facebook.com.geowap.info
Open in
urlscan Pro
213.239.209.50
Malicious Activity!
Public Scan
Submission: On April 06 via automatic, source openphish
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 24th 2018. Valid for: 3 months.
This is the only time facebook.com.geowap.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 213.239.209.50 213.239.209.50 | 24940 (HETZNER-AS) (HETZNER-AS) | |
7 | 185.60.216.19 185.60.216.19 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 95.101.80.75 95.101.80.75 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 95.101.80.114 95.101.80.114 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 185.60.216.35 185.60.216.35 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
22 | 6 |
ASN24940 (HETZNER-AS, DE)
PTR: s12.proserv.ge
facebook.com.geowap.info |
ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-80-75.deploy.akamaitechnologies.com
fb-s-d-a.akamaihd.net | |
fb-s-b-a.akamaihd.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-80-114.deploy.akamaitechnologies.com
fb-s-c-a.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
fbcdn.net
static.xx.fbcdn.net |
131 KB |
3 |
akamaihd.net
fb-s-d-a.akamaihd.net fb-s-c-a.akamaihd.net fb-s-b-a.akamaihd.net |
894 B |
1 |
facebook.com
www.facebook.com |
663 B |
1 |
geowap.info
facebook.com.geowap.info |
83 KB |
22 | 4 |
Domain | Requested by | |
---|---|---|
7 | static.xx.fbcdn.net |
facebook.com.geowap.info
|
1 | www.facebook.com |
facebook.com.geowap.info
static.xx.fbcdn.net |
1 | fb-s-b-a.akamaihd.net |
facebook.com.geowap.info
|
1 | fb-s-c-a.akamaihd.net |
facebook.com.geowap.info
|
1 | fb-s-d-a.akamaihd.net |
facebook.com.geowap.info
|
1 | facebook.com.geowap.info | |
22 | 6 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
facebook.com.geowap.info cPanel, Inc. Certification Authority |
2018-03-24 - 2018-06-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://facebook.com.geowap.info/05FeA22Ada/
Frame ID: 868EF200625FCAA029CEA0E5CD3A5E4A
Requests: 23 HTTP requests in this frame
17 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgot account?
Search URL Search Domain Scan URL
Title: ქართული
Search URL Search Domain Scan URL
Title: Русский
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Azərbaycan dili
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Ελληνικά
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Moments
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
facebook.com.geowap.info/05FeA22Ada/ |
317 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
eJ2QeoAcEAb.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ |
91 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pDCsuVqR27w.css
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/ |
22 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
BtTHwZ8OEcT.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ |
39 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
EDkuS1D4Z9s.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
zsNxS0AgOC6.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
307 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
851565_602269956474188_918638970_n.png
fb-s-d-a.akamaihd.net/h-ak-xft1/v/t39.2365-6/ |
0 298 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
851585_216271631855613_2121533625_n.png
fb-s-c-a.akamaihd.net/h-ak-xaf1/v/t39.2365-6/ |
0 298 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
851558_160351450817973_1678868765_n.png
fb-s-b-a.akamaihd.net/h-ak-xft1/v/t39.2365-6/ |
0 298 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
GsNJNwuI-UM.gif
www.facebook.com/rsrc.php/v3/yb/r/ |
522 B 663 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
7IYVA02ukd-.png
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
sXKi5PFwKbz.png
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1GlZGa8o7e7.js
www.facebook.com/rsrc.php/v3iaFb4/yN/l/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p4FwtmL2ZNN.js
www.facebook.com/rsrc.php/v3ipgf4/yI/l/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
XTP0Jqo0rYP.js
www.facebook.com/rsrc.php/v3iaYi4/y8/l/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dvGCZ_9PYHX.js
www.facebook.com/rsrc.php/v3/yg/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
J_PiaUdj5PI.js
www.facebook.com/rsrc.php/v3/yi/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MJSOesCT0Ct.js
www.facebook.com/rsrc.php/v3/yV/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_68sxX0uh2G.js
www.facebook.com/rsrc.php/v3iXqO4/yq/l/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Dai3wZLL6pV.js
www.facebook.com/rsrc.php/v3/yT/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9yIiQVZxmEf.js
www.facebook.com/rsrc.php/v3iIE44/yV/l/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
JXx7RSjIttY.js
www.facebook.com/rsrc.php/v3/yS/r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3iaFb4/yN/l/en_US/1GlZGa8o7e7.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3ipgf4/yI/l/en_US/p4FwtmL2ZNN.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3iaYi4/y8/l/en_US/XTP0Jqo0rYP.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3/yg/r/dvGCZ_9PYHX.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3/yi/r/J_PiaUdj5PI.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3/yV/r/MJSOesCT0Ct.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3iXqO4/yq/l/en_US/_68sxX0uh2G.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3/yT/r/Dai3wZLL6pV.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3iIE44/yV/l/en_US/9yIiQVZxmEf.js
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/rsrc.php/v3/yS/r/JXx7RSjIttY.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| TimeSlice function| Arbiter object| JSCC function| $ function| ge function| emptyFunction function| goURI object| Parent object| Bootloader function| ProfilingCounters object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| wait_for_load function| $E object| domreadyhooks object| onloadhooks string| _script_path object| bigPipe0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com.geowap.info
fb-s-b-a.akamaihd.net
fb-s-c-a.akamaihd.net
fb-s-d-a.akamaihd.net
static.xx.fbcdn.net
www.facebook.com
www.facebook.com
185.60.216.19
185.60.216.35
213.239.209.50
95.101.80.114
95.101.80.75
16de2e1ac40603c2425227d3e73e7ed24bde8d2319e89d8e83cc254e4388e2fb
62f075a31255acbf24a553ba3d2733affd362d5c09de1afa741d80c200a56bf6
79b2ccce04adcbaa3834bbf86316fc50f863ee39b5327f6dd1d78af2a5019e6c
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
80ba2c7bb38a400fbe833361dff247a6460336fb965a840d51325e8d6a2afd0c
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
ad872f99fc549870e18eb2d2ad4c4af8089183a2dd38a498da0efeeeccd27af0
c22cd426b68d2ec4cbb423c6e18c34a08d74336c875110d35dbffb8b4078f042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9ad583e9563bb8107576edb85ffbca3dffa33ad860279dbf28cc104ec8b7f
efcbe20d7738dcbea725e251a9a2ac5ad5ea30a12308494ddb00314ec015a895