e50c401cf599c08d1d01f20f1a22342e8f961a7765e
75d3c6d209ba05b5769f044544665173d57a7be5426d5ce9982173231aa74e37
91d2477807498e356914242db913f113823a28da7c1bb53ef5f7092626f05cb1
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404