
faceb00k.ga
Open in
urlscan Pro
2606:4700:3036::6815:4818
Malicious Activity!
Public Scan
Submission: On January 14 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 12th 2022. Valid for: a year.
This is the only time faceb00k.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3036::6815:4818 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
31 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
35 | 4 |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 658 |
343 KB |
3 |
faceb00k.ga
faceb00k.ga |
25 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 31 |
3 KB |
35 | 3 |
Domain | Requested by | |
---|---|---|
31 | static.xx.fbcdn.net |
faceb00k.ga
static.xx.fbcdn.net |
3 | faceb00k.ga |
static.xx.fbcdn.net
|
1 | facebook.com |
faceb00k.ga
|
35 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-11 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-10-23 - 2022-01-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://faceb00k.ga/
Frame ID: C620D49B25557BADF7E7CF80E62EC336
Requests: 36 HTTP requests in this frame
21 Outgoing links
These are links going to different origins than the main page.
Title: Forgotten account?
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Bahasa Indonesia
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
faceb00k.ga/ |
80 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QRtEUXE7RAU.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0k-JPkke2C4.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/ |
54 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gRkZInNQFVv.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
47l4cbZ9Wew.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ujrIN_A2fQr.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ |
316 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Zfa41ZGNBTY.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 978 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
awfMYiiVrDl.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TdJZvFCkp8L.js
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yY/l/en_GB/ |
63 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JWVnEg13JIk.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ |
29 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59CVAki7viL.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
u5_kDmbXtiv.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9PuK7qsFf6G.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
R2At1-yXOHF.js
static.xx.fbcdn.net/rsrc.php/v3i3674/y7/l/en_GB/ |
132 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6ga6naPhjKu.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bC2A73OiEcJ.js
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yC/l/en_GB/ |
55 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
yYxqF7t4UC4.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2pSxO1hOPtE.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LNdyVfkqiEC.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
698 B 423 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5rTQ4LX_xOz.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
602 B 378 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
770 B 469 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rYR7ITmtyaR.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
60 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vYLi5uNkG0X.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DTtOlBcwc18.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s4v9tH_KHvj.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
26 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NFv67UlqcUI.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
153 KB 45 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CyNJRkmXvyt.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ |
67 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cN-N4Eu_deZ.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JB0CVIbgIKw.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
o5XjgaLVgY-.js
static.xx.fbcdn.net/rsrc.php/v3iX3c4/y4/l/en_GB/ |
45 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
bz
faceb00k.ga/ajax/ |
196 B 747 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
bz
faceb00k.ga/ajax/ |
196 B 708 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| __FB_STORE object| onbeforeunloadhooks object| onafterunloadhooks object| onunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onleavehooks object| PageTransitions boolean| domready boolean| loaded2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.faceb00k.ga/ | Name: _js_datr Value: QigeYXrvpv_aloso6cKeer0l |
|
.faceb00k.ga/ | Name: wd Value: 1600x1200 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
faceb00k.ga
facebook.com
static.xx.fbcdn.net
2606:4700:3036::6815:4818
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
03feee6066996b0e999cf63a533b96de52ee7829fd74cb4729c9a2940e9351a2
064e19b11c8451eff9ce12a4b5edbe91e8bd8c2cbf529892445ba5365068c3f9
07ed2f0c2eceb77a73c18067cc8c148e93a0c0e13ef6ec49cf4eb6945fbfadf2
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0b061a66b45be974aa2f0df361d7ec6afa10e8cb946c8b2e8185ab9a336f7181
0e283b198acd77577c4a0af2101029eabd4d3ad9cfd80e312f17806fa9b0c668
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1b3c51bfee47e94d0c75cbbb090dc24d3fab5b560d4411320e59cfd6d599a5aa
26d2a51942650abb71ea738e8a886f854f1d9add688407b91a8934123ab1ec1a
286320fd54bd49903ffb27703709f8ca3cfe0fd6d62bdb7efadfc3916d8f4fd4
47768e32d3ef0cd8ddf748b9885fea52b6a8b70a9ea0c259bbe47aa68e613d2e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5722a063661f271aa57d1fb6af2b6c54f383cb91775c1a98cf450eae5da68a85
6ac546f9338712a3c328967e9d87d298cb6867620e6d836ee718f726bbe8e4c7
6fc75f260d01acea3be441f6afbcf881efddebcc0e294e696bed66a193c9c82f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8130ea4585f4207e63a21af9bd14dd002636a77228a43b0c67c5693a94976c4e
90879d10d508c7be1f8d6d91421bd1d86d5a3169e9fd39d133913d49e57b4f99
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
994c4cda876375b96bf7a5a98a24987dcb8b9e1911b8f69e86219b1a369164b2
9d4433ab024e1f616050dfcca3a8a9abe70c093d9bb396562fcf0b6bc7e5957b
a197ca4fa65853616651679db3f629e4bcb5ae4157ccc43844c918a265c8eaad
ba0ccc43887ecebdd66e913dd8309d6b6feaa62b2303b55f18646978bb9db8f1
bc991d817f24760468c12ee95e41b5e667f0253b169c5b15573ff9fc76f57ac1
c472f7176e2037198029acef6a3c03fd2445d061888d0222fc116a8116fec518
c6e2bc837a365b8a52e687182e0675991961b70ae58d9aa3c5e619acbb2bdbb2
cac9ad7aa4a7c2898380ba7f78c1b3295ab8221910f12ecff55520b941d7ca3b
cdbb6afc3279d73a6d31cc926c1e777f474164d767c8c5fc1f3e4469e5e7574d
d4bb6faaa1d7e2566962a4821960c2961fcc21b9c04bcc0aaab529beb6b4cd09
e0270e3c3ea7d5a4f3f7ce74bb343c2bc044fc683960f87070c24fe0c2f726f1
e414236f134f6026fd60989d6bdbca07a1afc76e774971bdc4f8a48c41fe6196
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
e69df1930815f744d53ea50c75eb195e08121dc7aa84c3e3886ed4e0596933b6
e7fe5977e788c239aa69b4d080e4c9deeff222a8312347405cbb6cbdad67dfa9
fbc7b85616434ee9149390be4e67fb92f19a7c2f34600b4f68816ac6e2a757ed