www.facebook.com.https.s1.gvirabi.com
Open in
urlscan Pro
188.129.143.42
Malicious Activity!
Public Scan
Effective URL: http://www.facebook.com.https.s1.gvirabi.com/pages/creation/
Submission Tags: @ipnigh
Submission: On November 11 via api from GB
Summary
This is the only time www.facebook.com.https.s1.gvirabi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 24 | 188.129.143.42 188.129.143.42 | 16010 (MAGTICOMA...) (MAGTICOMAS Caucasus-Online) | |
23 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
gvirabi.com
1 redirects
tr-tr.facebook.com.https.s1.gvirabi.com www.facebook.com.https.s1.gvirabi.com static.xx.fbcdn.net.https.s1.gvirabi.com facebook.com.https.s1.gvirabi.com |
387 KB |
23 | 1 |
Domain | Requested by | |
---|---|---|
17 | static.xx.fbcdn.net.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
5 | www.facebook.com.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
1 | facebook.com.https.s1.gvirabi.com |
www.facebook.com.https.s1.gvirabi.com
|
1 | tr-tr.facebook.com.https.s1.gvirabi.com | 1 redirects |
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.facebook.com.https.s1.gvirabi.com/pages/creation/
Frame ID: 1C2BFC09E35D092D2FA764B45DD30042
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://tr-tr.facebook.com.https.s1.gvirabi.com/pages/create
HTTP 302
http://www.facebook.com.https.s1.gvirabi.com/pages/creation/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tr-tr.facebook.com.https.s1.gvirabi.com/pages/create
HTTP 302
http://www.facebook.com.https.s1.gvirabi.com/pages/creation/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.facebook.com.https.s1.gvirabi.com/pages/creation/ Redirect Chain
|
88 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-script.js
www.facebook.com.https.s1.gvirabi.com/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-xml-hr-trap.js
www.facebook.com.https.s1.gvirabi.com/ |
1021 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-plugins.js
www.facebook.com.https.s1.gvirabi.com/ |
409 B 628 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
QXFwadI4CdV.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yv/l/0,cross/ |
232 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eslUe6ETPfq.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yS/l/0,cross/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Y9UzvM-_kcj.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yQ/l/0,cross/ |
193 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d8bLn0E9uOL.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yP/l/0,cross/ |
33 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eTABg3mrO8i.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y0/l/0,cross/ |
115 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
-i3m5SBAEjt.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ya/l/0,cross/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cAjFkGu1OZG.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yd/l/0,cross/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
QivpB45biBQ.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ys/l/0,cross/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pxZW3d9XbBQ.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yU/l/0,cross/ |
112 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pejafWIRiFq.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ym/l/0,cross/ |
34 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Y_y0Qk-WDSE.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yl/l/0,cross/ |
113 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8MlorGIzCdR.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y1/l/0,cross/ |
55 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KYHnbfNCbwD.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yC/l/0,cross/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VFIAd_nJ6ab.js
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yy/r/ |
312 KB 90 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsts-pixel.gif
facebook.com.https.s1.gvirabi.com/security/ |
43 B 778 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cr1tUkGjkGT.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y-/r/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WSDMLDlOPv5.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y3/r/ |
13 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vLR0flIg6r-.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yX/r/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gvirabi-log-page-load
www.facebook.com.https.s1.gvirabi.com/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| Gvirabi object| xmlHrLoadCallbacks object| XmlHrTrap number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| bigPipe0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com.https.s1.gvirabi.com
static.xx.fbcdn.net.https.s1.gvirabi.com
tr-tr.facebook.com.https.s1.gvirabi.com
www.facebook.com.https.s1.gvirabi.com
188.129.143.42
0526735d377488409ca28aec58e61a1dd60f2c20ad65e7026152b80ee932be4b
127ed4236ec047313fb242142000a9aaac0406c6b4f1b229fa924796da27c05e
20e690399b1655bfe2a3d1ca3684b0f81250507025f5534ae11d17f5c0e3007e
29807f00a19890b13bbb3f2a08cefdd674104d49a09e4b78a299d328a70a38e8
2c874291409bfaa115a6c3eb21eac4e20cb2a1d7c2c2ec3fa4b3c628884da4b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549749fcc7b0da936d68eacb8797defcfdd6033b7147cb444a9fb983486ea737
591a67e3c5f84519d3f43a0090c273798d3d32dc44d28df35e592ccc6b5442e2
5fd72eed3f45d754cc8b8d3b61ae9b00e447aef7905300d8154544ce82d69f5c
609691052a2bfcd4a3b2c81a68ae438f55c296265fe5bb5f04022d45008c21af
62a745bb5f924e8c80eb4c590971b21b0a7a33c56efcfe0a3fca1904864c8e58
6f3b681407947803a4736f799ed54890d8f6da1040ae43e654854fac6f556a84
7987ae58c5ed85944c78ab0e8fec4b28ce0f6342dce138b90c50a5c9d17eec53
95f4be0de5472b29e2bc5d7de4818fa46059b560ea62ea988df050eed68454da
aef05ed55dae2121ae8207c61cacca697ae0ad8d356e45f5513079dcd03e72aa
afe8d23b46abf78f6bd61c1c491fc50263c6f80c3170ad602175ea54ebc8c3e9
b508617d6e6933279760fb6eabdec2e5044d05340b64505ab721f75a07ba32a2
b5cd464d8d8a325a779fa2bff31fe5c8b5a2d0180cc24653fb729e8f624eca2a
bb737accf59fa62cb62660166a79ad2d4649ff88466159c7479bbc2db6bd3180
c77fa14e27510dcd5492ae49ccddced75a0e6bceac09683cc5206e65548fa09a
d59945ab314e24c8c02250f6da9fa3419605b1a70c3ed274955f97656dd58537
dd98ee1693a29e4e6f8cbf67cfcd5cc377037dfebecc5747be7c477c38ca75ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855