oglaszammy.pl Open in urlscan Pro
46.242.241.219 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://oglaszammy.pl/
Submission: On April 28 via automatic, source openphish (April 28th 2023, 4:30:48 am UTC) — Scanned from PL

Summary HTTP 20 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 46.242.241.219, located in Poland and belongs to HOMEPL-AS, PL. The main domain is oglaszammy.pl.

This is the only time oglaszammy.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	46.242.241.219 46.242.241.219	12824 (HOMEPL-AS) (HOMEPL-AS)
19	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
3 3	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
20	2

1 46.242.241.219 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver3210425-3210456.home.pl

oglaszammy.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.35 (Frankfurt am Main, Germany) 3 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	fbcdn.net 1 redirects static.xx.fbcdn.net — Cisco Umbrella Rank: 680 fbcdn.net — Cisco Umbrella Rank: 106	6 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	836 B
1	fbsbx.com 1 redirects fbsbx.com — Cisco Umbrella Rank: 837	144 B
1	facebook.com 1 redirects facebook.com — Cisco Umbrella Rank: 25	474 B
1	oglaszammy.pl oglaszammy.pl	19 KB
20	5

	Domain	Requested by
18	static.xx.fbcdn.net	oglaszammy.pl static.xx.fbcdn.net
1	connect.facebook.net	oglaszammy.pl
1	fbsbx.com	1 redirects
1	fbcdn.net	1 redirects
1	facebook.com	1 redirects
1	oglaszammy.pl
20	6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
cx-ph.facebook.com
es-la.facebook.com
ja-jp.facebook.com
ko-kr.facebook.com
zh-cn.facebook.com
ar-ar.facebook.com
pt-br.facebook.com
fr-fr.facebook.com
de-de.facebook.com
messenger.com
pay.facebook.com
www.oculus.com
portal.facebook.com
l.facebook.com
www.bulletin.com
about.meta.com
developers.facebook.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-04` - `2023-05-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://oglaszammy.pl/
Frame ID: FCCF02C5BEF59778066E6394117C080F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook - Zaloguj się lub zarejestruj

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

2
Countries

25 kB
Transfer

75 kB
Size

0
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/recover/initiate/?privacy_mutation_token=eyJ0eXBlIjowLCJjcmVhdGlvbl90aW1lIjoxNjc1MTc5NTUyLCJjYWxsc2l0ZV9pZCI6MzgxMjI5MDc5NTc1OTQ2fQ%3D%3D&ars=facebook_login
Title: Nakalimutan ang Password?

Search URL Search Domain Scan URL

URL: https://cx-ph.facebook.com/
Title: Bisaya

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: English (US)

Search URL Search Domain Scan URL

URL: https://es-la.facebook.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://ja-jp.facebook.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko-kr.facebook.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://zh-cn.facebook.com/
Title: 中文(简体)

Search URL Search Domain Scan URL

URL: https://ar-ar.facebook.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://fr-fr.facebook.com/
Title: Français (France)

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://messenger.com/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://pay.facebook.com/
Title: Meta Pay

Search URL Search Domain Scan URL

URL: https://www.oculus.com/
Title: Oculus

Search URL Search Domain Scan URL

URL: https://portal.facebook.com/
Title: Portal

Search URL Search Domain Scan URL

URL: https://l.facebook.com/l.php?u=https%3A%2F%2Fwww.instagram.com%2F&h=AT2oY7z-fLwczPmpRlAPrdQXBB8wnkxSL1iAFL69BpgpKZ5ImRKwTrnTJflP2BUib9SLvX_GqOWFRQSJT6f3IUnoMy9Up8_34TAvApiMoNylS4QHykhu-FIJ_MuZgK5FsKReBgoDiVAgmNAJ-MV6EJLSMq_xMQ
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.bulletin.com/
Title: Bulletin

Search URL Search Domain Scan URL

URL: https://about.meta.com/
Title: Tungkol dito

Search URL Search Domain Scan URL

URL: https://developers.facebook.com/?ref=pf
Title: Mga Developer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/help/568137493302217
Title: Mga Pagpipiliang Ad

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://facebook.com/security/hsts-pixel.gif?c=3.2.5 HTTP 302
https://fbcdn.net/security/hsts-pixel.gif?c=2.5 HTTP 302
https://fbsbx.com/security/hsts-pixel.gif?c=5 HTTP 302
https://connect.facebook.net/security/hsts-pixel.gif

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
oglaszammy.pl/ 63 KB
19 KB 112ms
73ms Document
text/html 46.242.241.219
HOMEPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oglaszammy.pl/
Protocol: HTTP/1.1
Server: 46.242.241.219 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver3210425-3210456.home.pl
Software: Apache /
Resource Hash: e55c5587dd71ebd2951db004b75ae3eb2f1fdbd0a2cf1adccb87b58873bf7608

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 28 Apr 2023 04:30:42 GMT
ETag: W/"fc13-5fa576f5cba40"
Last-Modified: Thu, 27 Apr 2023 20:45:21 GMT
Server: Apache
Transfer-Encoding: chunked

GET
H2 404 HwA-XPeibA7.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ 0
0 338ms
242ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/HwA-XPeibA7.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 KxGJ10xTR_J.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ 4 KB
2 KB 142ms
46ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/KxGJ10xTR_J.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: oglaszammy.pl
URL: http://oglaszammy.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

8ec368356199ea827d947d0c59cdade0a5673e43789375ac407612d5dd2301d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pnww1MbDwQT86gFeWceTtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1351
x-fb-rlafr: 0
x-fb-debug: OSspIU+SOn89YUsbCP1TPAz9LfEYfWaIxUGoitT/krtaD562heQGqS+9HSIa2z5pv2391HLQahND7lwGm0r6Nw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 23 Apr 2024 17:30:38 GMT

GET
H2 404 sQMCkCq8xr9.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ 0
0 264ms
169ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/sQMCkCq8xr9.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 R4mvI9Q34Kx.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ 0
0 344ms
249ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/R4mvI9Q34Kx.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 2a-bphh1DF2.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ 5 KB
2 KB 144ms
49ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/2a-bphh1DF2.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: oglaszammy.pl
URL: http://oglaszammy.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

c0b433ace4ff2c025b01ea4335debec8d91998a7fed885e2f9fcc06e0db5b0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wxRUWrextzZIr6bX+eeKLA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1434
x-fb-rlafr: 0
x-fb-debug: JBcv9XQZrEGJAHNxB7JFwsVx6ZR3qQ2ONvt5CyS67fe+Z8Xo6yqXpeWdRR9ytlDl9b71ZOXJjZOHFAruJripHg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 26 Apr 2024 21:58:36 GMT

GET
H2 200 u4xvA0Tw-4L.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ 1 KB
607 B 143ms
48ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/u4xvA0Tw-4L.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: oglaszammy.pl
URL: http://oglaszammy.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

e807b5401a3b536de777b03b8faea38afab47eb227aaafcfff351ff8cd8d87e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: V2M415E/4fTltyTsNsKeUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 415
x-fb-rlafr: 0
x-fb-debug: qYRUcHNQxSiweyHexNZreQfeGpu3NT6FAxPJD+xld4ghNbFDX6MOGBZXGsbdzeBT5GFdrH2vVrejsvYtFwi/cA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 26 Apr 2024 21:58:36 GMT

GET
H2 404 gqS6vB16162.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 0
0 561ms
466ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/gqS6vB16162.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 2 KB
1 KB 47ms
46ms Image
image/svg+xml 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg

Requested by

Host: oglaszammy.pl
URL: http://oglaszammy.pl/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NiMA5zHIsmaYxSYEaw9fHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1027
x-fb-rlafr: 0
x-fb-debug: q+pX8BwU1QXEbNxYigWG3M1bnDb2dY5WSH/ddpwmSDuiDSv/cxJn21Yfrp02bEOQ6DMOvkXCDiImrEVWPU60Kw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Apr 2024 03:48:49 GMT

GET
H2

200

hsts-pixel.gif
connect.facebook.net/security/
Redirect Chain

https://facebook.com/security/hsts-pixel.gif?c=3.2.5
https://fbcdn.net/security/hsts-pixel.gif?c=2.5
https://fbsbx.com/security/hsts-pixel.gif?c=5
https://connect.facebook.net/security/hsts-pixel.gif

43 B
836 B

46ms
46ms

Image
image/gif

157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.facebook.net/security/hsts-pixel.gif

Requested by

Host: oglaszammy.pl
URL: http://oglaszammy.pl/

Protocol

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 04:30:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: XgHg2JwLUxxZHEi1p9B6BM285NRWr++MWz5h5WBsCK7av4s0PB21t+wBkl0qdbohLcaerORW16lZ2SWPcneLhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
x-frame-options: DENY
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-debug: J27/C4T5224x4jpyo9vlo/ELyM3idLNGQqaPTD5vYkRkdkUTfOLac3isnGD69RMIdXwI0t5y0Q4/RZYMS5IPRA==
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Apr 2023 04:30:43 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/html; charset="utf-8"
location: https://connect.facebook.net/security/hsts-pixel.gif
access-control-allow-origin: *
origin-agent-cluster: ?0
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 404 8YT_RbY6CoY.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ 0
0 250ms
248ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/8YT_RbY6CoY.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 F3saR61Z2qK.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ 0
0 170ms
170ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/F3saR61Z2qK.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 b_iebk6Bfdk.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ 0
0 237ms
237ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/b_iebk6Bfdk.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 Fsng_uO7FZe.js
static.xx.fbcdn.net/rsrc.php/v3icXM4/yk/l/tl_PH/ 0
0 167ms
166ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3icXM4/yk/l/tl_PH/Fsng_uO7FZe.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 1fIb2S0KdFD.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ 0
0 510ms
509ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/1fIb2S0KdFD.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 R-poEPeDR18.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ 0
0 243ms
242ms Script
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/R-poEPeDR18.js?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 HwA-XPeibA7.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ 0
0 48ms
48ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/HwA-XPeibA7.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 sQMCkCq8xr9.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ 0
0 47ms
46ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/sQMCkCq8xr9.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 R4mvI9Q34Kx.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ 0
0 49ms
48ms Stylesheet
text/html 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/R4mvI9Q34Kx.css?_nc_x=Ij3Wp8lg5Kz
Requested by: Host: oglaszammy.pl
URL: http://oglaszammy.pl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: http://oglaszammy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 95 B
147 B 47ms
46ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/O7nelmd9XSI.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/u4xvA0Tw-4L.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/u4xvA0Tw-4L.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:30:43 GMT
x-content-type-options: nosniff
content-md5: OcEdZWIg79UvSWVADRSQCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95
x-fb-rlafr: 0
x-fb-debug: jgaVicl2+lPeL0OirhdAaRQGRVH86XyM6vcdMO5BLtI8umiYXc0uGDzeaRC/HzRnc0noAPBn61ZAvoXrSJxY/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Apr 2024 02:22:58 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/sQMCkCq8xr9.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/HwA-XPeibA7.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/R4mvI9Q34Kx.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/gqS6vB16162.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/8YT_RbY6CoY.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/sQMCkCq8xr9.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/HwA-XPeibA7.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/R4mvI9Q34Kx.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3icXM4/yk/l/tl_PH/Fsng_uO7FZe.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/F3saR61Z2qK.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/b_iebk6Bfdk.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/R-poEPeDR18.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/1fIb2S0KdFD.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/F3saR61Z2qK.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3icXM4/yk/l/tl_PH/Fsng_uO7FZe.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/HwA-XPeibA7.css?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/8YT_RbY6CoY.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/R-poEPeDR18.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/R4mvI9Q34Kx.css?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/b_iebk6Bfdk.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/sQMCkCq8xr9.css?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://oglaszammy.pl/ Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/1fIb2S0KdFD.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
facebook.com
fbcdn.net
fbsbx.com
oglaszammy.pl
static.xx.fbcdn.net
157.240.251.35
157.240.251.9
46.242.241.219
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
8ec368356199ea827d947d0c59cdade0a5673e43789375ac407612d5dd2301d3
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
c0b433ace4ff2c025b01ea4335debec8d91998a7fed885e2f9fcc06e0db5b0fa
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
e55c5587dd71ebd2951db004b75ae3eb2f1fdbd0a2cf1adccb87b58873bf7608
e807b5401a3b536de777b03b8faea38afab47eb227aaafcfff351ff8cd8d87e6

oglaszammy.pl Open in urlscan Pro 46.242.241.219 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

20 Requests

90 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

2 IPs

2 Countries

25 kBTransfer

75 kBSize

0 Cookies

21 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

22 Console Messages

Indicators

oglaszammy.pl Open in urlscan Pro
46.242.241.219 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

2
IPs

2
Countries

25 kB
Transfer

75 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!