urlscan.io logo urlscan.io
SecurityTrails logo

tuananh190502.github.io Open in urlscan Pro
2606:50c0:8002::153  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://tuananh190502.github.io/FB/
Submission: On January 11 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is tuananh190502.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time tuananh190502.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 2606:50c0:800... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.48.78.149 131425 (TGDD-AS-V...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2001:ee0:322f... 45899 (VNPT-AS-V...)
7 5
3    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
tuananh190502.github.io
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    103.48.78.149 (Viet Nam)

ASN131425 (TGDD-AS-VN The gioi di dong jsc, VN)
cdn.tgdd.vn
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2001:ee0:322f:0:face:b00c:0:a7 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
scontent.fhph2-1.fna.fbcdn.net
Apex Domain
Subdomains		 Transfer
3 github.io
tuananh190502.github.io
4 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 658
scontent.fhph2-1.fna.fbcdn.net — Cisco Umbrella Rank: 60491
16 KB
1 tgdd.vn
cdn.tgdd.vn — Cisco Umbrella Rank: 109235
20 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
15 KB
7 4
Domain Requested by
3 tuananh190502.github.io tuananh190502.github.io
1 scontent.fhph2-1.fna.fbcdn.net tuananh190502.github.io
1 static.xx.fbcdn.net tuananh190502.github.io
1 cdn.tgdd.vn tuananh190502.github.io
1 cdnjs.cloudflare.com tuananh190502.github.io
7 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.tgdd.vn
AlphaSSL CA - SHA256 - G2		 2021-11-24 -
2022-12-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.fhph2-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2021-12-17 -
2022-03-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tuananh190502.github.io/FB/
Frame ID: DFE47E22DBA40629E3D85C8D1FF37121
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Facebook - Đăng nhập hoặc đăng ký

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io

Page Statistics

7
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

56 kB
Transfer

127 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tuananh190502.github.io/FB/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7bff66e2114736ff63d2de8cd64a47c5a9a12140ebfd6ac785b5fa1ac9fb2dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
GitHub.com
content-type
text/html; charset=utf-8
permissions-policy
interest-cohort=()
x-origin-cache
HIT
last-modified
Sun, 09 Jan 2022 04:22:37 GMT
access-control-allow-origin
*
strict-transport-security
max-age=31556952
etag
W/"61da630d-1447"
expires
Tue, 11 Jan 2022 01:14:03 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
0EEC:7941:1F7F2C:207000:61DCD783
accept-ranges
bytes
date
Tue, 11 Jan 2022 01:08:04 GMT
via
1.1 varnish
age
0
x-served-by
cache-hhn4069-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1641863284.307445,VS0,VE84
vary
Accept-Encoding
x-fastly-request-id
ab4679ac7978885341f032a451dc6ec8df42a04e
content-length
1628
style.css
tuananh190502.github.io/FB/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tuananh190502.github.io/FB/style.css
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3318eb59b504a3ecf0dc0af26b5d142893612da5f8380faf71f109c658a3921d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/FB/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-fastly-request-id
661356dc0061527ab730f453531035ece2650e49
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"61da630d-e2a"
age
0
x-cache
MISS
content-length
1032
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
last-modified
Sun, 09 Jan 2022 04:22:37 GMT
server
GitHub.com
x-github-request-id
833C:CFAA:EA03C:F3BEA:61DCCA3D
x-timer
S1641863284.418055,VS0,VE86
date
Tue, 11 Jan 2022 01:08:04 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Tue, 11 Jan 2022 00:17:25 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 01:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
329372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14850
timing-allow-origin
*
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGqZTzPMOLP%2F2ZPq0AJQAo7rh3x2bz%2FF3Q6BM%2F0DV1VJBlfZzuS9qmV%2By8qGMfSTZ04nHHm1aQSH1ShHX7Mfl5YJINM2KtyI1ZbQW8Fw4VjRwwjVTt0n%2BtkctlGeded2lfAFd8edmbJnGm7s7uVbw%2BvF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cba4077bffd2b29-FRA
expires
Sun, 01 Jan 2023 01:08:04 GMT
Facebook-200x200.jpg
cdn.tgdd.vn/2020/03/GameApp/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tgdd.vn/2020/03/GameApp/Facebook-200x200.jpg
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.48.78.149 , Viet Nam, ASN131425 (TGDD-AS-VN The gioi di dong jsc, VN),
Reverse DNS
Software
/
Resource Hash
eaef3d07fdc402ef06e4afb7cfa3f3343956cf4efde8c01fde8b2f554a736f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 01:08:05 GMT
last-modified
Thu, 19 Mar 2020 01:34:07 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET, HEAD, OPTIONS, POST, PUT
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 11 Jan 2023 01:08:05 GMT
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-be
2111
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length
20174
x-l1h
vds46443
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1027
x-xss-protection
0
x-fb-debug
xLOV6Ya2ySxfL7foFX5ON+v2d/HM843LXTGkzGiltbO8LROoXShrFtfstm+T1RVMqA+ZMKnERh11qfVVMcNi+A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
date
Tue, 11 Jan 2022 01:08:04 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-rlafr
0
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:47:57 GMT
261036410_204169931896903_7796031111819537152_n.jpg
scontent.fhph2-1.fna.fbcdn.net/v/t39.30808-1/s480x480/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fhph2-1.fna.fbcdn.net/v/t39.30808-1/s480x480/261036410_204169931896903_7796031111819537152_n.jpg?_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=y5XRpsMiEe4AX_DsorP&_nc_ht=scontent.fhph2-1.fna&oh=00_AT_DrCA28mLQlRZdozFZLQanaUWHu0sdJ_dB0ubLMgblfQ&oe=61DF4149
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:ee0:322f:0:face:b00c:0:a7 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software
/
Resource Hash
87a92c91be5c1d3a1d35521f4ef9e3639f65f92b1d4734a499eb32fa14d74b58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
2712078019
date
Tue, 11 Jan 2022 01:08:04 GMT
last-modified
Sun, 28 Nov 2021 16:02:49 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3901939407
timing-allow-origin
*
content-length
14620
app.js
tuananh190502.github.io/FB/ 		579 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tuananh190502.github.io/FB/app.js
Requested by
Host: tuananh190502.github.io
URL: https://tuananh190502.github.io/FB/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8db879688374349131edad07c8f1f0b2208fd3a92227ed8dd4d7c86377026b8a
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tuananh190502.github.io/FB/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-fastly-request-id
ca8efa2cb7e5bf9ff4faeb6811178b2d5b12f9e3
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"61da630d-243"
age
0
x-cache
MISS
content-length
250
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
last-modified
Sun, 09 Jan 2022 04:22:37 GMT
server
GitHub.com
x-github-request-id
7314:8888:E5066:EFE6F:61DCD874
x-timer
S1641863284.419334,VS0,VE86
date
Tue, 11 Jan 2022 01:08:04 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Tue, 11 Jan 2022 01:18:04 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| btlOpen object| modal object| btnClose object| iconClose function| toggleModal

0 Cookies

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952