wambia2-s3.tdglabph.com
Open in
urlscan Pro
143.204.98.79
Malicious Activity!
Public Scan
Submission: On November 15 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Amazon on November 15th 2021. Valid for: a year.
This is the only time wambia2-s3.tdglabph.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 143.204.98.79 143.204.98.79 | 16509 (AMAZON-02) (AMAZON-02) | |
32 | 2a03:2880:f21... 2a03:2880:f21c:81c2:face:b00c:0:1cc9 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
36 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-79.fra50.r.cloudfront.net
wambia2-s3.tdglabph.com |
ASN32934 (FACEBOOK, US)
z-p3-static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
fbcdn.net
z-p3-static.xx.fbcdn.net |
344 KB |
3 |
tdglabph.com
wambia2-s3.tdglabph.com |
27 KB |
1 |
facebook.com
facebook.com |
2 KB |
36 | 3 |
Domain | Requested by | |
---|---|---|
32 | z-p3-static.xx.fbcdn.net |
wambia2-s3.tdglabph.com
z-p3-static.xx.fbcdn.net |
3 | wambia2-s3.tdglabph.com |
z-p3-static.xx.fbcdn.net
|
1 | facebook.com |
wambia2-s3.tdglabph.com
|
36 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wambia2-s3.tdglabph.com Amazon |
2021-11-15 - 2022-12-14 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-08-24 - 2021-11-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wambia2-s3.tdglabph.com/
Frame ID: EC01272E2C31DAAE0E6FD051E397C5A9
Requests: 37 HTTP requests in this frame
21 Outgoing links
These are links going to different origins than the main page.
Title: Forgotten password?
Search URL Search Domain Scan URL
Title: Kiswahili
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
wambia2-s3.tdglabph.com/ |
78 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6DnbPhjybUH.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZpY-5VCMWjt.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BMSKS9fePIK.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iKuj0fAGEho.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lcNE7V9VLS9.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jai0Ppf6Zqc.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
R6W38iqCFLl.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
302 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
z-p3-static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yl0gnwSW8gu.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
34 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t6JOsCOAZIb.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
29 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kQSTfGm8oAR.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3ij9m4/yQ/l/en_GB/ |
69 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
UC5F8LOJDJu.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y8/r/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fltI4H7l3G0.png
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yg/r/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
YQNfPR9MJfx.png
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 977 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TiYg_mMBRIh.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3iYXl4/yx/l/en_GB/ |
91 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
X15SzsrEHAM.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
950 B 529 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0bx_aThBisA.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3iCwx4/yh/l/en_GB/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oOKT-A18dJK.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
54 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1tHUaz-SefL.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yL/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DHcX8zshUQb.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
59 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_BDLad9QliC.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vf6vcqK1e2N.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3igbH4/yx/l/en_GB/ |
63 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5C0Uj9jiR3H.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
602 B 377 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2NCbCfjk18z.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a3uIShSFIvj.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y8/r/ |
483 B 313 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LlBt34FiaHg.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/ys/r/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
-jY7SqbZSzy.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
446 B 323 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
yqJGjJl4iOL.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
142 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dAxX26lvEiZ.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y7/r/ |
67 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cN-N4Eu_deZ.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JB0CVIbgIKw.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DQMlZMIyZtm.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3iX3c4/yM/l/en_GB/ |
45 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
wambia2-s3.tdglabph.com/ajax/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
wambia2-s3.tdglabph.com/ajax/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| onbeforeunloadhooks object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| __FB_STORE object| PageTransitions function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onafterunloadhooks object| onleavehooks boolean| domready boolean| loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tdglabph.com/ | Name: wd Value: 1600x1200 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
wambia2-s3.tdglabph.com
z-p3-static.xx.fbcdn.net
143.204.98.79
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c2:face:b00c:0:1cc9
00e549c1709ef72153b8983bac846eefcf82927ddc09dc7fd8e3d1d7eeac0df9
04ade50955bb89e71e56c93291f96923562f10a3b2c66e6a70dd597aa6e55108
0677146ead5feccde11491b029deb17f3f5cccd3fb18c7b875e3065ac0aa71c3
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
0fec31d380b94e2e890a09b599ce533bcc3e28885c4c6b572f368d74d29afe33
1285f3dd68bb201b18aa1a6c60f7120ebe9cbef5c7e38d159c2b635e9a8363bf
1793d8b50268926896ddac86ed2ad94e9e6eb5ca6ec28d60970ce226ab0568ae
18711c64fba8fe2d6f8b6239c66eaf83a2077f4d46fa74cd86112f1e1677e922
1b2a76df9eb07dd9368cd40f220599e8da8ecc7b8a1654f6af3db711245afa46
1f135954a0a324666ef1a8d33e83c1df58c38485e4ebae9b8debbf7a75a3cf55
1ff406034ac401ebc00f6a9f069643ffb2bf2e9a2752536444904a0598c875c5
25d903adfef089b6eb24d120c6e0ff394c6dda44a7df367e67df574bfce288ea
336a65b9ed22862644a36dcb9b4e634ac71050aab40ea69ef56d3c2e11dc729e
39f0c7fad7be7efa251ff5d3ef8c1697b3f3d52546a33f60367c520a247730df
42ca37f1503b5bda4385136523dc4803876d996d2fb9bbad572c5790aee2b31c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55512c16d21204fb4969b52e5b9703f1f8702dcb9889f33d80bc32139395d22a
5e35bd79b78cac0e2eacd790f01df8c276d43a49c7db8696646627ef3987287e
616171f11f704914a5a1e4f12870c817403a22e0ca2f24df6794145f91828af2
685b35bca95f8f69268ac67ef007ee5bbbaf5e77cad7b689cacd98bf5d505455
75bf9bfa4a1d2dd3db1e214df6be0ac1706c387eaaf6ad977eba0f067dbfaa00
7ae422a9895045d3964d45107ad6a17c73a922274c52dfa7ad2d821dfc1a3ad2
7fd7212f8f9974ddaa81f28af1a8894414c33f3af05444cbc29e4bdf25c727de
8b8c2fc46fa74272db42b614c6fe8d4e104d63b2534dd74707940399de5d586a
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9cab96b1100a45b0b339c65316cc6e6e5d3c7fb4b93550312335e96fa8d557a1
a043720cedfc3ddac6b3070e0b9ebac8bb55b078fcad9c311cfe4baf77622afd
a24b67ae2461bdc10d8cbe55cd2163e3bb962210598a796b7211e2b724807884
a748d460aa8004fe027ab1422da9c06a1b32385b7b3ca6736ee0461a0e7e67fb
ac0f1a114bb677397d642e6927fb926a217996a7b4889e1f0113a2f25d91548d
bc991d817f24760468c12ee95e41b5e667f0253b169c5b15573ff9fc76f57ac1
dcb91184eacaab8bd0988bb3e181914136c7efa08cf981a7dd7b504281364083
e0f043b05a94d0759666b278251d7b05de5ccd5d81d982126c31b35e5ef3e68c
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
f251f5f978e22fbb6060446481c2a3368dde5164fe9bc0871edc81af4b26a1ee
fb1e3b8246950ca9ae8b50ac3e45eb7887eda185651b8863f84c14d2d0c4756d