www.facebook-login-account.jufriblog.com
Open in
urlscan Pro
38.75.137.25
Malicious Activity!
Public Scan
Submission: On October 24 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 24th 2019. Valid for: 3 months.
This is the only time www.facebook-login-account.jufriblog.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 38.75.137.25 38.75.137.25 | 63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST - GTHost) | |
14 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
8 | 2400:8b00:b00... 2400:8b00:b00:2:face:b00c:0:a7 | 45727 (THREE-AS-...) (THREE-AS-ID Hutchison CP Telecommunications) | |
23 | 3 |
ASN63023 (AS-GLOBALTELEHOST - GTHost, US)
PTR: 25-137-75-38.clients.gthost.com
www.facebook-login-account.jufriblog.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
ASN45727 (THREE-AS-ID Hutchison CP Telecommunications, PT, ID)
scontent.fbtj1-1.fna.fbcdn.net | |
external.fbtj1-1.fna.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fbcdn.net
static.xx.fbcdn.net scontent.fbtj1-1.fna.fbcdn.net external.fbtj1-1.fna.fbcdn.net |
533 KB |
1 |
jufriblog.com
www.facebook-login-account.jufriblog.com |
4 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
14 | static.xx.fbcdn.net |
www.facebook-login-account.jufriblog.com
|
6 | scontent.fbtj1-1.fna.fbcdn.net |
www.facebook-login-account.jufriblog.com
|
2 | external.fbtj1-1.fna.fbcdn.net |
www.facebook-login-account.jufriblog.com
|
1 | www.facebook-login-account.jufriblog.com | |
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jufriblog.com Let's Encrypt Authority X3 |
2019-10-24 - 2020-01-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-09-22 - 2019-12-20 |
3 months | crt.sh |
*.fbtj1-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA |
2019-09-23 - 2019-12-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.facebook-login-account.jufriblog.com/
Frame ID: 3104FA9A8B62774FC6B208C08726A323
Requests: 23 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Masuk
Search URL Search Domain Scan URL
Title: Masuk
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.facebook-login-account.jufriblog.com/ |
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ksegmwh22-G.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ |
75 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-2ho0DBjNfr.js
static.xx.fbcdn.net/rsrc.php/v3i87l4/ye/l/id_ID/ |
27 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hhy2XmaSnVe.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lZb4bM0z_7E.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
107 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BV2jL350IB4.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
J-pSJRmTrPz.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
64 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3omrhfeQNDI.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
824 B 650 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GGdtQbU50Nv.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q0KAfF1dstS.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7ChBpp7Yw2e.css
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ |
78 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PM1bvQHY77e.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xBFuUK4ugRF.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rMPhB4ZtGgl.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
73319945_199857637698411_2597636382859984896_n.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-1/cp0/e15/q65/c0.0.604.604a/ |
29 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50223041_137545063929669_94231891711885312_n.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-0/cp0/e15/q65/p526x296/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69511773_190101598674015_8525718470078234624_o.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-0/cp0/e15/q65/p480x480/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
68894930_189318045419037_8057558316030623744_n.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-0/cp0/e15/q65/p526x296/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
47156828_119019852448857_3985935126218407936_o.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-9/cp0/e15/q65/p851x315/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53646129_150774022606773_8182048011824660480_o.jpg
scontent.fbtj1-1.fna.fbcdn.net/v/t1.0-0/cp0/e15/q65/p480x480/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
safe_image.php
external.fbtj1-1.fna.fbcdn.net/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
safe_image.php
external.fbtj1-1.fna.fbcdn.net/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8ujQQu1Qjk1.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
140 KB 140 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
external.fbtj1-1.fna.fbcdn.net
scontent.fbtj1-1.fna.fbcdn.net
static.xx.fbcdn.net
www.facebook-login-account.jufriblog.com
2400:8b00:b00:2:face:b00c:0:a7
2a03:2880:f01c:8012:face:b00c:0:3
38.75.137.25
00824c1192897cd3cf9def36ebcca89a932995fadcedc528debac651427daaf3
0cb58e8818056849035438baeb8557006133f756981add9439ef61da7f4eb198
23e4f6f970ebceaf8acd404b2034316d2e3eb1c0b190cb525988678c674d870e
32db2382b2b09d5e023cdd1c03733db9d31e5f90119d22fd1e3bb2552bb1cba5
352bdac6500d922037762d4db3947d584bb4a97e61c3936d79e086722b3621e8
3829a44d0dcb69f6bf94014f057e42ea0165afbdfa2eb66b633eacc7d37a3956
3c4626f65fd09b51af035c74cdc214ca7129945d78a430c03048c560ddf482ca
40f54e1f8224d2feb912fcc8ec245d9e963ce60ef74ef0a83904f7e5f3dcb9c5
467fde8e20de45f1c83266a340b9ef755059e93b5f478720790b429be3462ab5
4c874c6d48288cc815a32386b7962bbdbc7934a6a1f4de2985f730b9da80c506
72eb8aa2ee86214215786a87289ef30fe118806b32a162d22ff1ef2b7bb1896e
7e5bcb05e5b4c285b83a6efddc9f26237e376a8a3709bdd4f71e731afda83475
830af957c8d8d9b88afd7344f54b84075f2e094c4d12a1431345817a816b6069
8adcf08b83a5f2713e62fe985f77d5b0f69807cb99b74b446a0885700d964313
9fa429b990f6d56620877a6458e7615c81f6ba464f292363ef3fdf2f0a401408
b41a272eefedcc10bc26a09f597d11ecd1e646c35d494ca817512266d7405a79
bb8f0403bc9dcd8ea035e756c9d18fd271ae971f01298996e7c045562c3e3523
bba4aca3d0357dcf18d7de2ff6921dc17d94df3aa353bffe7c08e51d8c825caa
d6013a597709da89e714312a45c4b89da05b275b158aed8c8b22f86b7f9903c7
dbc1faeec759c72ce1321e2b040bee56b79931f057ff1c022d6464a642167b9e
ea31ac6ca9e98c3bae234610d20c217e0f17f124c9d2c42691e7fcc52f8ec6ee
f90e91de3352fba56c00a0d2fcf2a99fe55e2f37e2d38edad015a4e2fc92ac29
fecaf0e4b37865da1129aa4af6c926e785c83b7505cef14afc87b1f5757f439a