facebook.meweb.kz
Open in
urlscan Pro
2a00:5da0:1000::118
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On May 28 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 27th 2022. Valid for: 3 months.
This is the only time facebook.meweb.kz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2a00:5da0:100... 2a00:5da0:1000::118 | 48716 (PSKZ-ALA) (PSKZ-ALA) | |
1 | 54.237.133.81 54.237.133.81 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
7 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com
6282500ded9edf7bd882691b.mockapi.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
meweb.kz
facebook.meweb.kz |
83 KB |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2136 |
29 KB |
1 |
mockapi.io
6282500ded9edf7bd882691b.mockapi.io |
2 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
5 | facebook.meweb.kz |
facebook.meweb.kz
|
1 | upload.wikimedia.org |
facebook.meweb.kz
|
1 | 6282500ded9edf7bd882691b.mockapi.io |
facebook.meweb.kz
|
7 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
facebook.meweb.kz R3 |
2022-05-27 - 2022-08-25 |
3 months | crt.sh |
*.mockapi.io R3 |
2022-03-08 - 2022-06-06 |
3 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-10-19 - 2022-11-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://facebook.meweb.kz/
Frame ID: B5A6E3DC998DEFC6AD98B83DB36E0BFA
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
facebook.meweb.kz/ |
848 B 522 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.8d0ad95e.js
facebook.meweb.kz/js/ |
151 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.350ced4b.js
facebook.meweb.kz/js/ |
28 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.ee91ea4f.css
facebook.meweb.kz/css/ |
102 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.11e254e1.css
facebook.meweb.kz/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
users
6282500ded9edf7bd882691b.mockapi.io/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Facebook_Logo_%282019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/8/89/Facebook_Logo_%282019%29.svg/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| webpackChunkfacebook function| clearImmediate function| setImmediate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6282500ded9edf7bd882691b.mockapi.io
facebook.meweb.kz
upload.wikimedia.org
2620:0:862:ed1a::2:b
2a00:5da0:1000::118
54.237.133.81
1efc079e9988642963b7f9893f9c471e39d82d540322da8cc07082f1299ec92f
26069502d420ce48e64f4600e149ac1ee6a420ea75adaee575e2ebcca6d117ae
3abe099e79bb7af032ea507c59aec31663581a09b8f9dc92b31f05f870117bca
4ef50dcb2dc7ce6d34096b342d3a6b9073590b284f711d26dd99c6fe07970da4
9911fe7df3a39a5e78e08c07ec99b2dbc73dd03a9cc900446350fca2c99f4bca
c00eb1527bb7a9417b49760a9eb3b34e6da3055284e577822756bf2eddf93952
d369024e0015a40834b494f2a6a11544c741e7131d135f25b99442dc56a5ca78