facebook.freefire.website
Open in
urlscan Pro
92.249.44.25
Malicious Activity!
Public Scan
Submission: On January 11 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 11th 2020. Valid for: 3 months.
This is the only time facebook.freefire.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 92.249.44.25 92.249.44.25 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
15 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 212.217.4.145 212.217.4.145 | 6713 (IAM-AS) (IAM-AS) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
20 | 4 |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
ASN6713 (IAM-AS, MA)
PTR: static-145-4-217-212.dialup.iam.net.ma
scontent.frba2-1.fna.fbcdn.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
fbcdn.net
static.xx.fbcdn.net scontent.frba2-1.fna.fbcdn.net |
280 KB |
3 |
freefire.website
facebook.freefire.website |
35 KB |
1 |
facebook.com
facebook.com |
898 B |
20 | 3 |
Domain | Requested by | |
---|---|---|
15 | static.xx.fbcdn.net |
facebook.freefire.website
|
3 | facebook.freefire.website |
static.xx.fbcdn.net
|
1 | facebook.com |
facebook.freefire.website
|
1 | scontent.frba2-1.fna.fbcdn.net |
facebook.freefire.website
|
20 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
lm.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
facebook.freefire.website Let's Encrypt Authority X3 |
2020-01-11 - 2020-04-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
*.frba2-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA |
2019-12-05 - 2020-03-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://facebook.freefire.website/
Frame ID: 88A4A4E9D5C30BEE9A2E501C44E2C251
Requests: 20 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Not now
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
facebook.freefire.website/ |
103 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6-AEruhXOYp.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ |
65 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u0uFmOOsPik.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cDu8TXOhaaW.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ |
206 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8D6v2Uz9SKS.js
static.xx.fbcdn.net/rsrc.php/v3iN6O4/yS/l/en_GB/ |
28 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wAPjVJcd-cn.js
static.xx.fbcdn.net/rsrc.php/v3iCxD4/y9/l/en_GB/ |
51 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
I__33_XHMHc.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JtV7FNhODoa.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ |
60 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uceTdVfLQWB.js
static.xx.fbcdn.net/rsrc.php/v3i3kA4/ys/l/en_GB/ |
79 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vVVeqbOygdO.js
static.xx.fbcdn.net/rsrc.php/v3iLQG4/yB/l/en_GB/ |
43 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zBhlGB4RW6m.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
2 KB 731 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svFKQXueTby.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
23065717_2058763144353975_2145607202558181376_n.png
scontent.frba2-1.fna.fbcdn.net/v/t39.2081-6/c0.0.76.76a/p75x75/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 898 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmugArLuwck.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
85 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O4I_4IWr495.js
static.xx.fbcdn.net/rsrc.php/v3i7QV4/ys/l/en_GB/ |
128 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
R0MoxHxoetg.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ |
48 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iZwIriJIQFu.png
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
facebook.freefire.website/a/ |
2 KB 1009 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
facebook.freefire.website/a/ |
2 KB 942 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.freefire.website/ | Name: wd Value: 1585x1200 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
facebook.freefire.website
scontent.frba2-1.fna.fbcdn.net
static.xx.fbcdn.net
212.217.4.145
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
92.249.44.25
0c1819384fbcff1c8918a11d27288e646a543c2b6501e764557446b27b032ce5
0e2b6b394ee8c10565c9dee083e8546851132401b5a17a6d1847195fecbf4fec
1efa8991201f02c2b4032958e569d88cec01faae642c475b268dd34430d7cc52
358d85747c5328f212c2ded2e92074d6607830af7b7fb89a958e7970205d5e95
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
41c3974c9d9b88aac90daf99e7ce5cc8166ec06facf963dbda26d45cd1895068
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4a7e7749b5b54edc154462c26b106e82d2830a9c6e62e3feb6882d7822f933
5ce9ffc695aaeff35c7d3c1c99ee7dd512501c0cb441608c4d0d6b94fc7709d4
6428b1fd2794d866f761ce32f22d64478993bca4de79ecb41a50b0e3b212b630
71702f4b7fddef5c721d5324b9b2b925fdee46a0d53b3c732849e3e38764716e
7b317c2e879d9f66959471568acd29dd4ff56556139ec8303748406cd47d52cd
7def2fb6541302d00f060900d4c0285e30dbdbbe722367ff092df34f42bc2645
9e7d47fa0380e28c134400ddd707974c2279041465873d860dc7e5aab3d2ee9d
a83b1ea3aa4090739e2970e578ef12df30b795e59482b629b424f2f95c655178
cf7406a1108339d4d73676388c75079d592a462b704e80ac75cead034843613d
f459acf3186d4e7dd24a1a99402ad4dfb82a0961ad4887c0c1260ccd2aac4beb
ff92a72e0c70ad45fad21b565fe5f4f290d1234cad540d5adb78a07b36c4e2fa