![](/screenshots/d63e2dbd-cdec-426d-9079-86bed6d355d6.png)
toolsxsocial.in
Open in
urlscan Pro
2606:4700:3037::ac43:aec5
Malicious Activity!
Public Scan
Effective URL: https://toolsxsocial.in/ff-gems/kkzd7zx3dx
Submission: On March 17 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on March 10th 2024. Valid for: 3 months.
This is the only time toolsxsocial.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3037::6815:3b66 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 5 | 2606:4700:303... 2606:4700:3037::ac43:aec5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
7 | 2 |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
toolsxsocial.in
2 redirects
toolsxsocial.in |
24 KB |
3 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 926 |
28 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | toolsxsocial.in |
2 redirects
toolsxsocial.in
|
3 | static.xx.fbcdn.net |
toolsxsocial.in
static.xx.fbcdn.net |
7 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
toolsxsocial.in GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://toolsxsocial.in/ff-gems/kkzd7zx3dx
Frame ID: 7E439A94497702278E7486EB161D0ECF
Requests: 5 HTTP requests in this frame
Frame:
https://toolsxsocial.in/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: E7BBBF46F4FA3F2C33B0A96725F3B2BF
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/d63e2dbd-cdec-426d-9079-86bed6d355d6.png)
Page Title
Log in to Facebook | FacebookPage URL History Show full URLs
-
http://toolsxsocial.in/ff-gems/kkzd7zx3dx
HTTP 301
https://toolsxsocial.in/ff-gems/kkzd7zx3dx Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://toolsxsocial.in/ff-gems/kkzd7zx3dx
HTTP 301
https://toolsxsocial.in/ff-gems/kkzd7zx3dx Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://toolsxsocial.in/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://toolsxsocial.in/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
kkzd7zx3dx
toolsxsocial.in/ff-gems/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
77Hot7ew_hn.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ |
45 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ygkXgVf1DoZ.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download.jpeg
toolsxsocial.in/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
K804LXnHlWj.png
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
toolsxsocial.in/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame E7BB Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
86604abc9fcc4bc6
toolsxsocial.in/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E7BB |
0 603 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| originalNumber1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.toolsxsocial.in/ | Name: cf_clearance Value: ITy5Ulm6F7QnwaZKxp2Nut6iyN5B8GDRjn.5BGQuzDE-1710713205-1.0.1.1-hlg_BRvZAMeWG.dZm13eD8Uvugh.UvWRNqkU2mD5KtalOdpjkTGzediZV18QOyU_sl3niTIhbTN3.r1Jz9kZSQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
static.xx.fbcdn.net
toolsxsocial.in
2606:4700:3037::6815:3b66
2606:4700:3037::ac43:aec5
2a03:2880:f003:c0e:face:b00c:0:3
0aa3a997ddd9fd8eee40bbd411bcce0bcb10037ab6f29a60eb26b49b0958041d
232dcc98c74e41dd0d95aee456020689ab6de77aae93d5102f0b50d8d1ec84b5
277752ecfa64f5c844b0b23480124260e109c1ed437aabd6467bdf6d7d903b4f
4f89619efbe0f3f880161d576860b533e72249523f58134d2f8a4cb50b9224d4
7c2618ca3ea9cb93bab0ee163a28234293fa4948a00cb2576e6a3a3f9735b139
c7a798b9eb1fdf5d89da28250752c94aaae16905e58dd02bd1a01ea794bbee72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855