facebook.freefire.website Open in urlscan Pro
92.249.44.25  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response facebook.freefire.website/	103 KB 33 KB	376ms 121ms	Document text/html	92.249.44.25 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.249.44.25 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / PHP/7.2.25 Resource Hash 358d85747c5328f212c2ded2e92074d6607830af7b7fb89a958e7970205d5e95 Request headers :method GET :authority facebook.freefire.website :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 x-powered-by PHP/7.2.25 content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Sat, 11 Jan 2020 12:23:10 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
GET H2	200	6-AEruhXOYp.css static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/	65 KB 16 KB	27ms 6ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/6-AEruhXOYp.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 9e7d47fa0380e28c134400ddd707974c2279041465873d860dc7e5aab3d2ee9d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 MceDI8NEbTq8/v9n8C1oTA== status 200 alt-svc h3-24=":443"; ma=3600 content-length 15749 x-fb-debug I/xxOrJ/SBjV1LAV67D6rtWjsOAbuhmVw/ptod1IyLANtK5z+/UKGTjJzeRf5ig/fXVjYbyHdOevT054sadrxQ== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 09 Jan 2021 21:33:18 GMT
GET H2	200	u0uFmOOsPik.css static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/	15 KB 3 KB	27ms 6ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/u0uFmOOsPik.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6428b1fd2794d866f761ce32f22d64478993bca4de79ecb41a50b0e3b212b630 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 jpDr/npMZzXcv1bzfncXUg== status 200 alt-svc h3-24=":443"; ma=3600 content-length 3385 x-fb-debug gjbiY6mWGx3xSzKJR+38XMqeIER3vIwT2quUagPxbbcwwInC0Gpm0gJ6rRVxHKZUhqYtKVkdP+DNmMMZBuAVBQ== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 07 Jan 2021 18:46:37 GMT
GET H2	200	cDu8TXOhaaW.js Show response static.xx.fbcdn.net/rsrc.php/v3/yL/r/	206 KB 54 KB	28ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/cDu8TXOhaaW.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 0c1819384fbcff1c8918a11d27288e646a543c2b6501e764557446b27b032ce5 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 hMH7SIHL8JPyuYpcrQq3qQ== status 200 alt-svc h3-24=":443"; ma=3600 content-length 55488 x-fb-debug KEXRJeAaDDGmzEbYtdaWM9cHbo+AhyF2cI9ztn4N99KDVqgZzsulcZ4koMD9ZJ3ZN/I+IHVm9sOxChT0XC8RYg== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 09 Jan 2021 20:44:47 GMT
GET H2	200	8D6v2Uz9SKS.js Show response static.xx.fbcdn.net/rsrc.php/v3iN6O4/yS/l/en_GB/	28 KB 10 KB	6ms 5ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iN6O4/yS/l/en_GB/8D6v2Uz9SKS.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 41c3974c9d9b88aac90daf99e7ce5cc8166ec06facf963dbda26d45cd1895068 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 KI7F241R6NKjsUOym4hHng== status 200 alt-svc h3-24=":443"; ma=3600 content-length 9658 x-fb-debug csGv0YhokadJFg5agNrMi5FSTxnhvzbX5X+rDdpqCcCttL9d0i32NF2jJMCWLcQvMNwNpZlTjgBEl8GW8G6rxQ== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 08 Jan 2021 16:03:28 GMT
GET H2	200	wAPjVJcd-cn.js Show response static.xx.fbcdn.net/rsrc.php/v3iCxD4/y9/l/en_GB/	51 KB 16 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iCxD4/y9/l/en_GB/wAPjVJcd-cn.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 71702f4b7fddef5c721d5324b9b2b925fdee46a0d53b3c732849e3e38764716e Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 acfoiMFfWI+jrzBlknzESw== status 200 alt-svc h3-24=":443"; ma=3600 content-length 15791 x-fb-debug uK1WMhUxZ/XIbtwLI6MmZQKVPchgAL52TrA1viXXTN8vm2Wl4NpkJ5J3Ita5CpP9mQjPavgNBT4GxoPK0WiVsQ== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 09 Jan 2021 15:03:44 GMT
GET H2	200	I__33_XHMHc.js Show response static.xx.fbcdn.net/rsrc.php/v3/yc/r/	64 KB 18 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/I__33_XHMHc.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 7b317c2e879d9f66959471568acd29dd4ff56556139ec8303748406cd47d52cd Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 GR2QyuvXHe2MuAKJL0LE8g== status 200 alt-svc h3-24=":443"; ma=3600 content-length 18465 x-fb-debug mbJHOgty8LCQAbhUgYVT3tHNAkpiuqDP/5uLwA+WSbBSM0/JaL8IBbHb/fBoDmxfWACpofXOQO/4Az3yJbaDQA== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 08 Jan 2021 09:56:02 GMT
GET H2	200	JtV7FNhODoa.js Show response static.xx.fbcdn.net/rsrc.php/v3/y-/r/	60 KB 16 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/JtV7FNhODoa.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 0e2b6b394ee8c10565c9dee083e8546851132401b5a17a6d1847195fecbf4fec Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 fhnITCWpW0KyQ0xkWnm86g== status 200 alt-svc h3-24=":443"; ma=3600 content-length 16466 x-fb-debug Yl4hGMsbwrhUQ7qz6NcP1oQUnTjoV+1U776IQeOhFnmwtxChXIQyPxC+y2pMWJmL61FwyvFX1KFUcyfwLxCsyw== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 08 Jan 2021 16:03:28 GMT
GET H2	200	uceTdVfLQWB.js Show response static.xx.fbcdn.net/rsrc.php/v3i3kA4/ys/l/en_GB/	79 KB 21 KB	9ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3i3kA4/ys/l/en_GB/uceTdVfLQWB.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 7def2fb6541302d00f060900d4c0285e30dbdbbe722367ff092df34f42bc2645 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 +yDwv3p5ZdPG9VgfOKrppA== status 200 alt-svc h3-24=":443"; ma=3600 content-length 21413 x-fb-debug 2wGfFC6xf7vmNN41MxLXK6oi0boS9KZxYJE3/d7Bb+6b2zn8LMUu+mVcQApiuaerr6ICNJLrtaHDGcd/E1R5sw== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sun, 10 Jan 2021 10:04:52 GMT
GET H2	200	vVVeqbOygdO.js Show response static.xx.fbcdn.net/rsrc.php/v3iLQG4/yB/l/en_GB/	43 KB 11 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iLQG4/yB/l/en_GB/vVVeqbOygdO.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 5ce9ffc695aaeff35c7d3c1c99ee7dd512501c0cb441608c4d0d6b94fc7709d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 hbpuIz5b7OlksyVWf0esLw== status 200 alt-svc h3-24=":443"; ma=3600 content-length 11155 x-fb-debug OX6gA4nF96qYXYFcLI05Ez2jsCOww+yD7BncGvEglZixQ7wLgmLfjQ/5/9xZJJi86q78GRrBOc4Tb1VYOxurug== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sun, 10 Jan 2021 01:35:58 GMT
GET H2	200	zBhlGB4RW6m.js Show response static.xx.fbcdn.net/rsrc.php/v3/yC/r/	2 KB 731 B	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/zBhlGB4RW6m.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash a83b1ea3aa4090739e2970e578ef12df30b795e59482b629b424f2f95c655178 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 ZTW6bNyu/ywoZ1Gf2Cb3fg== status 200 alt-svc h3-24=":443"; ma=3600 content-length 540 x-fb-debug 1mpntyZueHYOLjYYd0uXrrIU+1zFpTILHu0K/l3BNUhpKFqrjivpI3Cqz4F5isjKaDbwDRIR6VigS++yvqrF0Q== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sun, 10 Jan 2021 01:35:02 GMT
GET H2	200	svFKQXueTby.js Show response static.xx.fbcdn.net/rsrc.php/v3/y7/r/	8 KB 3 KB	9ms 9ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/svFKQXueTby.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 9wg0fdDGYUGTXAcRqk4U2A== status 200 alt-svc h3-24=":443"; ma=3600 content-length 2406 x-fb-debug 7TEhCrum03D2zESRkYkWQplq7WcsUkIpsHdFMkafdOnUpT7+PkKxDpp8/Xg7QLrWS9utOqZBxkKAw7eRGKRpHA== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 09 Jan 2021 08:27:11 GMT
GET H2	200	23065717_2058763144353975_2145607202558181376_n.png scontent.frba2-1.fna.fbcdn.net/v/t39.2081-6/c0.0.76.76a/p75x75/	12 KB 12 KB	209ms 66ms	Image image/png	212.217.4.145 IAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.frba2-1.fna.fbcdn.net/v/t39.2081-6/c0.0.76.76a/p75x75/23065717_2058763144353975_2145607202558181376_n.png?_nc_cat=1&_nc_oc=AQnUP29QxyZ2x33dwS9FdcbzsMvq5MqxlqVpPaQ7OdoawkQCfA-kGmCD3izNskwmA5Y&_nc_ht=scontent.frba2-1.fna&oh=250e01c2c58e66402295d934980a82c9&oe=5E95C64E Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.217.4.145 , Morocco, ASN6713 (IAM-AS, MA), Reverse DNS static-145-4-217-212.dialup.iam.net.ma Software / Resource Hash 5b4a7e7749b5b54edc154462c26b106e82d2830a9c6e62e3feb6882d7822f933 Request headers Referer https://facebook.freefire.website/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-haystack-needlechecksum 2838438639 date Sat, 11 Jan 2020 12:23:14 GMT x-fb-config-version-elb-prod 664 last-modified Fri, 17 Nov 2017 13:35:23 GMT access-control-allow-origin * accept-ranges bytes x-fb-config-version-flb-prod 307 content-type image/png status 200 access-control-expose-headers X-FB-CEC-Video-Limit cache-control max-age=1209600, no-transform x-needle-checksum 3513963331 x-fb-config-version-olb-prod 664 timing-allow-origin * content-length 11970
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 898 B	34ms 33ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://facebook.freefire.website/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 x-xss-protection 0 pragma no-cache x-fb-debug /HZ/LtXL0rP9bNK8vOnkqm1CHTH3kKE668tLi+mx0IHUncuH0fzO9yJsoRclNuNkUxjxITq4FkTWvBhe3hW1RA== expires Sat, 01 Jan 2000 00:00:00 GMT date Sat, 11 Jan 2020 12:23:14 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * vary Origin, Accept-Encoding cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; access-control-expose-headers X-FB-Debug, X-Loader-Length
GET H2	200	AmugArLuwck.js Show response static.xx.fbcdn.net/rsrc.php/v3/yd/r/	85 KB 24 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/AmugArLuwck.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 1efa8991201f02c2b4032958e569d88cec01faae642c475b268dd34430d7cc52 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 70WHrHvZvub/vgHMYKLLsg== status 200 alt-svc h3-24=":443"; ma=3600 content-length 24336 x-fb-debug pQkrGfNeRozovpDTalDZBBCobNnvd2tiRdXvmUBqzsC6T7fTj5/9/fDzJoU1owkx6ypP4HCg8SchilCYBV0uXg== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 08 Jan 2021 18:00:34 GMT
GET H2	200	O4I_4IWr495.js Show response static.xx.fbcdn.net/rsrc.php/v3i7QV4/ys/l/en_GB/	128 KB 35 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3i7QV4/ys/l/en_GB/O4I_4IWr495.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash cf7406a1108339d4d73676388c75079d592a462b704e80ac75cead034843613d Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 irPHrroM2iF9fyQje4oSyw== status 200 alt-svc h3-24=":443"; ma=3600 content-length 35769 x-fb-debug aa71FkST7wBZw/TZ7NcI5eGa8xR08jXDFP244EWuk3aukV79gMOxOC0asFgSi6EH+eTSgLbpOxgpX0CWlGmGHA== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 07 Jan 2021 16:08:31 GMT
GET H2	200	R0MoxHxoetg.js Show response static.xx.fbcdn.net/rsrc.php/v3/y5/r/	48 KB 13 KB	10ms 10ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/R0MoxHxoetg.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash ff92a72e0c70ad45fad21b565fe5f4f290d1234cad540d5adb78a07b36c4e2fa Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website Response headers date Sat, 11 Jan 2020 12:23:14 GMT content-encoding br x-content-type-options nosniff content-md5 ySQhbUfvxxuu/f/C/kQ1YA== status 200 alt-svc h3-24=":443"; ma=3600 content-length 13089 x-fb-debug yhyh7A7J5AxDSrMahl9YJHxZxtor7ruZaGfhz/rfySmAOghZ9whfdKM10oivDLl249b7f4us0aisuOwsuvBDIw== x-fb-trip-id 1850256238 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 08 Jan 2021 17:45:08 GMT
GET H2	200	iZwIriJIQFu.png static.xx.fbcdn.net/rsrc.php/v3/yK/r/	27 KB 27 KB	6ms 6ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/iZwIriJIQFu.png Requested by Host: facebook.freefire.website URL: https://facebook.freefire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash f459acf3186d4e7dd24a1a99402ad4dfb82a0961ad4887c0c1260ccd2aac4beb Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/6-AEruhXOYp.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-fb-debug 3hpCONqpGC/yR5Ec1H5nnPS1JvXK+bAbo3a8Ce9FJ/ijlGgNB8ZUwlPgkSJqAMO1+WxryckwyKD9L9laq9NOsw== x-fb-trip-id 1850256238 x-content-type-options nosniff last-modified Mon, 01 Jan 2001 08:00:00 GMT content-md5 NYfHrFMh1HtXS4A4f7syHQ== access-control-allow-origin * date Sat, 11 Jan 2020 12:23:14 GMT content-type image/png status 200 cache-control public,max-age=31536000,immutable timing-allow-origin * alt-svc h3-24=":443"; ma=3600 content-length 27301 expires Tue, 05 Jan 2021 16:14:50 GMT
POST H2	404	bz Show response facebook.freefire.website/a/	2 KB 1009 B	113ms 113ms	XHR text/html	92.249.44.25 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://facebook.freefire.website/a/bz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/AmugArLuwck.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.249.44.25 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website X-Requested-With XMLHttpRequest X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 X-Response-Format JSONStream Content-Type application/x-www-form-urlencoded Response headers date Sat, 11 Jan 2020 12:23:10 GMT content-encoding br last-modified Fri, 19 Jul 2019 13:54:28 GMT server LiteSpeed etag "999-5d31cb94-fe7e0745894723ec;br" vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 914
POST H2	404	bz Show response facebook.freefire.website/a/	2 KB 942 B	114ms 113ms	XHR text/html	92.249.44.25 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://facebook.freefire.website/a/bz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/AmugArLuwck.js?_nc_x=Ij3Wp8lg5Kz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 92.249.44.25 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Referer https://facebook.freefire.website/ Origin https://facebook.freefire.website X-Requested-With XMLHttpRequest X_FB_BACKGROUND_STATE 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 X-Response-Format JSONStream Content-Type application/x-www-form-urlencoded Response headers date Sat, 11 Jan 2020 12:23:10 GMT content-encoding br last-modified Fri, 19 Jul 2019 13:54:28 GMT server LiteSpeed etag "999-5d31cb94-fe7e0745894723ec;br" vary Accept-Encoding content-type text/html status 404 accept-ranges bytes content-length 914

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| CavalryLogger function| __updateOrientation function| ProfilingCounters object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.facebook.freefire.website/	1970-01-19 06:42:30	Name: wd Value: 1585x1200

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/cDu8TXOhaaW.js?_nc_x=Ij3Wp8lg5Kz(Line 51) Message: ErrorUtils caught an error: "Cannot set property 'isHandled' of null". Subsequent errors won't be logged; see https://fburl.com/debugjs.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
facebook.freefire.website
scontent.frba2-1.fna.fbcdn.net
static.xx.fbcdn.net
212.217.4.145
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
92.249.44.25
0c1819384fbcff1c8918a11d27288e646a543c2b6501e764557446b27b032ce5
0e2b6b394ee8c10565c9dee083e8546851132401b5a17a6d1847195fecbf4fec
1efa8991201f02c2b4032958e569d88cec01faae642c475b268dd34430d7cc52
358d85747c5328f212c2ded2e92074d6607830af7b7fb89a958e7970205d5e95
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
41c3974c9d9b88aac90daf99e7ce5cc8166ec06facf963dbda26d45cd1895068
522428fd2693381b58705586cb3350c66c4b4ba1d52716086b14a9cefb8130b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4a7e7749b5b54edc154462c26b106e82d2830a9c6e62e3feb6882d7822f933
5ce9ffc695aaeff35c7d3c1c99ee7dd512501c0cb441608c4d0d6b94fc7709d4
6428b1fd2794d866f761ce32f22d64478993bca4de79ecb41a50b0e3b212b630
71702f4b7fddef5c721d5324b9b2b925fdee46a0d53b3c732849e3e38764716e
7b317c2e879d9f66959471568acd29dd4ff56556139ec8303748406cd47d52cd
7def2fb6541302d00f060900d4c0285e30dbdbbe722367ff092df34f42bc2645
9e7d47fa0380e28c134400ddd707974c2279041465873d860dc7e5aab3d2ee9d
a83b1ea3aa4090739e2970e578ef12df30b795e59482b629b424f2f95c655178
cf7406a1108339d4d73676388c75079d592a462b704e80ac75cead034843613d
f459acf3186d4e7dd24a1a99402ad4dfb82a0961ad4887c0c1260ccd2aac4beb
ff92a72e0c70ad45fad21b565fe5f4f290d1234cad540d5adb78a07b36c4e2fa