placeboook.com Open in urlscan Pro
2606:4700:3035::ac43:a1c3  Malicious Activity! Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response placeboook.com/	12 KB 4 KB	908ms 872ms	Document text/html	2606:4700:3035::ac43:a1c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:a1c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.28 Resource Hash 96a7781aa8a3fcc68d0033ebb8e9e68a9cfe81093458f850a0b0b4ce5699e4fd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 6fde54fb9d649bcb-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 18 Apr 2022 15:11:16 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfqG5cyVmBhyRQFUQ4cGHtlfLWvpd%2B%2F9MoMW9KIfAxjwS%2BmgYEwAdcF%2FUbBbjltpFrdmqB6bFHkptLaTbFxHQWwNguTHdYubpQ%2BQW6EGV5PWz4dFEz6L%2F0uwEu%2B5CqDTc0rzXXik2nuuGeFENQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.28 x-turbo-charged-by LiteSpeed
GET H2	200	L0VTH1UsUXD.css static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/	16 KB 4 KB	27ms 7ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/L0VTH1UsUXD.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b2a9e0d56e0f553ae1e85b6098dbdcebadfabb0948a3910f857c1ec952e47ab9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 8G4qQKzsxISUCtQ+0EkEBQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 3784 x-fb-rlafr 0 x-fb-debug Ty3RXy3pf8sxW4FOMOlja0/8wXxUSLHxMu8H3AI0o8dxsB+i7zZxUnn8SIWwrRRUFQr5hJC4Jfs3NWtl4P7G8w== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sun, 09 Apr 2023 06:03:11 GMT
GET H2	200	gz8GNmX4Wfb.css static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/	20 KB 5 KB	28ms 8ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/gz8GNmX4Wfb.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3f9e51f2857f2f881cfd7dfebf7cbd53177dce2475883d3a1f1048a258dc5cb1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 PR5LUc2EwK6g+h7vOwy7Pg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 5183 x-fb-rlafr 0 x-fb-debug 9VDka7v8Of+RNzARXFoozL/BXHpYFwxnhkem8Py+tmH0jdh4LeX9PkawJ+P2oi2Lmjrp09NW0sz/TnpJujb0QQ== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 13 Apr 2023 01:44:09 GMT
GET H2	200	gXg7fpOtCEi.css static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/	8 KB 2 KB	27ms 8ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/gXg7fpOtCEi.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a6af65a1fc57b43c21a27064c019f56735cc5228c3c6763dc3a9cb59f8452c44 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 SwsODhxCzvVPuvVRrVci5w== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 2000 x-fb-rlafr 0 x-fb-debug nyLtoolaMdyUOwvbr9f8lCVxem/d4jXx5BwCzqaz5MqX8/7P91vy0g2ld6Oh3p3tsdV+ckYc5Ibi8XpWHhV7ag== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sun, 09 Apr 2023 16:02:39 GMT
GET H2	200	HDpAcn1dkih.css static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/	11 KB 3 KB	28ms 9ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/HDpAcn1dkih.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c17aeb7b3b1239262e6e4f16a6d2b1815eab767a9153e9aa4a141cd578e247d5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 PpMc17Th04SIECHwuZhLxA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 2570 x-fb-rlafr 0 x-fb-debug B5OQCTkugNFLI+/maNs6WtPmE3MsnpsOtszeAG9RCQ8EyS6z+UFiopUaVYa1Yr28+951/xgNbIUv50V4vmsrlw== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Tue, 11 Apr 2023 00:09:22 GMT
GET H2	200	PR5f5cH44oq.css static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/	495 B 395 B	29ms 9ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/PR5f5cH44oq.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 292550f8c2044dd0194cd7880a2af002ca18779d079f367debbb9e5cdca9db19 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 yZUbxAGTBXCaSKmy3V5koQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 203 x-fb-rlafr 0 x-fb-debug g//ShGI74lfsBWtIOWGGmwQNUDA/1rB4nFV5+F+/M5pPdgIaPOMSwncVWXOABtC6bd313bKlT1zJi+wwSI1I2A== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 08 Apr 2023 18:52:51 GMT
GET H2	200	oKtKZnsJRNn.css static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/	6 KB 2 KB	29ms 10ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/oKtKZnsJRNn.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a69b08862b3756628a7860c5d3f4f87c8882efebae859695882d8f83100bae69 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 MTbW8yYYdm3+PN91KK/rpQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1700 x-fb-rlafr 0 x-fb-debug noM9pNTyB+U8qOE/PlLYSCO7yUfVHRnKdtswNRasQUgRkwzzt2ZRbmkRqSKr+/RCW+E4FZKNICFYPoR5CGs1Jw== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 08 Apr 2023 21:45:14 GMT
GET H2	200	cUt5H2zD4mg.css static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/	18 KB 5 KB	29ms 9ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/cUt5H2zD4mg.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 73c90bc84766b901b8642193b1d35a61bcfdc56eff0caa773f428a8e0fd13ad8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://placeboook.com/ Origin https://placeboook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 G39jmr+cex/Ixd0ClYQE7A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 4694 x-fb-rlafr 0 x-fb-debug ak4GzvytzalBJUoz4hjGVTFzz3iBOMTBAA7ntqA/zECRrAA3mS8BKlc9XfjyoVj+3wGIY4B668lQS0xa1GuoxA== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 13 Apr 2023 01:44:09 GMT
GET H3	200	dF5SId3UHWd.svg static.xx.fbcdn.net/rsrc.php/y8/r/	2 KB 1 KB	21ms 9ms	Image image/svg+xml	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://placeboook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT content-encoding br x-content-type-options nosniff content-md5 NiMA5zHIsmaYxSYEaw9fHg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1027 x-fb-rlafr 0 x-fb-debug 3ejfSt8fe5Sv21Lu3wnU7NYPtXaUNo9Ymszh48+ypcf1y1ehemqhcNfsOYQRISQzF3HnyRTg75jLcNJ1BZuoEA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 14 Apr 2023 19:42:51 GMT
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 2 KB	61ms 38ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: placeboook.com URL: https://placeboook.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://placeboook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding br x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 0 pragma no-cache x-fb-debug 1jcFs+V1BmUZ9qKifLCRxFWYYgl4q8+RuEqLvj3BINbRWt/FzE8vsOkuoScgr7x/lYEDIJ7Q/x06RQbEbbuX3Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" expires Sat, 01 Jan 2000 00:00:00 GMT cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 18 Apr 2022 15:11:16 GMT strict-transport-security max-age=15552000; includeSubDomains access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * vary Origin, Accept-Encoding cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true x-fb-rlafr 0 priority u=3,i access-control-expose-headers X-FB-Debug, X-Loader-Length
GET H3	200	52vld7hrDEO.png static.xx.fbcdn.net/rsrc.php/v3/yP/r/	24 KB 24 KB	10ms 8ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/52vld7hrDEO.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/gz8GNmX4Wfb.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 47f1298140de830de23a40f8d8d2cf72519c1cead1bda0017033ba71b1a8828c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/gz8GNmX4Wfb.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT x-content-type-options nosniff content-md5 ggnXL+z3/7OT8KA988Y9ig== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 24922 x-fb-rlafr 0 x-fb-debug 5goF2t0eE6/VeHkI6y8tA+Tx62ZRy/xRC3dSW5lZ21729aXmpgANI9r9TILQmJ72NuylmRfRGaqaKKoS72XcRQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sat, 08 Apr 2023 06:29:34 GMT
GET H3	200	YQNfPR9MJfx.png static.xx.fbcdn.net/rsrc.php/v3/yO/r/	925 B 977 B	10ms 9ms	Image image/png	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/YQNfPR9MJfx.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/L0VTH1UsUXD.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/L0VTH1UsUXD.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 18 Apr 2022 15:11:16 GMT x-content-type-options nosniff content-md5 K140XuhbdIPsN30EmTYyQA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 925 x-fb-rlafr 0 x-fb-debug U6KUWIagUWB/nmZ6YiglCaQmAEIqjlpO4vuAKUTcieHAYcCfTnrKhBwuDptXCRNcwSD1x82/WcvShCVuGOw0zw== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sat, 08 Apr 2023 21:19:33 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
placeboook.com
static.xx.fbcdn.net
2606:4700:3035::ac43:a1c3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
292550f8c2044dd0194cd7880a2af002ca18779d079f367debbb9e5cdca9db19
3f9e51f2857f2f881cfd7dfebf7cbd53177dce2475883d3a1f1048a258dc5cb1
47f1298140de830de23a40f8d8d2cf72519c1cead1bda0017033ba71b1a8828c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
73c90bc84766b901b8642193b1d35a61bcfdc56eff0caa773f428a8e0fd13ad8
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
96a7781aa8a3fcc68d0033ebb8e9e68a9cfe81093458f850a0b0b4ce5699e4fd
a69b08862b3756628a7860c5d3f4f87c8882efebae859695882d8f83100bae69
a6af65a1fc57b43c21a27064c019f56735cc5228c3c6763dc3a9cb59f8452c44
b2a9e0d56e0f553ae1e85b6098dbdcebadfabb0948a3910f857c1ec952e47ab9
c17aeb7b3b1239262e6e4f16a6d2b1815eab767a9153e9aa4a141cd578e247d5
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f