facebook.diendanviet.pro
Open in
urlscan Pro
171.244.141.150
Malicious Activity!
Public Scan
Submission: On July 03 via manual from TW
Summary
This is the only time facebook.diendanviet.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 171.244.141.150 171.244.141.150 | 7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group) | |
14 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
16 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
fbcdn.net
static.xx.fbcdn.net |
270 KB |
1 |
facebook.com
facebook.com |
821 B |
1 |
diendanviet.pro
facebook.diendanviet.pro |
120 KB |
16 | 3 |
Domain | Requested by | |
---|---|---|
14 | static.xx.fbcdn.net |
facebook.diendanviet.pro
static.xx.fbcdn.net |
1 | facebook.com |
facebook.diendanviet.pro
|
1 | facebook.diendanviet.pro | |
16 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://facebook.diendanviet.pro/
Frame ID: 717A8DAFA70B0DA4834844FE226F0C5B
Requests: 16 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
facebook.diendanviet.pro/ |
120 KB 120 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DBr232uOsL1.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ |
66 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8sFQ8NV83sN.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DyFl8tytnIn.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
224 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hsts-pixel.gif
facebook.com/security/ |
43 B 821 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zOWulUELJ2-.png
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rw1qoosIWuV.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ |
91 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dRU-JLuxSok.js
static.xx.fbcdn.net/rsrc.php/v3i0sz4/yh/l/vi_VN/ |
64 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nZCMFT1Zim1.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ |
46 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caVzLa4VSnJ.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
79 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Z-CoqJSGpRp.js
static.xx.fbcdn.net/rsrc.php/v3iANy4/yx/l/vi_VN/ |
104 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saWsRxax7we.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ |
36 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QoXyxvCWMG9.js
static.xx.fbcdn.net/rsrc.php/v3iUIV4/yk/l/vi_VN/ |
95 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jrRA8_UjexI.js
static.xx.fbcdn.net/rsrc.php/v3iEGY4/yO/l/vi_VN/ |
51 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xRMhw39dlz7.js
static.xx.fbcdn.net/rsrc.php/v3iC9q4/yx/l/vi_VN/ |
38 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6KqFq7q8hV0.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| envFlush object| Env number| __DEV__ undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer object| ErrorGuard object| ErrorUtils function| CavalryLogger function| __updateOrientation object| TimeSlice function| ProfilingCounters function| __bpe function| now_inl object| bigPipe object| MAjaxify string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
facebook.diendanviet.pro
static.xx.fbcdn.net
171.244.141.150
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
01d1037ab746e9a8d7c82568f891b53cc77caf2c9651b0dde4c1b031340f0686
2b88440bb6abdf448e8ac6c269056b487fb65a06e3c7e32c7793ec66c9f926ee
3462af6c03a2a0af90a466b4df7fd0ec149c83f16d26a4541b2b7defd765e80a
3e19ca05e96da388eb2344c6c92e9812379306e4cbf8096e230eb3cebeb5b849
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b385bd3c8695f31327bbaebf9c6d5a0d5bda5fc2fddab9e9d5fe129bfb0e224
5d7cd46dff6f84f920176ab74ca45acd981422002e4e5365fa1a1d97c8377f05
6d5679e2bb7991c2d80ef4236571205ce6ee8fa48639baa318066e77a8e3c1d3
993c62dde7cf5b6e9cebf735d82d1172ab43e46aa7306c8597323bcaa1bac08e
9a278fd661172e9ab3f97c1519871c985aeef9ab31f8e54358340d8a533b0280
bc6fe0db4ca12157869840414bf1a7151b1f19912ac429ce3f9224cb31c71b96
c393420669e26da3fb86216eafda67b27f6a822ac00f3439b4eed0f40a1f93d0
c487d1ac438a4d709bce046cd2f3d10877da5a47a282c5e28968737e9bb39213
dc91fdc7d292e48014c050be5f322e0d5b1a000326a6b120cf5b7df39fd9132c
ed1311be3909b4207aa931a4de77d04175303c08264cfa50bd7bba24cfc81b98
f660102adfdff01b4e0ef6ab6263b4cdad3d215f16fa7be744ec1dafa203430b