pemblokiran-faceboook.duckdns.org
Open in
urlscan Pro
178.128.118.92
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On September 12 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 12th 2021. Valid for: 3 months.
This is the only time pemblokiran-faceboook.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 178.128.118.92 178.128.118.92 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
6 | 185.60.218.36 185.60.218.36 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 104.16.19.94 104.16.19.94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 185.60.218.35 185.60.218.35 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 13.227.158.38 13.227.158.38 | 16509 (AMAZON-02) (AMAZON-02) | |
36 | 6 |
ASN14061 (DIGITALOCEAN-ASN, US)
pemblokiran-faceboook.duckdns.org |
ASN32934 (FACEBOOK, US)
PTR: edge-z-m-mini-shv-01-otp1.facebook.com
z-m-static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com
facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-38.muc51.r.cloudfront.net
api.pubgameshowtime.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
fbcdn.net
z-m-static.xx.fbcdn.net Failed |
17 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
118 KB |
2 |
duckdns.org
pemblokiran-faceboook.duckdns.org |
6 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
428 B |
1 |
facebook.com
facebook.com |
2 KB |
36 | 5 |
Domain | Requested by | |
---|---|---|
6 | z-m-static.xx.fbcdn.net |
pemblokiran-faceboook.duckdns.org
|
3 | cdnjs.cloudflare.com |
pemblokiran-faceboook.duckdns.org
cdnjs.cloudflare.com |
2 | pemblokiran-faceboook.duckdns.org |
pemblokiran-faceboook.duckdns.org
|
1 | api.pubgameshowtime.com |
cdnjs.cloudflare.com
|
1 | facebook.com |
pemblokiran-faceboook.duckdns.org
|
36 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pemblokiran-faceboook.duckdns.org cPanel, Inc. Certification Authority |
2021-09-12 - 2021-12-11 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pemblokiran-faceboook.duckdns.org/
Frame ID: 4A8C91ACB16546239A669B98978043CF
Requests: 36 HTTP requests in this frame
Screenshot
Page Title
Masuk Facebook | FacebookDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Pasang Facebook untuk Android dan buka lebih cepat.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
pemblokiran-faceboook.duckdns.org/ |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BssS1pszwOI.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yD/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lXVzHnr2v-_.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yM/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
qE6cK94kF5e.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y-/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NGZ4Wd8qG0L.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iuh0wz-ZWHQ.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yo/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JopZtdti8dq.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y_/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_00CF2IyOwS.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yW/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
koy8K7tBL10.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yH/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aogd0M9sa1y.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yu/r/ |
3 KB 999 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
12Ow_6qs55n.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iv9n4/y8/l/id_ID/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CIDj1xzb5v3.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lYRTzA6icr8.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4MFjarAmouj.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iS7U4/yJ/l/id_ID/ |
26 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
OKbZUe4Av86.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
JH3uCoByr_6.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iYXx4/yu/l/id_ID/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
QLQUtrdVKkq.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yl/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KhRTYdvoP2C.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_VEGWWoFES.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yT/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
NOmsNpPjqKN.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
n4bGLjGRWrl.js
z-m-static.xx.fbcdn.net/rsrc.php/v3i8594/yC/l/id_ID/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
RpTFjVvO4D0.js
z-m-static.xx.fbcdn.net/rsrc.php/v3i87l4/y1/l/id_ID/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BwjU4B_qfpp.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MWvumgRWt_K.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
rvBN2HlBGcU.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
u9jdwpbVY-_.js
z-m-static.xx.fbcdn.net/rsrc.php/v3ijea4/yD/l/id_ID/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
uuLh2S22YH1.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
qZuQMPwNL2P.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
IxxDAbiZepi.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngStyle.css
pemblokiran-faceboook.duckdns.org/ngCss/ |
2 KB 642 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
z-m-static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
60 B 428 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ |
78 KB 79 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yD/r/BssS1pszwOI.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yM/r/lXVzHnr2v-_.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y-/r/qE6cK94kF5e.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y0/r/NGZ4Wd8qG0L.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yo/r/iuh0wz-ZWHQ.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yW/r/_00CF2IyOwS.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yH/r/koy8K7tBL10.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3iv9n4/y8/l/id_ID/12Ow_6qs55n.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yr/r/CIDj1xzb5v3.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yS/r/lYRTzA6icr8.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yw/r/OKbZUe4Av86.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3iYXx4/yu/l/id_ID/JH3uCoByr_6.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yl/r/QLQUtrdVKkq.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/KhRTYdvoP2C.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yJ/r/NOmsNpPjqKN.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3i8594/yC/l/id_ID/n4bGLjGRWrl.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3i87l4/y1/l/id_ID/RpTFjVvO4D0.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/MWvumgRWt_K.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/rvBN2HlBGcU.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3ijea4/yD/l/id_ID/u9jdwpbVY-_.js?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/uuLh2S22YH1.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/qZuQMPwNL2P.css?_nc_x=Ij3Wp8lg5Kz
- Domain
- z-m-static.xx.fbcdn.net
- URL
- https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/IxxDAbiZepi.css?_nc_x=Ij3Wp8lg5Kz
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| ngSubmit function| checkip0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
70 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
cdnjs.cloudflare.com
facebook.com
pemblokiran-faceboook.duckdns.org
z-m-static.xx.fbcdn.net
z-m-static.xx.fbcdn.net
104.16.19.94
13.227.158.38
178.128.118.92
185.60.218.35
185.60.218.36
1f8de5caa04762b7be8dba859264076b85c316d2366f543620172b4afa45585c
211b83442b0ce7a00be5003a217b6223178cc8c482157722ab23889969895e18
3c6cae00393af2bd62344d552218695a064dce2bd45afcd15014a0dd01be3718
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
912b8c078c9a42fadd6786bf008b8596debf26b62909afa6a3064451a6a049b7
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
9f737a9ddc6c4ed27d748f1571a6041eecda3dfd7c391898cc35b01f0e6c435d
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
b3a487897fe4b83fc39ec5a80098729310efda6df52d6d10bb1507b2d45064d7
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
e73a2f8fcc0ed0c3466458c56abfa872aaa63c72c78368f3e98ad891bb535760
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d