www.facebooksecure.net
Open in
urlscan Pro
143.198.210.251
Malicious Activity!
Public Scan
Submission: On April 07 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on April 7th 2021. Valid for: 3 months.
This is the only time www.facebooksecure.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 143.198.210.251 143.198.210.251 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
27 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK) | |
35 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
fbcdn.net
static.xx.fbcdn.net |
323 KB |
5 |
facebooksecure.net
www.facebooksecure.net |
35 KB |
2 |
atdmt.com
cs.atdmt.com cx.atdmt.com |
2 KB |
1 |
facebook.com
facebook.com |
1 KB |
35 | 4 |
Domain | Requested by | |
---|---|---|
27 | static.xx.fbcdn.net |
www.facebooksecure.net
static.xx.fbcdn.net |
5 | www.facebooksecure.net |
static.xx.fbcdn.net
|
1 | cx.atdmt.com |
www.facebooksecure.net
|
1 | facebook.com |
www.facebooksecure.net
|
1 | cs.atdmt.com |
www.facebooksecure.net
|
35 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
facebooksecure.net R3 |
2021-04-07 - 2021-07-06 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2021-03-26 - 2021-06-24 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.facebooksecure.net/
Frame ID: 25A3C11EF810D731D46D923A1488E10B
Requests: 34 HTTP requests in this frame
Frame:
https://www.facebooksecure.net/intern/common/referer_frame.php
Frame ID: C4AA90B1E9181CBBEA24D2969C425B9C
Requests: 2 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Title: Forgot account?
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: Facebook Pay
Search URL Search Domain Scan URL
Title: Oculus
Search URL Search Domain Scan URL
Title: Portal
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.facebooksecure.net/ |
186 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lPjqTrZdgsu.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s8FMQRvrcP_.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ |
33 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t-7-XdFUc5v.css
static.xx.fbcdn.net/rsrc.php/v3/yJ/l/0,cross/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XzMVk90uhh2.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b4THRVjtfKP.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iWbQtMrJW8n.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
2 KB 628 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GcfT0SPHYe4.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ |
271 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
cs.atdmt.com/ |
67 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ycO1-AYtB-B.js
static.xx.fbcdn.net/rsrc.php/v3i7M54/yg/l/en_US/ |
69 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3hsmIhDOIUG.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ |
60 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IEOQM8FL8ot.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L42kvzX0PIv.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hm02Lq6f6Mh.png
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YQNfPR9MJfx.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
q9t40QFxaqH.js
static.xx.fbcdn.net/rsrc.php/v3iYXl4/yw/l/en_US/ |
91 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BbmNVjlQ4xf.js
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yu/l/en_US/ |
45 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZjJiRjUZPhb.js
static.xx.fbcdn.net/rsrc.php/v3ipVm4/yL/l/en_US/ |
113 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Kzub518YnQS.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ |
81 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A2LismgdLgU.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UzPB1HPdkc1.js
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tVy0vMZydPT.js
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MhX_YSM5H1a.js
static.xx.fbcdn.net/rsrc.php/v3i89Q4/yE/l/en_US/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GMJqjU7rOqZ.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ |
155 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aYv4ZN_JyHz.js
static.xx.fbcdn.net/rsrc.php/v3iqES4/yn/l/en_US/ |
49 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JopZtdti8dq.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rOuGauB8Oni.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ |
1 KB 716 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
referer_frame.php
www.facebooksecure.net/intern/common/ Frame C4AA |
1 KB 812 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Frame C4AA |
43 B 826 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
bz
www.facebooksecure.net/ajax/ |
1 KB 955 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
www.facebooksecure.net/ajax/ |
1 KB 773 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
/
www.facebooksecure.net/ajax/webstorage/process_keys/ |
1 KB 746 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| do_ function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| onunloadhooks object| onleavehooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| onafterunloadhooks object| PageTransitions boolean| domready boolean| loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs.atdmt.com
cx.atdmt.com
facebook.com
static.xx.fbcdn.net
www.facebooksecure.net
143.198.210.251
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f11c:8183:face:b00c:0:25de
039864afca07da8d73d1784005808361e1db646a9efe8c67eabf6e706fc78922
0f90ce92f6d627a995bf0300ac429ace9c65072877367d8bd8e5bc2052ceae93
1a9cbf5055e21e1265930f9b79bdf824c8ff6b7522a8cff4294a13eeaabb5b1a
2225bf20b735d53a21accefcd5a904bc4c7ed01a117a8c67647d1cb459f4dbdb
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
27b8c5b51ad2ea06ac291c92a9d32db3aeccb812eee1825cef40c306ea1f4a18
2fc1677e27ac157fc1de6300d7bf8a45a5d83c020f9ab382249065392407761f
36201700a70565a797d7876b77e901d9488db97d5bc15fb8a128a15e4f9b09bf
3d557f8408c7bcb3b19c0b790f6fbdbbaa480e6f8149b538c3d2fed2d229ccd6
420b82efdf45a9af872c174d92343153a7ff9538928db3bd658b87a6402948fb
4ca4273017e6589ae5e8a9866db11b4c8a81a98c6327cfed5c799518734264ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56d3e92eb6adddeb7aee26043bf3c42ffae9293f9665c971a9ba720fd0d51321
598a7758d8703f74667b2f0c25b3f4061eeafc4c3ab68570ba8e43948bb63426
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
5f8d7170173e418cd0ffdae1571b2ece82a837dfa4cbc82252fe5ee7c65b3351
70d4c8fc95b2302210122e8abb16b9aec6b8ce00312b93ec90dfcbde8a343cda
79c341b58910c1a64ab0cf145397749b87e2562ad8b55f78e90ed9e696ae2e60
815da8ca91ab4cd79b96da5b44864d5deada001a1d20b20861bafe19aedf1faa
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
9284c06c5ab82717e6b1a214363e0fe83785a926d2f123e582211389d1940d45
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
a5936c2fba62f37df5373aba3800425e4d5f540556f8bd7f909228df4030841d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af279c8040a8980b491b294fb5b3de1276317ebac6915106f78cc276784dbead
b8bb41fef146014af6fb47d49139028392b1e21d447253dfeb91e7b9bab75e5f
c7e692ca2b85ba575f96bf5966479dd259a253c34178d3a82590427a2acdef6b
c836af63b37eac4eaf56b5a973793fe39d307c1febb1edddc209edb1dbc5a7bb
dc04d48a7cd028e4ad1de869162384a24e9cf7e5a5d9fdce4489e1536f6cfa37
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
f778e711c259bcdb0a712722fb003a7e589fca0504e6d4775176513e4578c14a