loginfacebook.online
Open in
urlscan Pro
2a06:98c1:3121::9
Malicious Activity!
Public Scan
Effective URL: https://loginfacebook.online/show.html
Submission: On February 03 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on February 3rd 2023. Valid for: 3 months.
This is the only time loginfacebook.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 2a06:98c1:312... 2a06:98c1:3121::9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.83.4.147 104.83.4.147 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:e2:... 2606:4700:e2::ac40:840f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 8 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-147.deploy.static.akamaitechnologies.com
lolstatic-a.akamaihd.net |
ASN32934 (FACEBOOK, US)
facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
loginfacebook.online
1 redirects
loginfacebook.online |
108 KB |
5 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198 |
64 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295 |
32 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2258 |
16 KB |
1 |
facebook.com
facebook.com — Cisco Umbrella Rank: 23 |
2 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 850 |
11 KB |
1 |
akamaihd.net
lolstatic-a.akamaihd.net — Cisco Umbrella Rank: 32079 |
2 KB |
24 | 7 |
Domain | Requested by | |
---|---|---|
14 | loginfacebook.online |
1 redirects
loginfacebook.online
|
5 | cdnjs.cloudflare.com |
loginfacebook.online
|
1 | stackpath.bootstrapcdn.com |
loginfacebook.online
|
1 | ajax.googleapis.com |
loginfacebook.online
|
1 | facebook.com |
loginfacebook.online
|
1 | use.fontawesome.com |
loginfacebook.online
|
1 | fonts.googleapis.com |
loginfacebook.online
|
1 | lolstatic-a.akamaihd.net |
loginfacebook.online
|
24 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
pay.facebook.com |
www.oculus.com |
portal.facebook.com |
lm.facebook.com |
www.bulletin.com |
developers.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.loginfacebook.online GTS CA 1P5 |
2023-02-03 - 2023-05-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-13 - 2023-02-11 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://loginfacebook.online/show.html
Frame ID: 6BFC695E79A973E58C11135F04D31738
Requests: 19 HTTP requests in this frame
Frame:
https://loginfacebook.online/video.php
Frame ID: C0D24B3CD9EC08C1F7C6BF18ACB82803
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Facebook – log in or sign upPage URL History Show full URLs
-
https://loginfacebook.online/
HTTP 302
https://loginfacebook.online/show.html Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
SweetAlert (JavaScript Libraries) Expand
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Meta Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Bulletin
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://loginfacebook.online/
HTTP 302
https://loginfacebook.online/show.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
show.html
loginfacebook.online/ Redirect Chain
|
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.2/css/ |
139 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lol-fonts.css
lolstatic-a.akamaihd.net/awesomefonts/1.0.0/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.2.0/css/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
loginfacebook.online/assets/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb1.css
loginfacebook.online/assets/css/ |
39 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb2.css
loginfacebook.online/assets/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb3.css
loginfacebook.online/assets/css/ |
35 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb_w.svg
loginfacebook.online/assets/img/ |
34 KB 26 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb_b.svg
loginfacebook.online/assets/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/ |
50 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sweetalert.min.js
loginfacebook.online/assets/js/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
loginfacebook.online/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
video.php
loginfacebook.online/ Frame C0D2 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ Frame C0D2 |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
videaaaaohot.mp4
loginfacebook.online/ Frame C0D2 |
43 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
videaaaaohot.mp4
loginfacebook.online/ Frame C0D2 |
34 KB 35 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
videaaaaohot.mp4
loginfacebook.online/ Frame C0D2 |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery function| Popper object| bootstrap function| setImmediate function| clearImmediate function| swal function| sweetAlert function| loginHandle function| eventHandle0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
facebook.com
fonts.googleapis.com
loginfacebook.online
lolstatic-a.akamaihd.net
stackpath.bootstrapcdn.com
use.fontawesome.com
104.83.4.147
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e2::ac40:840f
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200a
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::9
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ff63b6ceddd99a20a91de4dc96b712f22ddf17e89475268612c7c942b931c55
453c5d180a7c373bf064dc6e5a74ac166c9b8f81c8afd4bc80e623c43b0bf062
457f7366f7bc440db21ff29610d04181fbf97864c0e8117596f0fe4ed85c226a
49215a13355f13e9e569b0af0771dc53785b9b95a03fbb5572047face5351603
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
619edf2ed0f72f1582d0f8f0fe2d4b9abf52740ccc9637322bfa02a14aa7b21a
62b1436dfe56783adb67f2cda6cafeed097a437d62ef3250d55c890aa6b7d2f0
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
7561d0886250700cbbc7ddd54235cbf3b28056e0db0ab3a653f6b346addfd3b5
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a63df4ee6bd2e644e0e8f9aa3cc35bae3a9ea28d6f969d717c93177094d20193
a83f3d19e5b265f4d1beb5c752a3aaa4070b567d65375711dd3effcd5a1a669e
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
c7b18b06688006b7d334fa186a1e22cc1e50e40b791d40c283dbba31a7de6bb6
c7d7917efbe1f7315c945d1e73272e42db84e81a275d1d9c74bcc8fbbace667c
cd5525bc887734465161af57feaa4d63c3f5681cb477816b23b6e17d94995707
edf3d54213af78c582ebf2267d9d31599711c320b2e3285fddd58e5444dfc177
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d