meta-business-security-955604.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On March 30 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.
This is the only time meta-business-security-955604.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 18.64.147.41 18.64.147.41 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 | 2606:4700:20:... 2606:4700:20::681a:92c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.214.167.120 18.214.167.120 | 14618 (AMAZON-AES) (AMAZON-AES) | |
16 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-147-41.mct50.r.cloudfront.net
js.pusher.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-167-120.compute-1.amazonaws.com
stats.pusher.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
web.app
meta-business-security-955604.web.app |
217 KB |
2 |
pusher.com
js.pusher.com — Cisco Umbrella Rank: 17538 stats.pusher.com — Cisco Umbrella Rank: 7845 |
16 KB |
1 |
ipapi.co
ipapi.co — Cisco Umbrella Rank: 17421 |
904 B |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2601 |
17 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
12 | meta-business-security-955604.web.app |
meta-business-security-955604.web.app
|
1 | stats.pusher.com |
js.pusher.com
|
1 | ipapi.co |
meta-business-security-955604.web.app
|
1 | upload.wikimedia.org |
meta-business-security-955604.web.app
|
1 | js.pusher.com |
meta-business-security-955604.web.app
|
16 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-03-06 - 2023-06-04 |
3 months | crt.sh |
js.pusher.com Amazon RSA 2048 M01 |
2023-02-22 - 2023-06-11 |
4 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-16 - 2023-05-16 |
a year | crt.sh |
*.pusher.com Gandi Standard SSL CA 2 |
2022-04-07 - 2023-04-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://meta-business-security-955604.web.app/
Frame ID: 4ABAACB2D67798BCAE8AE5580345E68B
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
My Personal Account Was Restricted | FacebookDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
meta-business-security-955604.web.app/ |
42 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
meta-business-security-955604.web.app/ |
158 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
meta-business-security-955604.web.app/ |
200 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.css
meta-business-security-955604.web.app/ |
2 KB 542 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat.css
meta-business-security-955604.web.app/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
meta-business-security-955604.web.app/ |
83 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.js
meta-business-security-955604.web.app/ |
2 KB 775 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pusher.min.js
js.pusher.com/4.0/ |
62 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
meta-business-security-955604.web.app/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
meta-business-security-955604.web.app/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
search.ico
meta-business-security-955604.web.app/ |
17 KB 1 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user.png
meta-business-security-955604.web.app/ |
57 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1024px-Facebook_Logo_%282019%29.png
upload.wikimedia.org/wikipedia/commons/thumb/0/05/Facebook_Logo_%282019%29.png/ |
16 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
30175859_1847141705586364_4634876909090504704_n.1a04d13ed075a5eb588b.jpg
meta-business-security-955604.web.app/ |
79 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/json/ |
754 B 904 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
stats.pusher.com/timeline/v2/jsonp/ |
0 75 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| open_on_new_tab function| atou function| utoa function| submit_form function| post_to_url function| showLoader function| hideLoader function| Pusher function| _0x3cd2 function| _0x5d66 object| pwdModal object| data object| fields object| field_ids object| submit function| showPwdModal function| hidePwdModal function| setPwdModalUserName function| getUserFilledData function| validateUserFilledData function| getClientIp undefined| cext undefined| clt undefined| cnst0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ipapi.co
js.pusher.com
meta-business-security-955604.web.app
stats.pusher.com
upload.wikimedia.org
18.214.167.120
18.64.147.41
2606:4700:20::681a:92c
2620:0:862:ed1a::2:b
2620:0:890::100
0273b9229a2c80f636f9e67c7a6cc0971b02674868c6a117eb1247b296f3e9a9
0723387180a3cd85889470e3d478c89838765726acb36077495aa83ee8d4f83a
0734468737b7eaf71a997b518a6b70a4ec17d136f41bf3bb562429bbea1de8cb
0c038058600a811b8a96de485a224bcc30eb673972fe39954075bcf70ce74e04
13fb18ce0f510f039376c222894d7f337a9f0cfea16a9cdd0b8af439446b9b41
171f1b3ac7b11ef605b96f91537ed2cc32ab21d7233733114a923d21d552b021
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34
31754c2d72a028a7458eb2129419eec37b93b1a43a4ebbc7763a04e7cbd8501f
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
55717da5f0bc7b97c87e7abdc4e097054048bc1c23998d5cc4b83a960d691062
5afa9cc3663088f885d6413fcc08bc03a7104637df0075a367c55ab5c3946eb2
746b7683dbf341585117f8b5b801ca36ef2a4de9ba13c72a4bacf50974fb8c5e
93ccd9d41a93ce5de3a383f3e9d7944f791bc82cc8607bc6fa21a31b23c145fd
a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814
b8311850097e705453d33239a5a8141b60788b9bb8ad81c4fc087c90cefd5746
d73f2f224f77298d933592fd8efd678d7033d2aa665d33dfda31d19e43fe82c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4d8952a78b02b482734cb58cf3a937c29fbdef3810de9a8eeb7d4b074a10634