www.facebook-login.xyz
Open in
urlscan Pro
35.162.215.88
Malicious Activity!
Public Scan
Submission: On May 02 via automatic, source openphish
Summary
This is the only time www.facebook-login.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 35.162.215.88 35.162.215.88 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
22 | 2a03:2880:f11... 2a03:2880:f11a:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
23 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-162-215-88.us-west-2.compute.amazonaws.com
www.facebook-login.xyz |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
facebook.com
www.facebook.com |
330 KB |
1 |
facebook-login.xyz
www.facebook-login.xyz |
35 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | www.facebook.com |
www.facebook-login.xyz
www.facebook.com |
1 | www.facebook-login.xyz | |
23 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2016-12-09 - 2018-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.facebook-login.xyz/
Frame ID: 29989.1
Requests: 25 HTTP requests in this frame
17 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Forgotten account?
Search URL Search Domain Scan URL
Title: বাংলা
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: اردو
Search URL Search Domain Scan URL
Title: नेपाली
Search URL Search Domain Scan URL
Title: ଓଡ଼ିଆ
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Moments
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 23- http://www.facebook.com/ajax/ua_callback.php?__a=1&__af=iw&__be=-1&__dyn=7AzHK4GgN2Hy49UrJxm2q3miWGey8G8rWo466EeVE98nwgUb8aUgxebmbwPG2iuUG4XzEa8uwh9Vobo88lwIxWcwJwnoCiu2K4o6m5FFovgeFUuwxxW1hwam6pHx...
- https://www.facebook.com/ajax/ua_callback.php?__a=1&__af=iw&__be=-1&__dyn=7AzHK4GgN2Hy49UrJxm2q3miWGey8G8rWo466EeVE98nwgUb8aUgxebmbwPG2iuUG4XzEa8uwh9Vobo88lwIxWcwJwnoCiu2K4o6m5FFovgeFUuwxxW1hwam6pH...
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.facebook-login.xyz/ |
141 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5E0UBfO0kgd.css
www.facebook.com/rsrc.php/v3/yK/l/0,cross/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1va0KqgAP_v.css
www.facebook.com/rsrc.php/v3/yM/l/0,cross/ |
43 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sQH8gOL_ZF4.css
www.facebook.com/rsrc.php/v3/yI/l/0,cross/ |
102 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lZ86cv9aR90.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ |
40 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heHIbQoi_Vb.css
www.facebook.com/rsrc.php/v3/yf/l/0,cross/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qTunciO37z_.js
www.facebook.com/rsrc.php/v3/yH/r/ |
208 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KeyrwiujJDM.png
www.facebook.com/rsrc.php/v3/y2/r/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pyNVUg5EM0j.png
www.facebook.com/rsrc.php/v3/yx/r/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GsNJNwuI-UM.gif
www.facebook.com/rsrc.php/v3/yb/r/ |
522 B 531 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MxQ7-TvJ3Dl.png
www.facebook.com/rsrc.php/v3/ya/r/ |
606 B 615 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MoEvGg9rsfU.js
www.facebook.com/rsrc.php/v3im214/yh/l/en_GB/ |
190 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ROk55M2btal.js
www.facebook.com/rsrc.php/v3i3sm4/yk/l/en_GB/ |
47 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bEc69EigTOp.js
www.facebook.com/rsrc.php/v3ixzs4/yY/l/en_GB/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JHwrtO8_ybE.js
www.facebook.com/rsrc.php/v3/y1/r/ |
2 KB 732 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rfo9lGfzGPh.js
www.facebook.com/rsrc.php/v3iFfa4/yy/l/en_GB/ |
157 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FCI6M2iVFr4.js
www.facebook.com/rsrc.php/v3/yU/r/ |
9 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3DQw17I81ml.js
www.facebook.com/rsrc.php/v3/yp/r/ |
65 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YaFfrQWs5Uf.js
www.facebook.com/rsrc.php/v3/yJ/r/ |
25 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jCVBMJMsm4e.js
www.facebook.com/rsrc.php/v3if3Y4/yV/l/en_GB/ |
174 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrzBhVwQXqY.js
www.facebook.com/rsrc.php/v3/ya/r/ |
20 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
www.facebook.com/rsrc.php/v3/y4/r/ |
43 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua_callback.php
www.facebook.com/ajax/ Redirect Chain
|
43 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.facebook-login.xyz
www.facebook.com
2a03:2880:f11a:83:face:b00c:0:25de
35.162.215.88
1f57d04ab0c6b3017f7872df33372ee34489ecdb2fa48b447e538f2fc98e2598
2308171b8917bc685f910e6f499a072d8adb031529b68a792686450f451b80a5
34f9594c8ace90c32df51d4b53f5b5ffcb6d96d7fabb840e0d8b604e9b39ab31
3be8b840839492da14acc734364f3def42ad66d7b2495989caa30f47ed6a7bee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
724b32b9ca58af8ce5a92e57e9b853dc0cf9cbe14dd2ec8704f6204e180af993
7f4fbb61e5a1226b421109d4bfeb68b371b240bb6a0131c54581b777cb649908
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
88dfd9fac3fa192acb075df350463441fa2eca3b31817356b2ddf0fabf59778d
8982e48610260121c1386b823259337a7eab1051816050a58a49bf7e020be1fd
96208c0315f20502b81faee2067a2cbd2466bae1897180ad90f6650f1951ceda
9a67fc4a7b9baa639b319f162a9a17f982d7e1b653aa12b08ec7a2ab74275773
9fecf44f70575fcf8e7eec99f2b1de9299d405ae7782e1982cded9dd7c5f82f9
b8abe53901b76306539ea3b093245257b2dbcd15daa85a79850c5ed6cb26dd14
be43af77f60f84fb58b51c2f4840893a7ca79f97c295c05916d4959f39c853f0
c37391feac3a872d7d0a51396f17000506be3ad729e34aa8ed478bf4fbbc01cf
c63295b9a226783c80c36bf2a99a04ec4bf0a7c996df04fad43bb198c6aa193b
e4346f5384e39278026f932aecfe2af6554ae08a9183b8a7e3f84323b750eab1
e4bdb18fb16646a78e22f9e2b3570720d6dec0b3520ec135d377a1cc1833e1b9
e8375c63f330b34812c1185a670164da0e83c549bfd53665b4bdd6f0e03c4978
ec9cd1633210574871fdcbb730faaf32022436c731585b3b58bf577e1e2fe853
ece5d4cbbc29ed830681c305dc7c8be81e0cabcec9fbef401ee8598a5bda3d67
f5e49285106d7024373e3a8ef35945c0080e01ef2dff89c5f181a8ea14675169
f99ff0f5955e1de2ecafcafb2fc6933c1020c4abbdfeb6c090cffe93e1cbb239