sh007.whb.tempwebhost.net
Open in
urlscan Pro
162.241.123.36
Malicious Activity!
Public Scan
Submission: On January 07 via automatic, source openphish
Summary
This is the only time sh007.whb.tempwebhost.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 162.241.123.36 162.241.123.36 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
21 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 3 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
25 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sh007.webhostbox.net
sh007.whb.tempwebhost.net |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
fbcdn.net
1 redirects
static.xx.fbcdn.net fbcdn.net |
301 KB |
3 |
tempwebhost.net
sh007.whb.tempwebhost.net |
53 KB |
1 |
fbsbx.com
fbsbx.com |
871 B |
1 |
facebook.com
1 redirects
facebook.com |
196 B |
25 | 4 |
Domain | Requested by | |
---|---|---|
21 | static.xx.fbcdn.net |
sh007.whb.tempwebhost.net
static.xx.fbcdn.net |
3 | sh007.whb.tempwebhost.net |
static.xx.fbcdn.net
|
1 | fbsbx.com |
sh007.whb.tempwebhost.net
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
25 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-12-10 - 2021-03-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sh007.whb.tempwebhost.net/~homenjju/view/?listing=LmQ5ZTJ1LmluY2VwdXQyMDIxRC5kOWUydS4
Frame ID: 9E6AFD6F1361603D46A4FEF7F947D880
Requests: 25 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
sh007.whb.tempwebhost.net/~homenjju/view/ |
150 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GJE_RmH2kSV.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NJz-t4swsy4.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qINr-dHUEv6.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxI6JNlsBwR.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
119 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
K5K_tD-RDEu.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
55 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FRnx09gUWCl.js
static.xx.fbcdn.net/rsrc.php/v3iK-b4/yB/l/en_US/ |
131 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
J3Ep4muQceT.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oBY9GjOR0Ra.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CbjOan_dsZa.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ |
36 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IxxDAbiZepi.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CcmoYbLuOzh.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
222 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fbsbx.com/security/ Redirect Chain
|
43 B 871 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gcZGjl1rwno.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p7JbCLVueGD.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Nx7JB-gHkQA.js
static.xx.fbcdn.net/rsrc.php/v3ih-D4/yy/l/en_US/ |
107 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DYx-vRtS57B.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
130 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MqAgoeN2Jrm.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
30 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yKz2mypMzvh.js
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yL/l/en_US/ |
26 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gXBA2JQsJTt.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BwjU4B_qfpp.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MP5kZee0h8r.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
sh007.whb.tempwebhost.net/a/ |
12 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
sh007.whb.tempwebhost.net/a/ |
12 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| envFlush object| Env number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame function| validateLData object| form1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sh007.whb.tempwebhost.net/ | Name: PHPSESSID Value: 17557aa6ccb3d0190c64286d29ea300b |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fbcdn.net
fbsbx.com
sh007.whb.tempwebhost.net
static.xx.fbcdn.net
162.241.123.36
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
0dcded3e6e28d6b696a38bd3915738ddae97125eaea8e045f5b6a4ae46c06331
17a5f0166d4daacea1e94680580a78e51a0fe14919ca734b6ebdeb78e3782d86
28429d58b0f1b32ac120038ebeaa6cef8fd7953e3c025ef1f580ae2f25b544f5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f9ca5a2cd0ec8b24592f5d9450a927026fe55c85643071778f600617faf053c
6670252ed5c270d454adccbc194fcc084d1dde11d20c2d65b56ad455e2c1b7be
6780709726d657d5a30bf813b983b4eef5864611b0ffc2510ddfa8365e488b36
6de134228677ed588a53e434b275b434ddd061372439dabc63142e74f5501f61
8683ce4f2592417aa2b0e91710aa0ed70bd265077e67b68c7f0fbf0c52418fe5
8b64da88c6f2658b6c19ed4277ae07b97030a80568af21bedc4f6923ec422b23
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
ab84001521b93a5e8763d74dd642974d34fbd281d612d7acbaa1d6f2687a7bac
abc2ad69e40b717fff278d77fbfed833728a11bc147e7058c152744c1f4dfad7
b51fa101e97a56ce79c86f56fa502f1c40e83ef65875e46bd4839043cd93ae82
b9495900337b2a43bcec8fb19a95b45cd4866a74a69bbc3d49ad7a3dc09e19d0
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
caaae0e55e08a3500adde372261fde1a315190f646934d19521e7015750977e7
cafe85c4221db1dd9bff3e2dd52535d97f2e013e07f52b63f7291c63d7eb1990
cb3283ca6189c28d51150e26f6ce5294e26b0e9ee37e32a4e556df60645bc444
cc23a480cc4ba43f5f8143c175edd01e89679a87433b2e3cd444bc3c6baaad00
e0169e76370d63229a0fc201bb920743271457a6784059c5498b66332f94ba23
e0650c26bc38edd5924187a775f85681b23e951e47350e844b9e72b42e0b52cc
e63f2e429cfe27bfaf27e89b36c90437062f01676a00b3a4efeb7b9226f6d316
f9302de6d84f59bc4fd4913ea45ac8ffc5c430c510c762f5ec15d45bfb970e54