urlscan.io logo urlscan.io
SecurityTrails logo

awslyly.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:6c62::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://facebook.com.aws.com.ly/
Effective URL: https://awslyly.000webhostapp.com/facebook.html
Submission: On August 29 via automatic, source twitter_securereload
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2a02:4780:dead:6c62::1, located in United States and belongs to AWEX, CY. The main domain is awslyly.000webhostapp.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on July 10th 2021. Valid for: a year.
This is the only time awslyly.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 1 69.12.82.195 8100 (ASN-QUADR...)
1 2a02:4780:dea... 204915 (AWEX)
9 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
11 3
Domain Requested by
9 static.xx.fbcdn.net awslyly.000webhostapp.com
static.xx.fbcdn.net
1 facebook.com awslyly.000webhostapp.com
1 awslyly.000webhostapp.com
1 facebook.com.aws.com.ly 1 redirects
11 4

This site contains links to these domains. Also see Links.

Domain
m.facebook.com
Subject Issuer Validity Valid
*.000webhostapp.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-10 -
2022-08-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://awslyly.000webhostapp.com/facebook.html
Frame ID: F667902F89363886DABFC79FC829BD87
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

تسجيل الدخول إلى فيسبوك | فيسبوك

Page URL History Show full URLs

  1. http://facebook.com.aws.com.ly/ HTTP 301
    https://awslyly.000webhostapp.com/facebook.html Page URL

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

168 kB
Transfer

550 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://facebook.com.aws.com.ly/ HTTP 301
    https://awslyly.000webhostapp.com/facebook.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request facebook.html
awslyly.000webhostapp.com/
Redirect Chain
  • http://facebook.com.aws.com.ly/
  • https://awslyly.000webhostapp.com/facebook.html
31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:6c62::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
07deb6f1aba21477da89a525898582e72179bcbcaa67af5fb547788a6eac3996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
awslyly.000webhostapp.com
:scheme
https
:path
/facebook.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-type
text/html; charset=UTF-8
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
bcc7f002f92d55d03001a3a9b46f7e50
content-encoding
gzip

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
707
Date
Sun, 29 Aug 2021 08:12:26 GMT
Location
https://awslyly.000webhostapp.com/facebook.html
X-Frame-Options
SAMEORIGIN
oot5nvh7Qkx.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/oot5nvh7Qkx.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9fe8376d0a46fe4e1a6b79ae20bfa2225db7fea1b07d6be6771dfb76d5499c21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
POmaocSHtbgisZ9qMzcIOQ==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
3920
x-fb-rlafr
0
x-fb-debug
4HtdcVkulpN+J29sJHb4vWa9VT3NCAeiWF45QhmKIQkurRPs/4jsoUXsNXuACavhXqnGKwO8m0n3uMZQW/Ydpw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 29 Aug 2022 08:12:27 GMT
s6M9bmJEIXs.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/s6M9bmJEIXs.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2032ed732dd0c537ea55c45264f7f8746a5b9250de7911f4e0db975f78760356
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U6syhpvOQM5ngZUa5bS1GA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
883
x-fb-rlafr
0
x-fb-debug
d7WeMZRuF4uS4tkPUzgtRZulcodiDVICFKxnLI5iyH03j/votYuEnOw0mUux/FLYSM2txykhZN4Euv4ovDgX6g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 28 Aug 2022 23:53:10 GMT
JhAAc2XL9y9.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ 		77 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/JhAAc2XL9y9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a0bbd6ca26d32308856cdb9fc31f78c69541610b9e15e65333195bfa2050af3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pKu8jNe5s9sAP/UG5PoUGg==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
17618
x-fb-rlafr
0
x-fb-debug
I6LhKYVX3LAJzdxlT+JNLQKG+gHFZlrvSaBXG7pmfotKctI/FhbZ1Ikc2ftsmBaaG3RgUGOe0+P4dDk6kBVCjQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 29 Aug 2022 08:12:27 GMT
K_lCJH6sdmH.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/K_lCJH6sdmH.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72c7202c381b4dabcb51005ba498ee28349ed23e7da6257d7a9fad0ac54c862f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
K2ECh/cVCG9Verjb6vEAiA==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2251
x-fb-rlafr
0
x-fb-debug
Cxl8KQHixNEcCgiuSmPLCMg2YK0655yWBeY/GdmofYkpfZfGbeTIbvB5wIemcYHfEdq+8QVYsX4eqggyK4tU8Q==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 29 Aug 2022 08:12:27 GMT
kPoAfQwZctx.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ 		241 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/kPoAfQwZctx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
daba9898c3794796ba9b867274e93bd2a423ef9c7852363c1b26a9df94db68da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7TXFyApZ2hE5IlMPG6Ooag==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66759
x-fb-rlafr
0
x-fb-debug
A0zlLxTxamFT0x1FtWj/9zDM+LqnUjVVcsoQ9qhT09x8AyPmaxA/8b497IP0A24JKgNHpPXUT5juZh6nU56l0A==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 29 Aug 2022 07:58:42 GMT
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1027
x-xss-protection
0
x-fb-debug
AEqEHtvdOveQE7AU/Hki6SKMje6aiwPrpmYsO7mvdhCaR8GRpglTLEn2lK6W0kHf4wTstJmPHu2WubQW3nw/rA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-rlafr
0
timing-allow-origin
*
priority
u=3,i
expires
Wed, 24 Aug 2022 18:55:41 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
uXeaslhmIW300Zl77mP4B1a9s2hvHwPh66mBSZ27yXajR1mbwFrDhEkfYqB4Rz5zgV8LdgI+YYEpGMt1O5yoSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 29 Aug 2021 08:12:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
*
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
MRx-vHR7ZdS.js
static.xx.fbcdn.net/rsrc.php/v3iTWp4/y8/l/ar_AR/ 		148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iTWp4/y8/l/ar_AR/MRx-vHR7ZdS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: awslyly.000webhostapp.com
URL: https://awslyly.000webhostapp.com/facebook.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a950cb340622f2c9262dd0949d7b539a20e077dd7d27336d207134c5efe01bc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://awslyly.000webhostapp.com
Referer
https://awslyly.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
w/4P29Z5lmQQLYmtKoOzlw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
43943
x-fb-rlafr
0
x-fb-debug
XwRb1UXyw4KwMirWnjs7jNvS2CWM0JtEu/6IAjGZAHLpX++QJiHPrUT/BuFWONSkHfq4PWF0EC0QQNIpkoAYuQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 28 Aug 2022 14:03:30 GMT
gcZGjl1rwno.png
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/gcZGjl1rwno.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/oot5nvh7Qkx.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abc2ad69e40b717fff278d77fbfed833728a11bc147e7058c152744c1f4dfad7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/oot5nvh7Qkx.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
x-content-type-options
nosniff
content-md5
WUJAgUKj4qgsY0ku3hErYw==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1564
x-fb-rlafr
0
x-fb-debug
ChBhs633B9HZtrf6dcbThH1dzSdU2JaNnDX9WWptnu9/UkJbHwOhereTFzDZ2xJdvDFq9Z7wZnwSX97/h3mSEQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 29 Aug 2022 03:48:49 GMT
T_1MDel-tki.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/T_1MDel-tki.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/s6M9bmJEIXs.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b20ef55fcd6f4d873fa0dbd8c2821ab5106db4068f07f86868b5a65a1f1f0a9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/s6M9bmJEIXs.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 08:12:27 GMT
x-content-type-options
nosniff
content-md5
nbo0Z43yYvWZKS4BmU4s1g==
content-security-policy-report-only
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
19008
x-fb-rlafr
0
x-fb-debug
AUMGiE9LMh6MtZyqdXbsoA5TDHRPNJVvldy1FzOOw0ERmoroujgKrBQ4povmC38w/my/GNnpOj5yktoNkIpx/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 28 Aug 2022 17:09:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| envFlush object| Env number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice number| __bigPipeFactory

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block