freefacebookloginaboutphp.serveuser.com
Open in
urlscan Pro
173.212.229.71
Malicious Activity!
Public Scan
Submission: On September 25 via api from IE
Summary
This is the only time freefacebookloginaboutphp.serveuser.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 173.212.229.71 173.212.229.71 | 51167 (CONTABO) (CONTABO) | |
16 | 2a03:2880:f11... 2a03:2880:f11c:8184:face:b00c:0:14c9 | 32934 (FACEBOOK) (FACEBOOK) | |
2 3 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
20 | 3 |
ASN51167 (CONTABO, DE)
PTR: vmi427790.contaboserver.net
freefacebookloginaboutphp.serveuser.com |
ASN32934 (FACEBOOK, US)
facebook.com | |
fbcdn.net | |
fbsbx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
fbcdn.net
1 redirects
z-m-static.xx.fbcdn.net fbcdn.net |
305 KB |
3 |
serveuser.com
freefacebookloginaboutphp.serveuser.com |
39 KB |
1 |
fbsbx.com
fbsbx.com |
745 B |
1 |
facebook.com
1 redirects
facebook.com |
321 B |
20 | 4 |
Domain | Requested by | |
---|---|---|
16 | z-m-static.xx.fbcdn.net |
freefacebookloginaboutphp.serveuser.com
z-m-static.xx.fbcdn.net |
3 | freefacebookloginaboutphp.serveuser.com |
freefacebookloginaboutphp.serveuser.com
|
1 | fbsbx.com |
freefacebookloginaboutphp.serveuser.com
|
1 | fbcdn.net | 1 redirects |
1 | facebook.com | 1 redirects |
20 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.xl.co.id |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
fbcdn.net DigiCert SHA2 High Assurance Server CA |
2020-08-18 - 2020-11-16 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://freefacebookloginaboutphp.serveuser.com/
Frame ID: 26D180D716647CAA92E996E56D30DD5A
Requests: 18 HTTP requests in this frame
Frame:
http://freefacebookloginaboutphp.serveuser.com/intern/common/referer_frame.php
Frame ID: 61F44464E3DA58191F802023268B2A94
Requests: 1 HTTP requests in this frame
Frame:
http://freefacebookloginaboutphp.serveuser.com/intern/common/referer_frame.php
Frame ID: CD460A4DBDBCC35565EF586A77462021
Requests: 1 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: ketentuan
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://facebook.com/security/hsts-pixel.gif?c=3.2 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
freefacebookloginaboutphp.serveuser.com/ |
365 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__9198r-lEO.js
z-m-static.xx.fbcdn.net/rsrc.php/v3i87l4/yM/l/id_ID/ |
31 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fq2mkRT12mf.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y1/r/ |
97 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6KqFq7q8hV0.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2Vvphl5S0Xa.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NyGGAtDjLKJ.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
81 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Q7NTDv3mkl_.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iv9n4/yw/l/id_ID/ |
96 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lN7lq9VgPIV.js
z-m-static.xx.fbcdn.net/rsrc.php/v3irTo4/yh/l/id_ID/ |
45 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RVVTk5-WR9l.js
z-m-static.xx.fbcdn.net/rsrc.php/v3iS7U4/yI/l/id_ID/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f8b2xWHYTSn.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ |
64 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tf4izqvtPdU.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jxEbepeKEYa.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
235 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
fbsbx.com/security/ Redirect Chain
|
43 B 745 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZFrppiy7AjB.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
89 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3eVp6kI-6UJ.js
z-m-static.xx.fbcdn.net/rsrc.php/v3ijea4/yM/l/id_ID/ |
127 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0TQ3z2Msqov.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/ |
52 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ho7IpEoe3xB.js
z-m-static.xx.fbcdn.net/rsrc.php/v3/yR/r/ |
24 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
referer_frame.php
freefacebookloginaboutphp.serveuser.com/intern/common/ Frame 61F4 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
referer_frame.php
freefacebookloginaboutphp.serveuser.com/intern/common/ Frame CD46 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRFuFDf-lxJ.png
z-m-static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
fbcdn.net
fbsbx.com
freefacebookloginaboutphp.serveuser.com
z-m-static.xx.fbcdn.net
173.212.229.71
2a03:2880:f11c:8184:face:b00c:0:14c9
2a03:2880:f12d:83:face:b00c:0:25de
12247ac755e7a2d717062798e569b57e01147b6412c8da8721f84a37298f3543
12e5aabffd6262827ecd768aea087ed2f536dfd982e781998c4b7aaece651d0d
1765332a3c14bdc7cdb8212e9a5969375129627373505520d2309defb770cdf4
17f9e7a83f84de2ea288eb3005dd46843da04a75796d2e63327387a94e1c2f50
22d9ac41c227993af0cc9c74f488473cdd0edc41deadc061b59fe178d7b68135
30f9790504ded157a234ba657f5e3f303ba8b73ce0fb09ca95b4cb60cea1772f
3462af6c03a2a0af90a466b4df7fd0ec149c83f16d26a4541b2b7defd765e80a
3e15db1e79c5943a6331ed52de56d0bcdda3b3335d2d895152bfb637073bd613
4ed7bd06929c54d0b4c28d424ee1c7574373b369bfe28b3d84680e06df1d6d25
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55311d55c661b97f900715a0f78fe2db25fc2a40064ada81e96ee3513fbf0d71
7339520b7bda797bd42d2375322b5848148a1209e640b0fa0ef0293d615db066
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
9334bbea534d2473500340c4963c0c8d2ee14faea2a9e7a6d692f337ff49c5f1
9cfb6baab7bb9394f3cffee3dd35beebf284f5b1118233f8e2be8222e42dd31e
a670bd10a7ad4c287f03306e6f726fa20f5e51e7ba0fe346c2d07c650c8a93e7
bbc2dbc79794bf7153020db4303cf5a8cb43ed6813c8835bf558c85404bd2827
d4f79431a934e454752c6b7592d96778122c9408a2198e2cd27f00bd96a9642d
f4dc43fd7b3367c5dfbc8d3e9e34f414edc252391650142a239065711d0d0f9e