facebook.lws.be Open in urlscan Pro
54.36.165.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://facebook.lws.be/
Effective URL:
https://facebook.lws.be/login
Submission Tags: @phishunt_io
Submission: On April 28 via api (April 28th 2023, 6:25:35 pm UTC) from DE — Scanned from FR

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 54.36.165.64, located in France and belongs to OVH, FR. The main domain is facebook.lws.be.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time facebook.lws.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	54.36.165.64 54.36.165.64		16276 (OVH) (OVH)
11	1

12 54.36.165.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: mars.lws-servers.be

facebook.lws.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	lws.be 1 redirects facebook.lws.be	2 MB
11	1

	Domain	Requested by
12	facebook.lws.be	1 redirects facebook.lws.be
11	1

This site contains no links.

Subject Issuer	Validity	Valid
facebook.lws.be R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://facebook.lws.be/login
Frame ID: 24DB84EF62E342BB1F0CB247BDA8D28A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Campagnes Facebook LWS

Page URL History Show full URLs

https://facebook.lws.be/ HTTP 302
https://facebook.lws.be/login Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2410 kB
Transfer

7240 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://facebook.lws.be/ HTTP 302
https://facebook.lws.be/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response facebook.lws.be/ Redirect Chain https://facebook.lws.be/ https://facebook.lws.be/login	87 KB 18 KB	44ms 43ms	Document text/html	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13 PleskLin Resource Hash `6469621fa6635435395a0336be67ba0aa095226c39173a33d9282a5631524310` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers accept-ranges none content-encoding gzip content-type text/html; charset=utf-8 date Fri, 28 Apr 2023 18:25:29 GMT etag "15c4d-2v0VBS3yWtTYukFBUsXDZpoJYjo" server nginx status 200 OK vary Accept-Encoding x-powered-by Phusion Passenger(R) 6.0.13 PleskLin Redirect headers content-length 0 date Fri, 28 Apr 2023 18:25:29 GMT location /login server nginx status 302 Found x-powered-by Phusion Passenger(R) 6.0.13 PleskLin
GET H2	200	e5ab655.js Show response facebook.lws.be/_nuxt/	4 KB 3 KB	36ms 34ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/e5ab655.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `afe0fc98c17be886ec7134fbfafe540812581867022e8d2d76650b6d85a818a7` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"11ae-18726fa75fc" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	079da41.js Show response facebook.lws.be/_nuxt/	303 KB 105 KB	37ms 35ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/079da41.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `ce784b55fd09bc6f178fea7c6b380f91db10d6f47484f9d8ee508b4cf1075e43` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"4bd49-18726fa75ec" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	2276b81.js Show response facebook.lws.be/_nuxt/	5 MB 2 MB	53ms 52ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/2276b81.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `02237593672a643b8526802a9cd3c6832d46dc33c66d91bcd5943d2d175540d1` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"49287d-18726fa75fc" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	5c7216e.js Show response facebook.lws.be/_nuxt/	236 KB 44 KB	54ms 53ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/5c7216e.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `75fc3aeed5827c296c435be1fd085228746efd46a2ab1fad023c6731d8fa440c` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"3ae38-18726fa75ec" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	175057f.js Show response facebook.lws.be/_nuxt/	6 KB 2 KB	52ms 51ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/175057f.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `e4da53d2b9fb338a2576f0b24efe4ff08fcee3ab7debf7be9b02e89a6429b375` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"16a8-18726fa75f0" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	fond_texture.a2ba62d.svg facebook.lws.be/_nuxt/img/	2 MB 648 KB	49ms 49ms	Image image/svg+xml	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.lws.be/_nuxt/img/fond_texture.a2ba62d.svg Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `1b8e40a9f421b3f53dc8e0492a1a23de0aa0a9bd1bf1b311914103e6d961cacf` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"1d3229-18726fa75e4" vary Accept-Encoding content-type image/svg+xml status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	Poppins-400-latin9.5b8f3ba.woff2 facebook.lws.be/_nuxt/fonts/	8 KB 8 KB	46ms 46ms	Font font/woff2	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/fonts/Poppins-400-latin9.5b8f3ba.woff2 Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c` Request headers Referer https://facebook.lws.be/login Origin https://facebook.lws.be accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:29 GMT last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"1edc-18726fa75e8" content-type font/woff2 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes content-length 7900
GET H2	200	Poppins-700-latin15.9690ce6.woff2 facebook.lws.be/_nuxt/fonts/	8 KB 8 KB	28ms 28ms	Font font/woff2	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/fonts/Poppins-700-latin15.9690ce6.woff2 Requested by Host: facebook.lws.be URL: https://facebook.lws.be/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f` Request headers Referer https://facebook.lws.be/login Origin https://facebook.lws.be accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:30 GMT last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"1e98-18726fa75e8" content-type font/woff2 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes content-length 7832
GET H2	200	2a00fd9.js Show response facebook.lws.be/_nuxt/	15 KB 4 KB	30ms 29ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/2a00fd9.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/_nuxt/e5ab655.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `d80c062e13de27dd1b5e8c4c43f0e946219d538000b226ddea17773af3c2fd5c` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:30 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"3bd8-18726fa75e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	963c0bc.js Show response facebook.lws.be/_nuxt/	23 KB 5 KB	31ms 30ms	Script application/javascript	54.36.165.64 OVH
General Check archive.org Show headers Download Go to Full URL https://facebook.lws.be/_nuxt/963c0bc.js Requested by Host: facebook.lws.be URL: https://facebook.lws.be/_nuxt/e5ab655.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.36.165.64 , France, ASN16276 (OVH, FR), Reverse DNS mars.lws-servers.be Software nginx / Phusion Passenger(R) 6.0.13, PleskLin Resource Hash `f43b8a5fc9266393ddaf82420b3e2a53d1fa2bea05e7cf26b32941d79de93627` Request headers accept-language fr-FR,fr;q=0.9 Referer https://facebook.lws.be/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 18:25:30 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 06:49:21 GMT server nginx x-powered-by Phusion Passenger(R) 6.0.13, PleskLin etag W/"5a47-18726fa75f0" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 OK cache-control public, max-age=31536000 accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			facebook.lws.be/	1969-12-31 23:59:59	Name: auth.redirect Value: %2F
			facebook.lws.be/	1969-12-31 23:59:59	Name: auth.strategy Value: laravelSanctum

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.lws.be
54.36.165.64
02237593672a643b8526802a9cd3c6832d46dc33c66d91bcd5943d2d175540d1
1b8e40a9f421b3f53dc8e0492a1a23de0aa0a9bd1bf1b311914103e6d961cacf
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
6469621fa6635435395a0336be67ba0aa095226c39173a33d9282a5631524310
75fc3aeed5827c296c435be1fd085228746efd46a2ab1fad023c6731d8fa440c
afe0fc98c17be886ec7134fbfafe540812581867022e8d2d76650b6d85a818a7
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
ce784b55fd09bc6f178fea7c6b380f91db10d6f47484f9d8ee508b4cf1075e43
d80c062e13de27dd1b5e8c4c43f0e946219d538000b226ddea17773af3c2fd5c
e4da53d2b9fb338a2576f0b24efe4ff08fcee3ab7debf7be9b02e89a6429b375
f43b8a5fc9266393ddaf82420b3e2a53d1fa2bea05e7cf26b32941d79de93627

facebook.lws.be Open in urlscan Pro 54.36.165.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2410 kBTransfer

7240 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

Indicators

facebook.lws.be Open in urlscan Pro
54.36.165.64 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2410 kB
Transfer

7240 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions