fb-page-realtorlisting2351.com
Open in
urlscan Pro
198.187.31.193
Malicious Activity!
Public Scan
Submission: On March 24 via automatic, source openphish
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 22nd 2021. Valid for: a year.
This is the only time fb-page-realtorlisting2351.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 198.187.31.193 198.187.31.193 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
13 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business45-1.web-hosting.com
fb-page-realtorlisting2351.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
fb-page-realtorlisting2351.com
fb-page-realtorlisting2351.com |
326 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | fb-page-realtorlisting2351.com |
fb-page-realtorlisting2351.com
code.jquery.com |
1 | code.jquery.com |
fb-page-realtorlisting2351.com
|
13 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fb-page-realtorlisting2351.com Sectigo RSA Domain Validation Secure Server CA |
2021-03-22 - 2022-03-22 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fb-page-realtorlisting2351.com/
Frame ID: 7916DCEED199291497B92387C9E3B583
Requests: 13 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Title: Get Facebook for Android and browse faster.
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fb-page-realtorlisting2351.com/ |
902 KB 95 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zRw_UXDzIxa.css
fb-page-realtorlisting2351.com/login_files/ |
41 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T5M71SuaR0H.css
fb-page-realtorlisting2351.com/login_files/ |
82 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3RjxYC8Gpx8.js
fb-page-realtorlisting2351.com/login_files/ |
363 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2p2n-4YaSvj.js
fb-page-realtorlisting2351.com/login_files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fb-page-realtorlisting2351.com/login_files/ |
43 B 346 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Xb1s3LfzQ8J.js
fb-page-realtorlisting2351.com/login_files/ |
67 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bobVBpA3LjN.js
fb-page-realtorlisting2351.com/login_files/ |
64 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O0_oAbqR1zY.js
fb-page-realtorlisting2351.com/login_files/ |
48 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3RFirF311pn.png
fb-page-realtorlisting2351.com/login_files/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
fb-page-realtorlisting2351.com/include/ |
0 371 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9MKxhDQk2Tk.png
fb-page-realtorlisting2351.com/login_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ZTM function| LjPWgHCQvPwIHWGGbk function| QTmwPattgKlKlAvHusYI function| efVdoaTIBoeLNlJdpGddoNLT function| AYrzJkEtSGMZMGwtZjrqasozhHbHaAzmGz object| ZxHjVFzwqKEmMYWCLKGwpHozTXySNzxohvUklbUWEQ string| gmriAvYueqZOTRdhCCAsmuvpGjTbeSOAyOxWwMUUwGw object| IxPdXXYFEAYdVPmDsWzFLuDnASgrgeWvENZyGsQjPcbF number| HzJnSb function| _0xc892be number| tmp function| envFlush object| Env number| __DEV__ undefined| __p function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| TimeSlice function| $ function| jQuery function| MRequest object| MAjaxify function| ProfilingCounters object| SnappyJS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fb-page-realtorlisting2351.com/ | Name: PHPSESSID Value: cbd2aa6b84a669ad802a7342333b24ee |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
fb-page-realtorlisting2351.com
198.187.31.193
2001:4de0:ac18::1:a:2b
0301b82e7868f282afc8a4e5166960cad262cc27ed627c71ffac1f578f766965
0481e2f4ea18e0132c1c40419a05de534d863aa6293c4fdde8e25ec90e4267d0
05b119e7a7246179dcaf3b10c3c08ef94980c642aebf70ab224c5ab306910bb4
09991ea8ce9bea66087de86f771e4697ead599c27311b41b7cc84514ea5a0d4b
24f44078c4b09fbdda5e2b404e199ad410e9c80a08e5531b00f46a179e6a37ce
4b02d242cafbb190d72055076bb300f1b83495098d712c7779d96fcf2a55d6b0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6089cc3db3959b8a88bcc2b2b20d210a9290a435fc81c582c42ccde559e664ea
7483bb2a89844198e6d2393f7e9480fc011cdc93c177acb0fc7854acdb9b9ea8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
bb3c5709f0b32ab81d2f12e8e56f34e97136b10b0f5158184b4268d4b9a797a2
e0d2d983ad27063dde3755719a1f8dabca55efe16f850f06d54f5c1e62f7393e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855