facebook-help.support
Open in
urlscan Pro
185.155.96.35
Malicious Activity!
Public Scan
Effective URL: https://facebook-help.support/
Submission: On April 06 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 31st 2022. Valid for: 3 months.
This is the only time facebook-help.support was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
10 | 185.155.96.35 185.155.96.35 | 202759 (FAIRYHOSTING) (FAIRYHOSTING) | |
1 | 34.117.59.81 34.117.59.81 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
4 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 88.80.147.129 88.80.147.129 | 44901 (BELCLOUD) (BELCLOUD) | |
18 | 5 |
ASN202759 (FAIRYHOSTING, EE)
PTR: raik.designute.com
facebook-help.support |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
facebook-help.support
facebook-help.support |
1 MB |
4 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 99 |
140 KB |
2 |
apifreshteam.com
apifreshteam.com |
312 B |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6710 |
408 B |
1 |
fbsbx.com
www.fbsbx.com — Cisco Umbrella Rank: 155251 |
3 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
10 | facebook-help.support |
facebook-help.support
|
4 | www.facebook.com |
facebook-help.support
|
2 | apifreshteam.com |
facebook-help.support
|
1 | ipinfo.io |
facebook-help.support
|
1 | www.fbsbx.com | |
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-01-14 - 2022-04-14 |
3 months | crt.sh |
facebook-help.support R3 |
2022-03-31 - 2022-06-29 |
3 months | crt.sh |
ipinfo.io GTS CA 1D4 |
2022-02-24 - 2022-05-25 |
3 months | crt.sh |
apifreshteam.com R3 |
2022-03-31 - 2022-06-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://facebook-help.support/
Frame ID: DEE5383B135BBD291B7FC77AED4B22F6
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Help CenterPage URL History Show full URLs
- https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBA... Page URL
- https://facebook-help.support/ Page URL
Detected technologies
Ant Design (JavaScript Frameworks) ExpandDetected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.fbsbx.com/developer/tools/playable-preview/preview-asset/?handle_str=GPbahwS4Q_sI_sEBAOS63H55D08gboRqAAAA Page URL
- https://facebook-help.support/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.fbsbx.com/developer/tools/playable-preview/preview-asset/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
facebook-help.support/ |
746 B 678 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.b09c3a4d.js
facebook-help.support/static/js/ |
788 KB 788 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.f82ce72a.css
facebook-help.support/static/css/ |
585 KB 586 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
ipinfo.io/ |
314 B 408 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebookLogo1.png
facebook-help.support/ |
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure.png
facebook-help.support/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrowdown.png
facebook-help.support/ |
172 B 418 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yourprivacy.png
facebook-help.support/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drawimage.png
facebook-help.support/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reportingabuse.png
facebook-help.support/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logometa.png
facebook-help.support/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11cdjuP55Lo.png
www.facebook.com/rsrc.php/v3/yF/r/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gjTEpitnxIv.png
www.facebook.com/rsrc.php/v3/yl/r/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Y4qEfNKxt-z.png
www.facebook.com/rsrc.php/v3/yu/r/ |
84 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oSkF_jfLLiO.png
www.facebook.com/rsrc.php/v3/ym/r/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
oneToken
apifreshteam.com/api/users/ |
37 B 312 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
oneToken
apifreshteam.com/api/users/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackChunkfbae_clone object| regeneratorRuntime0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src data: blob: *.fbcdn.net *.fbsbx.com;script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self' *.fbsbx.com;font-src *.fbsbx.com fbsbx.com *.fbcdn.net data:;img-src *.fbsbx.com *.fbcdn.net data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; |
Strict-Transport-Security | max-age=31536000; preload; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apifreshteam.com
facebook-help.support
ipinfo.io
www.facebook.com
www.fbsbx.com
185.155.96.35
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
34.117.59.81
88.80.147.129
09ca171e68260913bfd1a1e535662b0095c00eb3f54c167aa0cb367110254496
2313c3fceb42deca30dc26839f7133146d43cdd5963a702743688ff4af829a48
3c60702e5c6f634d24f67ab5cd7e2971716284e20453b168dc642ec503428add
4851ed4c04f358bf3a4886c77726c10d6304bdd5d5a7a4784851987cc5b1f966
4d6076ed3b84aaeebed013602859317f84323e382e741ceefc517cab1ad49fd2
5aaf62fae22726833ee9736565e82156d138373ee93a8e56d1554abad557f495
5d5e444b8ea1d79da3d6de98145c64c6387c2514c08cd18e3159a2907d3a9c13
7c72f2c47ebb115e5922bc6a85c79c5d6df2b713de72570527cdb0135ba5dcec
84e30295e10b684475b110001987652754c5738c32f691a1196f95107b0784f6
8ee6e378d2d70a5f5c9772c38571e5334ef8620c34bcdd479d06cd6b16dfb964
916e0b22e5455f61e2a75459d2087456caa97896dc25853f76e5b853d08ef611
a14fd4d49f053df2ff5c8c4bee5fa141cbc1878cf8a006207b9d5265bf6548e6
a8578b4a7b0e467d481ba55df240e9cb27d4497a4403be0390be2543a1303fd0
c2435db27ddf6a45722350331f207dd2ff513ff163e93481bcdb51b6bb970f09
e2d85b7515cbe41fed7e43bde39ecab913e2702708d9901ef0918ded28e69bec
ee17fdd9c919e7aab8295e1ab3f24929126298033354db9e0b712597b7aaea29
f0467f9693642f683f97262490f36b1dfc43095b2ad7fa758bf572a49563d132