grub-wabkp18.wikaba.com Open in urlscan Pro
94.176.238.82  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response grub-wabkp18.wikaba.com/auth/	92 KB 24 KB	1152ms 90ms	Document text/html	94.176.238.82 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://grub-wabkp18.wikaba.com/auth/ Protocol HTTP/1.1 Server 94.176.238.82 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS node04.spacehosting.live Software nginx / Resource Hash 424ec606b543f391ab61fa53d5df24f586b075b70772ad840193024ed900ee20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host grub-wabkp18.wikaba.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers Server nginx Date Fri, 26 Jul 2019 20:06:08 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Last-Modified Thu, 02 May 2019 13:04:56 GMT X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Nginx-Cache-Status EXPIRED X-Server-Powered-By Engintron Content-Encoding gzip
GET H2	200	upXpD3lr9Z5.css z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/	100 KB 18 KB	9ms 8ms	Stylesheet text/css	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/upXpD3lr9Z5.css Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash e7c40c9c740d3d33e5c699496579b9834dfc94c12a966e65fc330056238fe635 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug NZNlozAgLfJKL84sGaWhV4z1e+Q4pb4KFgOJPEV8Xsp9eqHJQAv0DRUP632DaEkG3LdN6katB5E1ZTobFmOHmQ== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 vHKLDvWkpAUxQ0gr6GugcA== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type text/css; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 18364 expires Sat, 25 Jul 2020 20:04:30 GMT
GET H2	200	y3IjvQ6xfzr.css z-m-static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/	46 KB 10 KB	9ms 8ms	Stylesheet text/css	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/y3IjvQ6xfzr.css Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash dbc69c1a84b0bacfef76a2c57cd25d5a326c8949db88aaf3dee01293a4539604 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug qum83ikjG6LlGPYCZUvy1Yj8+qV3lRukJtUlQAUb/s3GVJQbDCQiDwZghXemJTIpzrgx5jVtNVjDCtHyDmoWEw== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 L058luyWK6mI9SvTDupbHQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type text/css; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 10565 expires Mon, 20 Jul 2020 11:56:02 GMT
GET H2	200	jQj1x1CcZTT.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/	444 KB 102 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 43fbafd05d31a7cd74972b47fc32b9cef067990ff04364175a90ca842f31db81 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug 1uiIFYeNF+6RW5FYB0em5HXK8BifgBXfcaMn7L5szsRvXS+JqZIup/t6PN/SfhNULBKwLYRAbq5xCghbElrWBA== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 UH3gMuiTMQZ3grB3JgjKgA== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 104352 expires Sat, 18 Jul 2020 15:40:55 GMT
GET H/1.1	200 OK	/ h.facebook.com/hr/xp/	43 B 1 KB	159ms 159ms	Image image/gif	2a03:2880:21ff:fffe:face:b00c:0:1 Facebook
General Check archive.org Show headers Download Go to Show image Full URL http://h.facebook.com/hr/xp/?app=m_login&rtime=1556774979&zc Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol HTTP/1.1 Security , , Server 2a03:2880:21ff:fffe:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer http://grub-wabkp18.wikaba.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Connection keep-alive Vary Origin, Accept-Encoding X-XSS-Protection 0 Pragma no-cache X-FB-Debug UidZMcsMfHeFBX6DSl224Xf6VKJ5M15PekahIX8Xh+kss/PRrJYUqYFDmFvXDW8RKBTgztmDujopNcDQ4EIdwg== Date Fri, 26 Jul 2019 20:06:08 GMT X-Frame-Options DENY Access-Control-Allow-Methods OPTIONS Content-Type image/gif Access-Control-Allow-Origin http://h.facebook.com Access-Control-Expose-Headers X-FB-Debug, X-Loader-Length Cache-Control private, no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 188 B	97ms 97ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer http://grub-wabkp18.wikaba.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug 25WUqW9gGfNgsYVZ2Xx4JKKeo3K4RnC4o1I2aSHa/wMtEi9QM6cSduZ4a0hYFo94f0j3WIt2MdgX+XFFdwG3MQ== date Fri, 26 Jul 2019 20:06:08 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	Mj6r4HmJHYi.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3iooI4/y6/l/en_GB/	53 KB 15 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3iooI4/y6/l/en_GB/Mj6r4HmJHYi.js Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 0f609452aef659075fabc39d695a39cc5a4899276f99ad689f102fe51128990c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug E/P5IBITcYn7hm50bkpbQTFkjHe8Yd/bZ8rafTbnZGFngIAsF4zqv9x5v5IfXJwSfXaPcVHyeyi1AXWROxuw5Q== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 578GOS1kjt6ZfFssqk5N+w== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 14770 expires Tue, 21 Jul 2020 13:15:38 GMT
GET H2	200	idnWT1arnzh.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yl/r/	32 KB 9 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yl/r/idnWT1arnzh.js Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash c8c85346ba8c9751199e0846fddcf7288c78cc77c4e44f35688c9e97959c3b13 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug VmMUVgOqtwH5+8hfAmqXiAUiuFbDEFvMRG29yICcDHpAjTnICzIz+T/bEGnsFaoC88lFbVFvSQyvyIcUdkK8uw== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 +uLB37QB7nIkYtvNvzIvbQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 9131 expires Sat, 25 Jul 2020 20:04:31 GMT
GET H2	200	7VnMv5rHrHh.png z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/r/	43 KB 43 KB	6ms 5ms	Image image/png	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/r/7VnMv5rHrHh.png Requested by Host: grub-wabkp18.wikaba.com URL: http://grub-wabkp18.wikaba.com/auth/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash d386a9d294e7cd38e8fc4adff2f221d53a513303a1a06a6c8c16c4e928e92205 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/upXpD3lr9Z5.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers x-fb-debug yfuAxVBxpYlPAc26ohBZPgVnHZ8uf9Y8dNDcIVxkojS4n5DC0GTaQ+bCF21Kp80+5pdxQguXPvdjICBkdwLyEw== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 SBIhXR7ZGi9yaEIE+u1cIQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT content-type image/png status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 43831 expires Thu, 16 Jul 2020 08:34:02 GMT
GET H2	200	fz45rNsJh3t.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yl/l/en_GB/	50 KB 14 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yl/l/en_GB/fz45rNsJh3t.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 59ca9385bcaddd3583d0147d7d5fd916cd02d28a94af59cbd2d4cad741d42155 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug n+PCF/DtITXSJxJmTOUMn20n3IqoDQaXo0eyXk1zVp08SwxsLjKFrYyuBuDGg8DqQg4TJS1ZWVn3ozRgcC3kIw== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 qgr/4zf1uRJl3gltWd8x1Q== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 14248 expires Sat, 25 Jul 2020 20:04:31 GMT
GET H2	200	j0ze7QubiVY.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/y-/r/	47 KB 12 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y-/r/j0ze7QubiVY.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 62ab3797c07a33b7030157d5288533aca26be12cdb831be375752fde712cb54c Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug /FwlB51JJlmB/KO8wfAiG9RQJTCltrPmKwoosiDxqgVe8Ra1KgO+4gi7Txv7LgPp7X/WaWfDUKp+gUnqI9Za1w== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 NyOmTkK8TaHdpQ7m1REHhQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 12382 expires Fri, 24 Jul 2020 04:08:29 GMT
GET H2	200	sc3QB7l113M.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3iN6O4/yy/l/en_GB/	28 KB 9 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3iN6O4/yy/l/en_GB/sc3QB7l113M.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6ef99c6fe73738327d4a017abf484460d6719ba58fdc2d55ca16205f22bda1e9 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug FjSeJZY8qQtmc33TsXeHFp5nW0Sb1zGIfXpYnGGSVEClYlHQnhHQ09iEmSlo+zh0nlQuTEb/nk/dySgY8k0yBA== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 qJUt770qh3+8aPyp+EF7dg== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 8627 expires Sat, 25 Jul 2020 20:04:31 GMT
GET H2	200	dC4KnPJyu6M.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yD/r/	12 KB 4 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yD/r/dC4KnPJyu6M.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash c97d0121b977a02fd1f1a9337e9a30aca9681eb7f7f459cea20ebe57ef1cbac5 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug tLlUqCLBsg1v/nCApTeE0uH3NFGHwXaml+i+okZR4Ivi8a/v6u+MJojmmF7X09gzIyB6PL65PqdYWGdQtxtDVA== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 tXvvXjC/eeMGZPUhtUP26A== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 4035 expires Wed, 22 Jul 2020 22:25:55 GMT
GET H2	200	--d1ZYWrjv6.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/y_/l/en_GB/	48 KB 10 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/y_/l/en_GB/--d1ZYWrjv6.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 7b116716ec38106494605fdb6571db8e680257d5042085dfbdba47e8fc339953 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug uAozXjipHfH+lWFYhFgIhqiGUh5aaL2br3fkc+s7iODSFapxW76NpVa1Go7Dt8QIM1QI5asIAjsfJOor6gaf7w== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 wusgdO7BGPDGyPDTG5xZYQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 9967 expires Fri, 24 Jul 2020 17:48:52 GMT
GET H2	200	_lc6-vWL24i.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yh/r/	34 KB 9 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yh/r/_lc6-vWL24i.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 5a02e285bd9dccaa561f7a1e9e8df98ecad40aeb493c035cf9b410a637794d7f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug nFuJmmt5qMC8oLXmpUqmPlSW3HM5ZprQFBTSNxlJoDM/XMvUYsNeZkEF449+GO2Lta7ols5fVivtriLRFjmrqA== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 Cdqu9MBxdq21bp9RJCutqA== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 9480 expires Thu, 23 Jul 2020 05:24:25 GMT
GET H2	200	UpWM3yse__c.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3ig7n4/yP/l/en_GB/	40 KB 10 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3ig7n4/yP/l/en_GB/UpWM3yse__c.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash da76fd32a976e6f3853aa48c688ee5ec337d94a03c070f51aa88ab346d8f382b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug VTjuneFvFOHOmP3uPLjrFCKVrkgpLNhn0nc0vIQLlTy6RR0Vib2hD98Dm1QMVWy3PWtIhW0xHMhhtQIW5qgs6g== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 gZ2MGt+b8CEANuf5R2XZkA== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 9628 expires Fri, 24 Jul 2020 17:48:52 GMT
GET H2	200	ZDkYDWlp1vg.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3izp84/yY/l/en_GB/	65 KB 13 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3izp84/yY/l/en_GB/ZDkYDWlp1vg.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash c0ac3288d32fe47e3bf8edd7d6479279b0113695a8f5996c461c65e5cd46e403 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug rLBwVUjzv6uOCKmPVKSsBZxxCFFr8l9BlrTVvpCVbA5kMmIfZD0AsHTf+QLCxwGFWY624JpPzDHq4CjuWi+YzA== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 dB2EDmUDVRxqmci+DBrNzw== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 13467 expires Sat, 25 Jul 2020 20:04:31 GMT
GET H2	200	v4WgC_pJT9B.js Show response z-m-static.xx.fbcdn.net/rsrc.php/v3/yz/r/	7 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yz/r/v4WgC_pJT9B.js Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Referer http://grub-wabkp18.wikaba.com/ Origin http://grub-wabkp18.wikaba.com Response headers x-fb-debug 5X60FnsxffwSVZd70Mo5XG9vs8mW7ebn2hiLfJOx/j4TfwmNQ5TRX0wgyUO52QYAZKMx33cCsCnApOz91MwOBQ== content-encoding br x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 zhO7kDvY1KlYWGjrr+zJSw== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 2214 expires Thu, 23 Jul 2020 13:25:02 GMT
POST H/1.1	404 Not Found	bz Show response grub-wabkp18.wikaba.com/a/	321 B 542 B	49ms 48ms	XHR text/html	94.176.238.82 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Full URL http://grub-wabkp18.wikaba.com/a/bz Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol HTTP/1.1 Security , , Server 94.176.238.82 Vilnius, Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS node04.spacehosting.live Software nginx / Resource Hash 82497abbb1465a86f5d4d23d5e47a256a6aad5695a986ffeb484d97a0486834e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://grub-wabkp18.wikaba.com/auth/ Origin http://grub-wabkp18.wikaba.com X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Fri, 26 Jul 2019 20:06:08 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	7VnMv5rHrHh.png z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/r/	43 KB 43 KB	7ms 6ms	Image image/png	2a03:2880:f11c:8184:face:b00c:0:14c9 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/r/7VnMv5rHrHh.png Requested by Host: z-m-static.xx.fbcdn.net URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash d386a9d294e7cd38e8fc4adff2f221d53a513303a1a06a6c8c16c4e928e92205 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://z-m-static.xx.fbcdn.net/rsrc.php/v3/ya/l/0,cross/upXpD3lr9Z5.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Response headers x-fb-debug yfuAxVBxpYlPAc26ohBZPgVnHZ8uf9Y8dNDcIVxkojS4n5DC0GTaQ+bCF21Kp80+5pdxQguXPvdjICBkdwLyEw== x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 SBIhXR7ZGi9yaEIE+u1cIQ== access-control-allow-origin * date Fri, 26 Jul 2019 20:06:09 GMT content-type image/png status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * content-length 43831 expires Thu, 16 Jul 2020 08:34:02 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame object| MAjaxify string| _script_path

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3inLb4/yp/l/en_GB/jQj1x1CcZTT.js(Line 54) Message: ErrorUtils caught an error: "<![EX[["Could not find element \"%s\"%s from module \"%s\"","m_login_password...". Subsequent errors won't be logged; see https://fburl.com/debugjs.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
grub-wabkp18.wikaba.com
h.facebook.com
z-m-static.xx.fbcdn.net
2a03:2880:21ff:fffe:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f11c:8184:face:b00c:0:14c9
94.176.238.82
0f609452aef659075fabc39d695a39cc5a4899276f99ad689f102fe51128990c
424ec606b543f391ab61fa53d5df24f586b075b70772ad840193024ed900ee20
43fbafd05d31a7cd74972b47fc32b9cef067990ff04364175a90ca842f31db81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59ca9385bcaddd3583d0147d7d5fd916cd02d28a94af59cbd2d4cad741d42155
5a02e285bd9dccaa561f7a1e9e8df98ecad40aeb493c035cf9b410a637794d7f
62ab3797c07a33b7030157d5288533aca26be12cdb831be375752fde712cb54c
6ef99c6fe73738327d4a017abf484460d6719ba58fdc2d55ca16205f22bda1e9
7b116716ec38106494605fdb6571db8e680257d5042085dfbdba47e8fc339953
82497abbb1465a86f5d4d23d5e47a256a6aad5695a986ffeb484d97a0486834e
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
c0ac3288d32fe47e3bf8edd7d6479279b0113695a8f5996c461c65e5cd46e403
c8c85346ba8c9751199e0846fddcf7288c78cc77c4e44f35688c9e97959c3b13
c97d0121b977a02fd1f1a9337e9a30aca9681eb7f7f459cea20ebe57ef1cbac5
d386a9d294e7cd38e8fc4adff2f221d53a513303a1a06a6c8c16c4e928e92205
da76fd32a976e6f3853aa48c688ee5ec337d94a03c070f51aa88ab346d8f382b
dbc69c1a84b0bacfef76a2c57cd25d5a326c8949db88aaf3dee01293a4539604
e7c40c9c740d3d33e5c699496579b9834dfc94c12a966e65fc330056238fe635