wgqbmvwf.com
Open in
urlscan Pro
47.74.233.115
Malicious Activity!
Public Scan
Submission: On September 19 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 24th 2019. Valid for: 3 months.
This is the only time wgqbmvwf.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 47.74.233.115 47.74.233.115 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
25 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 116.211.183.234 116.211.183.234 | 58563 (CHINATELE...) (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network) | |
1 | 2401:b180:200... 2401:b180:2000:20::23 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
1 | 47.88.68.21 47.88.68.21 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
32 | 7 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
wgqbmvwf.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com |
ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
s22.cnzz.com | |
c.cnzz.com |
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z1.cnzz.com |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
cnzz.mmstat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
fbcdn.net
static.xx.fbcdn.net |
754 KB |
3 |
cnzz.com
s22.cnzz.com c.cnzz.com z1.cnzz.com |
5 KB |
2 |
wgqbmvwf.com
wgqbmvwf.com |
25 KB |
1 |
mmstat.com
cnzz.mmstat.com |
265 B |
1 |
facebook.com
facebook.com |
230 B |
32 | 5 |
Domain | Requested by | |
---|---|---|
25 | static.xx.fbcdn.net |
wgqbmvwf.com
static.xx.fbcdn.net |
2 | wgqbmvwf.com |
static.xx.fbcdn.net
|
1 | cnzz.mmstat.com |
wgqbmvwf.com
|
1 | z1.cnzz.com |
wgqbmvwf.com
|
1 | c.cnzz.com |
s22.cnzz.com
|
1 | s22.cnzz.com |
wgqbmvwf.com
|
1 | facebook.com |
wgqbmvwf.com
|
32 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wgqbmvwf.com Let's Encrypt Authority X3 |
2019-07-24 - 2019-10-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-08-24 - 2019-10-19 |
2 months | crt.sh |
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-03-05 - 2020-03-05 |
a year | crt.sh |
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-07-29 - 2020-07-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wgqbmvwf.com/onlinebanking
Frame ID: 7CF36C99D3AC99DD31BD6895D3697749
Requests: 33 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Frysk
Search URL Search Domain Scan URL
Title: Polski
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Ontwikkelaars
Search URL Search Domain Scan URL
Title: 站长统计
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
onlinebanking
wgqbmvwf.com/ |
77 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4LlFGPxQEgG.css
static.xx.fbcdn.net/rsrc.php/v3/yJ/l/0,cross/ |
232 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HgmK_Qlndck.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ |
164 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64L4C-HEi_a.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ |
120 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4_GmTmvMBbg.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qJzM0JI0EZQ.css
static.xx.fbcdn.net/rsrc.php/v3/y6/l/0,cross/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdZoK9YH1aO.css
static.xx.fbcdn.net/rsrc.php/v3/yR/l/0,cross/ |
1 KB 652 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BtXFQ4wwOkX.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ |
97 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
X3__MTY1RA-.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ |
301 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60JI1f78YGV.png
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ |
96 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O7qJToqZMY4.png
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A2lup9tspNF.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z_stat.php
s22.cnzz.com/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
G3JzbC6rLRJ.js
static.xx.fbcdn.net/rsrc.php/v3iCFd4/yV/l/nl_NL/ |
2 MB 280 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.php
c.cnzz.com/ |
969 B 875 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stat.htm
z1.cnzz.com/ |
2 B 112 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9.gif
cnzz.mmstat.com/ |
43 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g0nzFWWvI6L.js
static.xx.fbcdn.net/rsrc.php/v3io1T4/yA/l/nl_NL/ |
34 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d5jcLbM8fi6.js
static.xx.fbcdn.net/rsrc.php/v3ioBv4/yo/l/nl_NL/ |
97 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cbtlEGBAJ1O.js
static.xx.fbcdn.net/rsrc.php/v3ig1H4/yL/l/nl_NL/ |
71 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c84hphJBDj7.js
static.xx.fbcdn.net/rsrc.php/v3iIZM4/yW/l/nl_NL/ |
36 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6ImkOzfXgIO.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
14 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7WzXRVeeyVK.js
static.xx.fbcdn.net/rsrc.php/v3iYFr4/yA/l/nl_NL/ |
151 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
X-XLu4PnYYc.js
static.xx.fbcdn.net/rsrc.php/v3ikYV4/yw/l/nl_NL/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2hXvJyXSAln.js
static.xx.fbcdn.net/rsrc.php/v3i5jq4/yW/l/nl_NL/ |
52 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i2cEbJ69GFD.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ |
19 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ifJBNsbe5GE.js
static.xx.fbcdn.net/rsrc.php/v3i6fY4/yY/l/nl_NL/ |
37 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4WgC_pJT9B.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WrayBk0ZtZK.js
static.xx.fbcdn.net/rsrc.php/v3i89k4/yP/l/nl_NL/ |
43 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 219 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
wgqbmvwf.com/ajax/ |
0 326 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| Arbiter object| JSCC function| $ function| ge object| Parent function| ProfilingCounters object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| wait_for_load function| goURI object| Bootloader function| $E object| domreadyhooks object| onloadhooks string| _script_path object| bigPipe object| onafterunloadhooks object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1262857254 object| cnzz_image_814458037 object| cnzz_image_578311754 object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded function| AsyncRequest object| onbeforeunloadhooks object| onunloadhooks function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| onleavehooks object| PageTransitions boolean| domready boolean| loaded object| SnappyJS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wgqbmvwf.com/ | Name: wd Value: 1600x1200 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.cnzz.com
cnzz.mmstat.com
facebook.com
s22.cnzz.com
static.xx.fbcdn.net
wgqbmvwf.com
z1.cnzz.com
116.211.183.234
2401:b180:2000:20::23
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
47.74.233.115
47.88.68.21
029565f0967840387dbe6dac3d79c5743f753d0e304142d0222c257b1765cd90
0873a6df2c8d9ad529f7719ffb3ebe1323a9379bb9cf0911a52c02c658c6c556
1a12e6a8e2132a578100719cc4ada883277bbe27c761203ac4ad70380840891e
1a87dbb2c79a199f11eaab049d0c970fd86e5d6e156188eb06ab1c6265424305
1b11d574963fdce7c13aab1ae63b80f45adb0a5b197a59f4e41293d0465c1eea
26302a362c3ae801af0c5b1fb7f52ac6aa3dd803ddb1dbe135b9ff87a684c321
3322b836433167c720b253e39edb27521b0886599c18111ec6de3f2c99080cbb
36dcbe964da937494d4d701f18276b30f660c8b119a389130f2e05ad281bd382
39b879ce68c65043b2577ce18851c55976c3904e8461465e3f3a6009b5a733bf
3b00d4dad66dacc48191a429bdb6c1e4cf174d4d3d0a451176a69252675aa426
3e200417148af6ff146df585319ea21600d6556a580d21f005cf572941fb50a8
3ff132a48e44dd797d27fd75ec74eeb2a52b348abd72a268cdea271b21698e21
43359aeda8272cc2b154732f10fa2d3a59135bdf408ec66e2f5cde9f955245b2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
5e73d213e5aacfabde38e7f5074f711559282750d0cc97db96cba0a8e1c62388
686889929d9b5dd9dff04db737da53ed450f9503e244a3fc1726fa446deab01c
69fb263fdfff128d4338ed23fa41e0945032a3de67e951fa48e6ffebf4adb632
83a6104fb8afd9def34b28ecfdddbee2f2439e937937261c2f3ac7b0e119068d
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
989e0063feb05a22609809894cfdc6dea3449265af110769d924d095ae7a25c0
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
b5b071b50dfed32b08740dadb82913ab44f940c0e4c4f4ea97588ad950ff7987
ce4a27f9479ff340e7179a46bc0583a99e305336d62dedac910dc4f0316e245e
ce65c0bed95c08de9efccb51cbbc50ba923a500d9b427a2e186b1fa57288adf2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4155da2cd32d22c1bce332c2283028fd41e599cd73033c3795f6eb9cf105fd3
d6a71dee5e62afedd0fae2f2fe3daa26ff12a079fa00535014f82a7001bb211d
e13673ed8da1215c0abb45d8244ed0c25b05119b9ad605e6224fe35b38d88b7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85e9150fb94aa353bc64588d1ed8137e79587894763d706a231c621646b7598
fb144b41f0abcf9d45ed123d7003bdc21da29f406c0a643d37ef43927443ceb8