service-mangxahoi-facebook.ml
Open in
urlscan Pro
103.97.125.248
Malicious Activity!
Public Scan
Submission: On September 07 via manual from US
Summary
This is the only time service-mangxahoi-facebook.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.97.125.248 103.97.125.248 | 56153 (LUUTRUSO-...) (LUUTRUSO-AS-VN Digital Storage Company Limited) | |
2 | 2a04:4e42:3::485 2a04:4e42:3::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 6 |
ASN56153 (LUUTRUSO-AS-VN Digital Storage Company Limited, VN)
PTR: no-ptr.123host.vn
service-mangxahoi-facebook.ml |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
gstatic.com
fonts.gstatic.com |
65 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
31 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net |
45 KB |
1 |
blogspot.com
1.bp.blogspot.com |
152 KB |
1 |
service-mangxahoi-facebook.ml
service-mangxahoi-facebook.ml |
3 KB |
12 | 5 |
Domain | Requested by | |
---|---|---|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdn.jsdelivr.net |
service-mangxahoi-facebook.ml
|
1 | fonts.googleapis.com |
service-mangxahoi-facebook.ml
|
1 | 1.bp.blogspot.com |
service-mangxahoi-facebook.ml
|
1 | ajax.googleapis.com |
service-mangxahoi-facebook.ml
|
1 | service-mangxahoi-facebook.ml | |
12 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://service-mangxahoi-facebook.ml/
Frame ID: 78351363FA3D453C6CDB4C0B760EE1BA
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Đăng nhậpDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
service-mangxahoi-facebook.ml/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
887906fc5a13ae4df702.jpg
1.bp.blogspot.com/-W90h_vIYs9w/YOEWPkKhZYI/AAAAAAAAAAM/96ojIoW5M341ggKZjs-elzJ0FhXHzQmhACNcBGAsYHQ/s16000/ |
152 KB 152 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 840 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| GetURLParameter number| uidEvent object| bootstrap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
service-mangxahoi-facebook.ml/ | Name: PHPSESSID Value: hp2gqieahfkv5tckitgraadds5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.bp.blogspot.com
ajax.googleapis.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
service-mangxahoi-facebook.ml
103.97.125.248
2a00:1450:4001:801::2003
2a00:1450:4001:808::2001
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200a
2a04:4e42:3::485
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76a96694d11f713c7581942b123406fc541ce01cecd0dec8783d8561cd4e8a94
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f823de45f5b60be50b775b271b2a962fca71b36618879d25f94063d3b8444d92
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c