www.facebook.de-de.icu Open in urlscan Pro
93.157.63.234  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.facebook.de-de.icu/	8 KB 2 KB	94ms 26ms	Document text/html	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Full URL https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash ec2fcc0b1ef10b40b9382e2b5594435ffd1373047914e482804c8ede42d2a7ed Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-encoding br content-type text/html; charset=UTF-8 date Tue, 04 Oct 2022 09:08:29 GMT vary Accept-Encoding
GET H2	200	site.css www.facebook.de-de.icu/assets/css/	7 KB 1 KB	24ms 24ms	Stylesheet text/css	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Full URL https://www.facebook.de-de.icu/assets/css/site.css Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash f9eab2ea31b2c2831ee542f04c94e572a40fb01fa832a78eaea9acb19dfec82b Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:32 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1409 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	jquery.js Show response www.facebook.de-de.icu/assets/js/	87 KB 30 KB	30ms 29ms	Script application/javascript	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Full URL https://www.facebook.de-de.icu/assets/js/jquery.js Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:34 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 30260 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	script.js Show response www.facebook.de-de.icu/assets/js/	4 KB 2 KB	52ms 51ms	Script application/javascript	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Full URL https://www.facebook.de-de.icu/assets/js/script.js Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 4ecfaa9f8e858419dd9097396e22e1032a42cb58d0999cf8e206090ae2280433 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:34 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 1590 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	fb-logo.png www.facebook.de-de.icu/assets/img/	34 KB 34 KB	23ms 23ms	Image image/png	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/fb-logo.png Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 4c403fc26b9b547d1a430fec0f1c2fc07bcd001a5ac82867c017347f0f6e4c19 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/png date Tue, 04 Oct 2022 09:08:29 GMT cache-control public, max-age=604800 last-modified Tue, 19 Oct 2021 10:25:30 GMT accept-ranges bytes content-length 35048 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	logo.svg www.facebook.de-de.icu/assets/img/	717 B 464 B	23ms 23ms	Image image/svg+xml	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/logo.svg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash eb8cfae733674e8a52d057abb8419ee00a9047710f716cea4747036839ee1e0b Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:30 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 418 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	menu_1.png www.facebook.de-de.icu/assets/img/	4 KB 4 KB	25ms 22ms	Image image/png	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/menu_1.png Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 495d273b457002a7f36e55ee220b880513759ce3069ca12d4d09b6890d136d3f Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/png date Tue, 04 Oct 2022 09:08:29 GMT cache-control public, max-age=604800 last-modified Tue, 19 Oct 2021 10:25:30 GMT accept-ranges bytes content-length 3880 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	menu_2.png www.facebook.de-de.icu/assets/img/	5 KB 5 KB	32ms 29ms	Image image/png	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/menu_2.png? Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 1856516f44bf6b3b452c0b754c11291617f5dde2b93034c9a37013e7065f2262 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/png date Tue, 04 Oct 2022 09:08:29 GMT cache-control public, max-age=604800 last-modified Tue, 19 Oct 2021 10:25:30 GMT accept-ranges bytes content-length 4822 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	media.media.63486c77-3bb3-4419-8271-79dd017626df.original1024.jpg www.esslinger-zeitung.de/	71 KB 72 KB	226ms 106ms	Image image/jpeg	195.50.179.148 VODANET Internati...
General Check archive.org Show headers Download Go to Show image Full URL https://www.esslinger-zeitung.de/media.media.63486c77-3bb3-4419-8271-79dd017626df.original1024.jpg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.50.179.148 Hamburg, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS lb-sir-cmsfe.dns.boreus.de Software / Resource Hash 6a1e8ab4874311f2bf6b9cb3ea7f77f35041a9e87826bb26e4bb0ff771ed4894 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT via 1.1 varnish-v4 x-content-type-options nosniff content-security-policy upgrade-insecure-requests age 0 vary Accept-Encoding, User-Agent x-frame-options sameorigin x-varnish 75989300 content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 72725 x-xss-protection 1; mode=block x-ua-dig desktop expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	like.svg www.facebook.de-de.icu/assets/img/reactions/	1 KB 787 B	33ms 30ms	Image image/svg+xml	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/reactions/like.svg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash bc2529d1bf7f1fdd22e49f54f96c82e4d23e89366877571655c6b303d7451556 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:32 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 742 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	angry.svg www.facebook.de-de.icu/assets/img/reactions/	4 KB 1 KB	33ms 31ms	Image image/svg+xml	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/reactions/angry.svg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash d9440a7cdb9841a562f8ce8180e8609a19feffe4eca13c8a6d34a33884fd83d3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:30 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1307 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	sad.png www.facebook.de-de.icu/assets/img/reactions/	128 KB 128 KB	34ms 31ms	Image image/png	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/reactions/sad.png Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash e7c432685e47e5d19c2475ad945359271b216f3ddba59f12ce0d680043c3c107 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/png date Tue, 04 Oct 2022 09:08:29 GMT cache-control public, max-age=604800 last-modified Sun, 27 Feb 2022 13:19:14 GMT accept-ranges bytes content-length 130801 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	input-buttons.png www.facebook.de-de.icu/assets/img/	7 KB 7 KB	34ms 32ms	Image image/png	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/input-buttons.png? Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 101bca882d942683adfb3f57db70844a480785ad5740a634965c562758da11a7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/png date Tue, 04 Oct 2022 09:08:29 GMT cache-control public, max-age=604800 last-modified Tue, 19 Oct 2021 10:25:30 GMT accept-ranges bytes content-length 7164 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	loading.svg www.facebook.de-de.icu/assets/img/	1 KB 386 B	55ms 54ms	Image image/svg+xml	93.157.63.234 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.de-de.icu/assets/img/loading.svg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 93.157.63.234 , Russian Federation, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash da7441e4dcddbc8b4207a334a7ef1450a49ef5789396aa9a43c21b0b778f9d6b Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT content-encoding br last-modified Tue, 19 Oct 2021 10:25:30 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 353 expires Tue, 11 Oct 2022 09:08:29 GMT
GET H2	200	46.jpg randomuser.me/api/portraits/women/	6 KB 6 KB	87ms 38ms	Image image/jpeg	2606:4700:e0::ac40:6c02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/women/46.jpg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6c02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efdb6ee589c3b1c29cbed18fe546fe8d9e2764f92cfa9a27bcb2d95b4f402e13 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2591371 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5782 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-1696" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwpwT2muvypiYIXhy2fDn8MO65Rolaf9wkPNm%2BKXnT8M8mEfSBSJzY2nWt6rv4pZaMmIV8KRIXP7PHRTnpyvGL8Tu4LO5UF%2BhMHKTbZhCJKKADAhZopVn49LnjidcSiSA9gGz4AH5SxJDsMe"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 754cc5f41b0f695e-FRA expires Mon, 03 Oct 2022 16:35:26 GMT
GET H2	200	84.jpg randomuser.me/api/portraits/men/	4 KB 4 KB	76ms 27ms	Image image/jpeg	2606:4700:e0::ac40:6c02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/men/84.jpg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6c02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0939e4e89294f566a05be48754bd62dab535e01a85e1f96b6bcc7b26a968f294 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 948297 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4051 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-fd3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rx76pG4Pw0wTxWmU0c7yi%2BmUpYQ3OgjVosfBWgAmCRVPdZjQWsWp1VlyfwXIl%2Bk4c9nIUq2Zr1%2BpIEyYA0DEwKKgZTjjRnltP4%2Bxu38ySd3KUIMg2L%2By28O%2BhGUYeP%2FnYcpRh9VbxQr0tTv8"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 754cc5f41b0e695e-FRA expires Sat, 24 Sep 2022 11:26:15 GMT
GET H2	200	60.jpg randomuser.me/api/portraits/men/	4 KB 5 KB	77ms 28ms	Image image/jpeg	2606:4700:e0::ac40:6c02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/men/60.jpg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6c02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82a53ec7286641124351dde4b145df2cc2a4799707467d290d73dbbab56d122a Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1384984 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4563 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-11d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIzZ6iBdWD79Ao07GqX9mUOmdf0FeBWKZ2BQNCoKN8828Q19n0JZfD%2B8F%2FZd6ti2kZhn3flfC0gQlBqLQAsmX8q0BQKwt1Mf7Q0Ir4%2FmpBZSnehAqaukK%2B1SZ5Xb31%2F2ATxPZtU%2Bp6WqxlHh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 754cc5f41b08695e-FRA expires Sat, 15 Oct 2022 00:38:46 GMT
GET H2	200	74.jpg randomuser.me/api/portraits/women/	11 KB 12 KB	72ms 24ms	Image image/jpeg	2606:4700:e0::ac40:6c02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://randomuser.me/api/portraits/women/74.jpg Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6c02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a099b9dde9a3456aa61df1a92159cce65c0a69d8c2f7f9c1923ba093640899a1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.de-de.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 09:08:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2055671 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11745 last-modified Tue, 05 Jul 2022 00:27:53 GMT server cloudflare etag "62c38589-2de1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5folVecB2dz0WwLaZefahxiQm0ohu%2BJulVY4YlHEq28ew5tUf%2F6jU1Uz8Mtr1loX1xM5am%2F5lAcgLTZ2cSka5tM9X6O0RqCfMKosaEt5ZmgQZhwKj%2B1aE81Oe9dcPkYGJFtXKP25ijKS1BK6"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 754cc5f41b06695e-FRA expires Thu, 15 Sep 2022 00:32:18 GMT
GET H/1.1	404 Not Found	87998978879 Show response player.vimeo.com/video/ Frame 7298	3 KB 2 KB	240ms 181ms	Document text/html	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/87998978879 Requested by Host: www.facebook.de-de.icu URL: https://www.facebook.de-de.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c5c88eebde1c96ae22e3d5f69ee6b9e8f835fd62cf5d01ba3fbb4bf370f187e Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline'; script-src 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.facebook.de-de.icu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 754cc5f42c059bb9-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 04 Oct 2022 09:08:29 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-hhn4076-HHN X-Timer S1664874510.511818,VS0,VE115 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy default-src 'self'; style-src 'unsafe-inline'; script-src 'unsafe-inline' strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy5 x-bapp-server player-668dcfbf46-pqcjl x-content-type-options nosniff x-host player-668dcfbf46-pqcjl x-varnish-cache 0 x-vimeo-error player-backend x-vserver playproxy-rollout-prod-varnish-4 x-xss-protection 1; mode=block

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| _0x1cd8 function| _0x56ed

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vimeo.com/	1970-01-20 06:27:56	Name: __cf_bm Value: Qd..smb5MnIGx.61OkCuVoa4a1CEwzfZuecAuyS3R.c-1664874509-0-AetLU2wnUULz7E5MoyN8RnLPvd/dTBJ1p/0o3qwAb0qWdS/50nOxd5az1595U+M9399hsxhvE/n+isexmuIWNYs=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://player.vimeo.com/video/87998978879 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

player.vimeo.com
randomuser.me
www.esslinger-zeitung.de
www.facebook.de-de.icu
162.159.128.61
195.50.179.148
2606:4700:e0::ac40:6c02
93.157.63.234
0939e4e89294f566a05be48754bd62dab535e01a85e1f96b6bcc7b26a968f294
101bca882d942683adfb3f57db70844a480785ad5740a634965c562758da11a7
1856516f44bf6b3b452c0b754c11291617f5dde2b93034c9a37013e7065f2262
495d273b457002a7f36e55ee220b880513759ce3069ca12d4d09b6890d136d3f
4c403fc26b9b547d1a430fec0f1c2fc07bcd001a5ac82867c017347f0f6e4c19
4ecfaa9f8e858419dd9097396e22e1032a42cb58d0999cf8e206090ae2280433
6a1e8ab4874311f2bf6b9cb3ea7f77f35041a9e87826bb26e4bb0ff771ed4894
7c5c88eebde1c96ae22e3d5f69ee6b9e8f835fd62cf5d01ba3fbb4bf370f187e
82a53ec7286641124351dde4b145df2cc2a4799707467d290d73dbbab56d122a
a099b9dde9a3456aa61df1a92159cce65c0a69d8c2f7f9c1923ba093640899a1
bc2529d1bf7f1fdd22e49f54f96c82e4d23e89366877571655c6b303d7451556
d9440a7cdb9841a562f8ce8180e8609a19feffe4eca13c8a6d34a33884fd83d3
da7441e4dcddbc8b4207a334a7ef1450a49ef5789396aa9a43c21b0b778f9d6b
e7c432685e47e5d19c2475ad945359271b216f3ddba59f12ce0d680043c3c107
eb8cfae733674e8a52d057abb8419ee00a9047710f716cea4747036839ee1e0b
ec2fcc0b1ef10b40b9382e2b5594435ffd1373047914e482804c8ede42d2a7ed
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
efdb6ee589c3b1c29cbed18fe546fe8d9e2764f92cfa9a27bcb2d95b4f402e13
f9eab2ea31b2c2831ee542f04c94e572a40fb01fa832a78eaea9acb19dfec82b