facebook-acc.fornews.me
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On April 24 via api from CA — Scanned from NL
Summary
This is the only time facebook-acc.fornews.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 194.233.79.216 194.233.79.216 | 141995 (CAPL-AS-A...) (CAPL-AS-AP Contabo Asia Private Limited) | |
1 | 139.180.157.226 139.180.157.226 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
1 | 149.28.138.212 149.28.138.212 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
7 | 34.102.176.152 34.102.176.152 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
19 | 8 |
ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi844959.contaboserver.net
mbahguru.co.id |
ASN20473 (AS-CHOOPA, US)
PTR: 139.180.157.226.vultrusercontent.com
syifajayaenergy.co.id |
ASN20473 (AS-CHOOPA, US)
PTR: 149.28.138.212.vultrusercontent.com
www.jmkp.co.id |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6267 |
99 KB |
6 |
fornews.me
facebook-acc.fornews.me |
309 KB |
1 |
jmkp.co.id
www.jmkp.co.id |
42 KB |
1 |
syifajayaenergy.co.id
syifajayaenergy.co.id |
275 KB |
1 |
mbahguru.co.id
mbahguru.co.id |
87 KB |
1 |
gstatic.com
fonts.gstatic.com |
8 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344 |
6 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
1 KB |
19 | 8 |
Domain | Requested by | |
---|---|---|
7 | static.wixstatic.com | |
6 | facebook-acc.fornews.me |
facebook-acc.fornews.me
|
1 | www.jmkp.co.id | |
1 | syifajayaenergy.co.id | |
1 | mbahguru.co.id | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdnjs.cloudflare.com |
facebook-acc.fornews.me
|
1 | fonts.googleapis.com |
facebook-acc.fornews.me
|
19 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
mbahguru.co.id R3 |
2023-04-22 - 2023-07-21 |
3 months | crt.sh |
syifajayaenergy.co.id R3 |
2023-04-16 - 2023-07-15 |
3 months | crt.sh |
jmkp.co.id R3 |
2023-03-06 - 2023-06-04 |
3 months | crt.sh |
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-05 - 2023-09-01 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://facebook-acc.fornews.me/
Frame ID: 1E4CA1C776B9DBF1169C0437EE080D24
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Mango LiveDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
facebook-acc.fornews.me/ |
487 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.e6c00783.js
facebook-acc.fornews.me/assets/ |
673 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.85530def.css
facebook-acc.fornews.me/assets/ |
40 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Index.1166647c.js
facebook-acc.fornews.me/assets/ |
191 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Index.14d39171.css
facebook-acc.fornews.me/assets/ |
13 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Mango-live.png
mbahguru.co.id/wp-content/uploads/2020/08/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mango-live-mod-apk.png
syifajayaenergy.co.id/wp-content/uploads/2021/11/ |
276 KB 275 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Title-VIP.jpg
www.jmkp.co.id/wp-content/uploads/2022/05/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f76d_2209da23e70b4a7ab8cc16c5669c973c~mv2.webp
static.wixstatic.com/media/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f76d_9e5f0ad86f6942048a7b13596c52fc66~mv2.webp
static.wixstatic.com/media/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f76d_e34c85c296c245e09d26fdda290e23ca~mv2.webp
static.wixstatic.com/media/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
310739104_434727565465648_2887968557010782041_n.jpg
static.wixstatic.com/media/66f76d_9ac1d21b0c83451786c7fea3ff362793~mv2.jpg/v1/crop/x_0,y_44,w_262,h_268/fill/w_161,h_165,al_c,q_80,usm_0.66_1.00_0.01,enc_auto/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f76d_0953142b81344b888d3352c6e052050f~mv2.webp
static.wixstatic.com/media/ |
55 KB 55 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f76d_4f440aa6a8604dfd9ec49976c897a59a~mv2.webp
static.wixstatic.com/media/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.092a3cd5.png
facebook-acc.fornews.me/assets/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Live%20Streaming.png
static.wixstatic.com/media/66f76d_d0a5990f0e934542bf9919cbd7f46e3f~mv2.png/v1/fill/w_152,h_114,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ |
6 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| vttjs function| WebVTT boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
facebook-acc.fornews.me
fonts.googleapis.com
fonts.gstatic.com
mbahguru.co.id
static.wixstatic.com
syifajayaenergy.co.id
www.jmkp.co.id
139.180.157.226
149.28.138.212
194.233.79.216
2606:4700::6811:190e
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a06:98c1:3120::3
34.102.176.152
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
14d39171841cf7d848ae41e705f797f93721e7c78562367e514a0875536180bb
18b9b037811462faf3d8c7988f0fc254a8d7c7506b89d5738d6ba9114641ffad
32660cf5cc2e349feab1398204e85db9db84e8a1623723411ed36915a60bb74b
3bfad49db0c0ef78285e189e38e1b294945fa194346f2b400b1a6b5cdd705841
3eab4a10e908868003708d08a94108aef185ee0127d0cc679230200463525e0a
585ef023149c6f06656e0727e2feed0ea62bd099564042832d22f1bff290a25d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85530defde2a1663d742bee2f909764d3c326c9bd66c1dbdb203e619e801b5a4
8bf3a1ce7b1773935eebc7da337c80aa82a1cf1693f11789a88838365cdc781b
94788b4753dfe4bd67266f5702bc0488fbf05f979addd2c04ef76efb9a34cbad
a528e46ea92d5fa601b443b79bb8f63eb476e910a7b1849704c2b1708e4455cb
aaf91d71be6d13f30d318c24fbbe2ff7e7609f982088f1c9534383ff20959311
b938c466b97b0a4321790b911f9a5f42d670c527673cca14fab1b911306ca06a
c2acc96a9bf1c63d8a3eed8f76025c3295f6f15c5c521c91afcc9cbb6ac854e1
de8cd4304b473d3d93a5ff1c78261a41cec46de9682708525e767409831e56d0
e107308594e0274ca3dc1608d20663828f1fabcc41640ad86e365955f349a5b7
e96724d67ae9f3f78185fda74c4c881fa056d95c31fc9b5dac5241e05f2f99df