sign-in-77774444110000.ml Open in urlscan Pro
161.97.135.254  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request inco556ze57rct1.html Show response sign-in-77774444110000.ml/	14 KB 14 KB	94ms 42ms	Document text/html	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Full URL http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash 66f7473c903adb93e2d92e5f8fe1d7604ba28af109097b51120e102667917fe4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 13991 Content-Type text/html Date Thu, 01 Dec 2022 13:31:18 GMT Keep-Alive timeout=5, max=100 Last-Modified Thu, 17 Nov 2022 22:04:48 GMT Server Apache
GET H/1.1	200 OK	m.fb89sd9.css sign-in-77774444110000.ml/mobile-facebook-verification_files/	92 KB 92 KB	45ms 43ms	Stylesheet text/css	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Full URL http://sign-in-77774444110000.ml/mobile-facebook-verification_files/m.fb89sd9.css Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash aa03983922acf6ace41158ff5f013edfd9dd838dd7a0c545dd1bb413c4d562b6 Request headers accept-language de-DE,de;q=0.9 Referer http://sign-in-77774444110000.ml/inco556ze57rct1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Last-Modified Wed, 22 Jun 2022 20:57:18 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 94027
GET H/1.1	200 OK	m.fb897f65y.css sign-in-77774444110000.ml/mobile-facebook-verification_files/	9 KB 9 KB	83ms 40ms	Stylesheet text/css	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Full URL http://sign-in-77774444110000.ml/mobile-facebook-verification_files/m.fb897f65y.css Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash 82c3d06b01cbc3aee305004063648b0fd400faf77a6aa1974e0781b04b350190 Request headers accept-language de-DE,de;q=0.9 Referer http://sign-in-77774444110000.ml/inco556ze57rct1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Last-Modified Wed, 22 Jun 2022 20:57:18 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9142
GET H/1.1	404 Not Found	IoU6C6Z1Eqy.js.download sign-in-77774444110000.ml/mobile-facebook-verification_files/	0 0	83ms 41ms	Script text/html	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Full URL http://sign-in-77774444110000.ml/mobile-facebook-verification_files/IoU6C6Z1Eqy.js.download Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash Request headers Referer http://sign-in-77774444110000.ml/inco556ze57rct1.html Origin http://sign-in-77774444110000.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	request sign-in-77774444110000.ml/mobile-facebook-verification_files/	0 0	42ms 42ms	Script text/html	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Full URL http://sign-in-77774444110000.ml/mobile-facebook-verification_files/request Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://sign-in-77774444110000.ml/inco556ze57rct1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET		request p02.notifa.info/3fsmd3/	0 0
GET H/1.1	200 OK	F8n3WrEc0r.png sign-in-77774444110000.ml/mobile-facebook-verification_files/	6 KB 6 KB	46ms 46ms	Image image/png	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL http://sign-in-77774444110000.ml/mobile-facebook-verification_files/F8n3WrEc0r.png Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/inco556ze57rct1.html Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash 91252e877e09c401110e603eaf0ff8eb78f7e38c1316db14f131fcb3f896bbb4 Request headers accept-language de-DE,de;q=0.9 Referer http://sign-in-77774444110000.ml/inco556ze57rct1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Last-Modified Wed, 22 Jun 2022 20:57:18 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6331
GET H/1.1	404 Not Found	Yw0RiQgp0g-.png sign-in-77774444110000.ml/rsrc.php/v3/yT/r/	16 B 16 B	44ms 44ms	Image text/html	161.97.135.254 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL http://sign-in-77774444110000.ml/rsrc.php/v3/yT/r/Yw0RiQgp0g-.png Requested by Host: sign-in-77774444110000.ml URL: http://sign-in-77774444110000.ml/mobile-facebook-verification_files/m.fb89sd9.css Protocol HTTP/1.1 Server 161.97.135.254 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS server22.busana.my.id Software Apache / Resource Hash 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41 Request headers accept-language de-DE,de;q=0.9 Referer http://sign-in-77774444110000.ml/mobile-facebook-verification_files/m.fb89sd9.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Thu, 01 Dec 2022 13:31:19 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

p02.notifa.info

URL

http://p02.notifa.info/3fsmd3/request?id=1&enc=9UwkxLgY9&params=4TtHaUQnUEiP6K%2fc5C582JKzDzTsXZH2I%2f4s6DCJAIEuSVOGSbLf1iVWqzSvxLgMzAm2xywBWIA0v5DO20c8JCyb9zo1JzUj6AKfjNgwkL37iBdQE1jcv5VWpYB%2fVJRoS3n42hCz6StPYKveilihIWWbUYsuhbiSGswGWMAMtf%2bbek82LelGcTZzw09v6pFRJTy2S25oTqrc%2bQDyDEIwPPCnFDlwRWAGoRkkdE1HE4Nij8Zxh4TYPW8JORLZEA%2bPvPTQPYNnVgpKGnOfgL7bffqL%2b8WZLDTOUid%2fyI99mGO9GU6WfZTIL7Bz%2fHKWt%2fTwiqa86Q1%2bbxgXgEKPNo29wJwri15Pgvv3cndFCae%2b%2bI671n2hV7NpwXabT%2fIVs%2fQuih8Jpo9jfVM%2b%2fSVDG7uNSkW5zuXIeYQWG7vqJTMf8NyYE1GhcJCq%2fIDPfK2LHb8FNMnX0EjDjSb90Eg%2bKjxt3TwejQsrmKVCW8WpUD%2bN05cRos1Otq5FfANFMW%2b2M3M9c3M6HvQ6tqA0HztjyAimH3spe71wV6lHgOPc%2bnWSD4FYNIZ7xa%2fTpQM4n169Y%2bTPCLdy6bLszATwJ3CducQDHzOMsfOUM9g3nGaf8uSvfckBwApA3Uu5zvYLmiQCqGZr&idc_r=77192874954&domain=localhost&sw=411&sh=823

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __updateOrientation function| mousedwn

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://sign-in-77774444110000.ml/mobile-facebook-verification_files/IoU6C6Z1Eqy.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://sign-in-77774444110000.ml/mobile-facebook-verification_files/request Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://p02.notifa.info/3fsmd3/request?id=1&enc=9UwkxLgY9&params=4TtHaUQnUEiP6K%2fc5C582JKzDzTsXZH2I%2f4s6DCJAIEuSVOGSbLf1iVWqzSvxLgMzAm2xywBWIA0v5DO20c8JCyb9zo1JzUj6AKfjNgwkL37iBdQE1jcv5VWpYB%2fVJRoS3n42hCz6StPYKveilihIWWbUYsuhbiSGswGWMAMtf%2bbek82LelGcTZzw09v6pFRJTy2S25oTqrc%2bQDyDEIwPPCnFDlwRWAGoRkkdE1HE4Nij8Zxh4TYPW8JORLZEA%2bPvPTQPYNnVgpKGnOfgL7bffqL%2b8WZLDTOUid%2fyI99mGO9GU6WfZTIL7Bz%2fHKWt%2fTwiqa86Q1%2bbxgXgEKPNo29wJwri15Pgvv3cndFCae%2b%2bI671n2hV7NpwXabT%2fIVs%2fQuih8Jpo9jfVM%2b%2fSVDG7uNSkW5zuXIeYQWG7vqJTMf8NyYE1GhcJCq%2fIDPfK2LHb8FNMnX0EjDjSb90Eg%2bKjxt3TwejQsrmKVCW8WpUD%2bN05cRos1Otq5FfANFMW%2b2M3M9c3M6HvQ6tqA0HztjyAimH3spe71wV6lHgOPc%2bnWSD4FYNIZ7xa%2fTpQM4n169Y%2bTPCLdy6bLszATwJ3CducQDHzOMsfOUM9g3nGaf8uSvfckBwApA3Uu5zvYLmiQCqGZr&idc_r=77192874954&domain=localhost&sw=411&sh=823 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://sign-in-77774444110000.ml/rsrc.php/v3/yT/r/Yw0RiQgp0g-.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p02.notifa.info
sign-in-77774444110000.ml
p02.notifa.info
161.97.135.254
66f7473c903adb93e2d92e5f8fe1d7604ba28af109097b51120e102667917fe4
82c3d06b01cbc3aee305004063648b0fd400faf77a6aa1974e0781b04b350190
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
91252e877e09c401110e603eaf0ff8eb78f7e38c1316db14f131fcb3f896bbb4
aa03983922acf6ace41158ff5f013edfd9dd838dd7a0c545dd1bb413c4d562b6