xn--facebook-v0e.com-1004928590014.icu
Open in
urlscan Pro
Puny
facebookĖ.com-1004928590014.icu IDN
2606:4700:30::681b:a805
Malicious Activity!
Public Scan
Effective URL: https://xn--facebook-v0e.com-1004928590014.icu/help/contact/
Submission: On December 28 via manual from GB
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 27th 2018. Valid for: a year.
This is the only time xn--facebook-v0e.com-1004928590014.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 4 | 2606:4700:30:... 2606:4700:30::681b:a805 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
20 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:f11... 2a03:2880:f11a:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
22 | 3 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
facebook.com-1004928590014.icu | |
xn--facebook-v0e.com-1004928590014.icu |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
fbcdn.net
static.xx.fbcdn.net |
160 KB |
4 |
com-1004928590014.icu
3 redirects
facebook.com-1004928590014.icu xn--facebook-v0e.com-1004928590014.icu |
5 KB |
1 |
facebook.com
facebook.com |
972 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | static.xx.fbcdn.net |
xn--facebook-v0e.com-1004928590014.icu
|
3 | xn--facebook-v0e.com-1004928590014.icu | 2 redirects |
1 | facebook.com |
xn--facebook-v0e.com-1004928590014.icu
|
1 | facebook.com-1004928590014.icu | 1 redirects |
22 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-12-27 - 2019-12-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xn--facebook-v0e.com-1004928590014.icu/help/contact/
Frame ID: C8DB44DB07128B0A98C468728FA74760
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://facebook.com-1004928590014.icu/help/support/
HTTP 302
https://xn--facebook-v0e.com-1004928590014.icu/help/contact HTTP 301
http://xn--facebook-v0e.com-1004928590014.icu/help/contact/ HTTP 301
https://xn--facebook-v0e.com-1004928590014.icu/help/contact/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://facebook.com-1004928590014.icu/help/support/
HTTP 302
https://xn--facebook-v0e.com-1004928590014.icu/help/contact HTTP 301
http://xn--facebook-v0e.com-1004928590014.icu/help/contact/ HTTP 301
https://xn--facebook-v0e.com-1004928590014.icu/help/contact/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
xn--facebook-v0e.com-1004928590014.icu/help/contact/ Redirect Chain
|
21 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HMNf3FJHyVp.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ |
36 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qkoT8XsxzEY.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
216 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mO5cEprFrIz.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ |
42 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wRFylSt52f-.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ |
100 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PLtQsMhwWEj.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
D8-oLphwVYz.css
static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q9gyjp-UYpf.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UKWvyDhL2lD.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ |
45 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5VSlTTt_5fv.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-Wqg5hSExXn.css
static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
86VwQirE10G.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ |
160 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t2BUt60Yr51.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ |
24 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ylDpvoWeIvF.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Jxr_IcpNJfx.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ |
64 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jKEcVPZFk-2.gif
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 972 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XWWyMJejq62.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EKmTgx6kXf-.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
177 B 373 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LKZxKLdAATz.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZfEnzlfafxC.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
95 B 289 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.com-1004928590014.icu/ | Name: __cfduid Value: df2a32f8085f43e3c5e213be0ae340eba1546016807 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
facebook.com-1004928590014.icu
static.xx.fbcdn.net
xn--facebook-v0e.com-1004928590014.icu
2606:4700:30::681b:a805
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11a:83:face:b00c:0:25de
03c7a69b357492d37b1e5e045be0db2fc894e9e28dc4dbd739df03bb14da3fba
06924a4d95f43b47d4025eb7cc44b7a4bfac3f2e833340d2865c8cd27be706c6
10cc77ee2fa52c5347481393076427ea59c276af54f6ed023f45f0e44b4a863a
19706af35761672c00f663e560e7fa8a442257874b71e1a662a7ff3f406b9b6f
22452eb6ec83a583a25286002264931e62d2a041d2df4102b10d7b714fd96898
42fd2e009eb28c9657aabe8c5812e8b6c7666e72d1e897bee21e48990c4b485f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b337338f478441bca5e6c425b8a0e7283008e8b70e12c4dac044992051466e
63ce07e9baed91b243ca47b88a31ab89600e7a7549f9dc6f7b4d4334579ec43f
6c893bbd1cbf69c745183ea0ce888f49a7d323886acc424f357e2992a412b13e
8a53a94aa26b2d56b3b4a92c00b21816b91be8a9892626ee6b05fef393cc02d5
959c2f12fdd6a9d4035f842a2d355c566c4598b321414b4e098b4a0381429aae
9ac1413e7f9f339a6c0b9458c1f491ecfe9d57941f5ccdb44991030722e2e509
a727265d5a8adfbf8f86ed5efdc71f6cde2e5d4fdc7e4954f45877d284c1c2a9
a99a80e549999790ee756daf34b0022048173b07a90aee2caa15c5adfec9c58f
bf9b7823659dade9167b0f0c07edfed24fe205a6cb4c43e6d769c111f55dbde9
c06257809204caa54075d6a2432d784f6c9cbdd67cbe6be4cd30caee4e1bd4c9
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c653a9ea76b3d9b7911628bebcf92d740521b91644ee75883bdca7f735c722c6
c74e3efa01dd61da1eb3495fc1fabe9489cea514c4c680708765f478d95d795b
d70104ad6c9b7b2ac47590439e0d391a96044f7af065f78b2440d2aeafd14066
f6bbff890acb9e061a3ddecc6a4237396dfe384e213d421432926f8fe1fb0351