facebook.meweb.kz Open in urlscan Pro
2a00:5da0:1000::118  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response facebook.meweb.kz/	848 B 522 B	464ms 117ms	Document text/html	2a00:5da0:1000::118 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:5da0:1000::118 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx / PleskLin Resource Hash c00eb1527bb7a9417b49760a9eb3b34e6da3055284e577822756bf2eddf93952 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html date Sat, 28 May 2022 00:10:58 GMT etag W/"350-5e001174c0380" last-modified Fri, 27 May 2022 16:49:34 GMT server nginx vary Accept-Encoding x-content-type-options nosniff x-powered-by PleskLin
GET H2	200	chunk-vendors.8d0ad95e.js Show response facebook.meweb.kz/js/	151 KB 49 KB	118ms 116ms	Script application/javascript	2a00:5da0:1000::118 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://facebook.meweb.kz/js/chunk-vendors.8d0ad95e.js Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:5da0:1000::118 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx / PleskLin Resource Hash 9911fe7df3a39a5e78e08c07ec99b2dbc73dd03a9cc900446350fca2c99f4bca Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://facebook.meweb.kz/ Origin https://facebook.meweb.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 00:10:58 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 27 May 2022 16:49:34 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 etag W/"6291011e-25c5a" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	app.350ced4b.js Show response facebook.meweb.kz/js/	28 KB 6 KB	118ms 117ms	Script application/javascript	2a00:5da0:1000::118 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://facebook.meweb.kz/js/app.350ced4b.js Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:5da0:1000::118 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx / PleskLin Resource Hash 4ef50dcb2dc7ce6d34096b342d3a6b9073590b284f711d26dd99c6fe07970da4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://facebook.meweb.kz/ Origin https://facebook.meweb.kz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 00:10:58 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 27 May 2022 16:49:34 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 etag W/"6291011e-71cd" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	chunk-vendors.ee91ea4f.css facebook.meweb.kz/css/	102 KB 24 KB	117ms 117ms	Stylesheet text/css	2a00:5da0:1000::118 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://facebook.meweb.kz/css/chunk-vendors.ee91ea4f.css Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:5da0:1000::118 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx / PleskLin Resource Hash d369024e0015a40834b494f2a6a11544c741e7131d135f25b99442dc56a5ca78 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://facebook.meweb.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 00:10:58 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 27 May 2022 16:49:24 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type text/css cache-control max-age=315360000 etag W/"62910114-19997" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	app.11e254e1.css facebook.meweb.kz/css/	10 KB 3 KB	117ms 117ms	Stylesheet text/css	2a00:5da0:1000::118 PSKZ-ALA
General Check archive.org Show headers Download Go to Full URL https://facebook.meweb.kz/css/app.11e254e1.css Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:5da0:1000::118 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ), Reverse DNS Software nginx / PleskLin Resource Hash 1efc079e9988642963b7f9893f9c471e39d82d540322da8cc07082f1299ec92f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://facebook.meweb.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sat, 28 May 2022 00:10:58 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 27 May 2022 16:49:24 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type text/css cache-control max-age=315360000 etag W/"62910114-2769" expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	users Show response 6282500ded9edf7bd882691b.mockapi.io/	5 KB 2 KB	347ms 105ms	XHR application/json	54.237.133.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://6282500ded9edf7bd882691b.mockapi.io/users Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/js/chunk-vendors.8d0ad95e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-237-133-81.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 26069502d420ce48e64f4600e149ac1ee6a420ea75adaee575e2ebcca6d117ae Request headers Accept application/json, text/plain, */* Referer https://facebook.meweb.kz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Sat, 28 May 2022 00:10:58 GMT Content-Encoding deflate Etag "1845464905" Server Cowboy X-Powered-By Express Vary Accept-Encoding Access-Control-Allow-Methods GET,PUT,POST,DELETE,OPTIONS Content-Type application/json Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Cache-Control,access_token Via 1.1 vegur
GET H2	200	1200px-Facebook_Logo_%282019%29.svg.png upload.wikimedia.org/wikipedia/commons/thumb/8/89/Facebook_Logo_%282019%29.svg/	28 KB 29 KB	138ms 60ms	Image image/png	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/8/89/Facebook_Logo_%282019%29.svg/1200px-Facebook_Logo_%282019%29.svg.png Requested by Host: facebook.meweb.kz URL: https://facebook.meweb.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash 3abe099e79bb7af032ea507c59aec31663581a09b8f9dc92b31f05f870117bca Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://facebook.meweb.kz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 27 May 2022 05:34:46 GMT nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 66972 x-cache-status hit-local x-cache cp3065 hit, cp3061 miss content-disposition inline;filename*=UTF-8''Facebook_Logo_%282019%29.svg.png server-timing cache;desc="hit-local", host;desc="cp3061" content-length 28256 x-client-ip 2a02:6ea0:c71b:0:1012:ea5e:1f31:cdb accept-ranges bytes last-modified Tue, 20 Jul 2021 04:35:05 GMT server ATS/8.0.8 etag 857d11df851ad3cf76ffa312fdbede02 strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version timing-allow-origin *

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| webpackChunkfacebook function| clearImmediate function| setImmediate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6282500ded9edf7bd882691b.mockapi.io
facebook.meweb.kz
upload.wikimedia.org
2620:0:862:ed1a::2:b
2a00:5da0:1000::118
54.237.133.81
1efc079e9988642963b7f9893f9c471e39d82d540322da8cc07082f1299ec92f
26069502d420ce48e64f4600e149ac1ee6a420ea75adaee575e2ebcca6d117ae
3abe099e79bb7af032ea507c59aec31663581a09b8f9dc92b31f05f870117bca
4ef50dcb2dc7ce6d34096b342d3a6b9073590b284f711d26dd99c6fe07970da4
9911fe7df3a39a5e78e08c07ec99b2dbc73dd03a9cc900446350fca2c99f4bca
c00eb1527bb7a9417b49760a9eb3b34e6da3055284e577822756bf2eddf93952
d369024e0015a40834b494f2a6a11544c741e7131d135f25b99442dc56a5ca78