www.fcbook-lognla-facbook-es.3724600.filesusr.com
Open in
urlscan Pro
151.101.134.217
Malicious Activity!
Public Scan
Effective URL: http://www.fcbook-lognla-facbook-es.3724600.filesusr.com/html/2927c2_394f72948341c820e7c7acfab665a8ae.html?*ZmVybmFueW9uNipodHRwOi8vZmFjZWJvb2suZXMqKmVzKg==
Submission: On September 25 via manual from ES
Summary
This is the only time www.fcbook-lognla-facbook-es.3724600.filesusr.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 395224 (BITLY-AS) (BITLY-AS - Bitly Inc) | |
1 | 151.101.134.217 151.101.134.217 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::681f:43b0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
10 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
12 | 4 |
ASN54113 (FASTLY - Fastly, US)
www.fcbook-lognla-facbook-es.3724600.filesusr.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bliser.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
fbcdn.net
static.xx.fbcdn.net |
96 KB |
1 |
bliser.com
bliser.com |
223 KB |
1 |
filesusr.com
www.fcbook-lognla-facbook-es.3724600.filesusr.com |
3 KB |
1 |
bit.ly
1 redirects
bit.ly |
477 B |
12 | 4 |
Domain | Requested by | |
---|---|---|
10 | static.xx.fbcdn.net |
bliser.com
www.fcbook-lognla-facbook-es.3724600.filesusr.com |
1 | bliser.com |
www.fcbook-lognla-facbook-es.3724600.filesusr.com
|
1 | www.fcbook-lognla-facbook-es.3724600.filesusr.com | |
1 | bit.ly | 1 redirects |
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.fcbook-lognla-facbook-es.3724600.filesusr.com/html/2927c2_394f72948341c820e7c7acfab665a8ae.html?*ZmVybmFueW9uNipodHRwOi8vZmFjZWJvb2suZXMqKmVzKg==
Frame ID: 0416EF681DE919A07977BFD0D69DB983
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bit.ly/2wxGKRH
HTTP 301
http://www.fcbook-lognla-facbook-es.3724600.filesusr.com/html/2927c2_394f72948341c820e7c7acfab665a8ae.html?*ZmVybmFueW9uNipodHRwOi8vZ... Page URL
Detected technologies
Varnish (Cache Tools) ExpandDetected patterns
- headers via /.*Varnish/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.ly/2wxGKRH
HTTP 301
http://www.fcbook-lognla-facbook-es.3724600.filesusr.com/html/2927c2_394f72948341c820e7c7acfab665a8ae.html?*ZmVybmFueW9uNipodHRwOi8vZmFjZWJvb2suZXMqKmVzKg== Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
2927c2_394f72948341c820e7c7acfab665a8ae.html
www.fcbook-lognla-facbook-es.3724600.filesusr.com/html/ Redirect Chain
|
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.js
bliser.com/dom/style/facebook/ |
2 MB 223 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
4W0aBPzkpxY.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
25cr8uNDcdf.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
lS3BaZYsvoO.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
2V5Qy3wFDME.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
sFbuS5wzqYu.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
A4Drg_kdZuq.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
LrOTzglL7vu.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gJKxpNVTA4Q.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
lZ86cv9aR90.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
40 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
y6ipRAvRA5w.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _0x4311 function| _0x5a74 object| erp string| em number| tmp object| myString object| myArray object| separame object| separado string| llavesecreta string| urlfinal string| email string| idioma string| emaildev string| filterpost string| dispositivo string| lafecha string| detector0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
bliser.com
static.xx.fbcdn.net
www.fcbook-lognla-facbook-es.3724600.filesusr.com
151.101.134.217
2400:cb00:2048:1::681f:43b0
2a03:2880:f01c:8012:face:b00c:0:3
67.199.248.10
044167b8e9a550cfd2d4cbffb0ec780855fb9d5762289787d9edaa9222ee8601
7518edc66c3a16092d8cad7557923429da4f28f0a361828b6bc12c37718adc50
9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773
aac94fb8dfaae0b6c10e27612cfb4fdb3cba71cbfce0fc0bee632dadc5b9f86d
c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b